Skip to content

Commit 994cc22

Browse files
sattvikcsattvikc
authored
fix: access token encoding issue (#793)
1 parent fffe9f4 commit 994cc22

File tree

4 files changed

+18
-10
lines changed

4 files changed

+18
-10
lines changed

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,10 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
77

88
## [unreleased]
99

10+
## [5.0.2] - 2023-09-07
11+
12+
- Fixed an encoding/decoding issue for certain access token payloads
13+
1014
## [5.0.1] - 2023-07-27
1115

1216
- Fixes issue with access token parsing for really old access tokens (v1 and v2 access tokens)

build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ compileTestJava { options.encoding = "UTF-8" }
1919
// }
2020
//}
2121

22-
version = "5.0.1"
22+
version = "5.0.2"
2323

2424

2525
repositories {

src/main/java/io/supertokens/utils/Utils.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@ public static String convertToBase64(String str) {
7676
}
7777

7878
public static String convertFromBase64(String str) {
79-
return new String(Base64.getDecoder().decode(stringToBytes(str)), StandardCharsets.UTF_8);
79+
return new String(Base64.getDecoder().decode(stringToBytes(str.replace("-", "+").replace("_", "/"))), StandardCharsets.UTF_8);
8080
}
8181

8282
public static String throwableStacktraceToString(Throwable e) {

src/test/java/io/supertokens/test/session/AccessTokenTest.java

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -251,7 +251,8 @@ public void inputOutputTest() throws Exception {
251251
EventAndException e = process.checkOrWaitForEvent(PROCESS_STATE.STARTED);
252252
assertNotNull(e);
253253
JsonObject jsonObj = new JsonObject();
254-
jsonObj.addProperty("key", "value");
254+
String testValue = "asdf???123";
255+
jsonObj.addProperty("key", testValue);
255256

256257
// db key
257258
long expiryTime = System.currentTimeMillis() + 1000;
@@ -263,7 +264,7 @@ public void inputOutputTest() throws Exception {
263264
assertEquals("userId", info.userId);
264265
assertEquals("refreshTokenHash1", info.refreshTokenHash1);
265266
assertEquals("parentRefreshTokenHash1", info.parentRefreshTokenHash1);
266-
assertEquals("value", info.userData.get("key").getAsString());
267+
assertEquals(testValue, info.userData.get("key").getAsString());
267268
assertEquals("antiCsrfToken", info.antiCsrfToken);
268269
assertEquals(expiryTime / 1000 * 1000, info.expiryTime);
269270

@@ -281,7 +282,8 @@ public void inputOutputTestStatic() throws Exception {
281282
EventAndException e = process.checkOrWaitForEvent(PROCESS_STATE.STARTED);
282283
assertNotNull(e);
283284
JsonObject jsonObj = new JsonObject();
284-
jsonObj.addProperty("key", "value");
285+
String testValue = "asdf???123";
286+
jsonObj.addProperty("key", testValue);
285287

286288
// db key
287289
long expiryTime = System.currentTimeMillis() + 1000;
@@ -293,7 +295,7 @@ public void inputOutputTestStatic() throws Exception {
293295
assertEquals("userId", info.userId);
294296
assertEquals("refreshTokenHash1", info.refreshTokenHash1);
295297
assertEquals("parentRefreshTokenHash1", info.parentRefreshTokenHash1);
296-
assertEquals("value", info.userData.get("key").getAsString());
298+
assertEquals(testValue, info.userData.get("key").getAsString());
297299
assertEquals("antiCsrfToken", info.antiCsrfToken);
298300
assertEquals(expiryTime / 1000 * 1000, info.expiryTime);
299301

@@ -310,7 +312,8 @@ public void inputOutputTestV2() throws Exception {
310312
EventAndException e = process.checkOrWaitForEvent(PROCESS_STATE.STARTED);
311313
assertNotNull(e);
312314
JsonObject jsonObj = new JsonObject();
313-
jsonObj.addProperty("key", "value");
315+
String testValue = "asdf???123";
316+
jsonObj.addProperty("key", testValue);
314317

315318
// db key
316319
long expiryTime = System.currentTimeMillis() + 1000;
@@ -322,7 +325,7 @@ public void inputOutputTestV2() throws Exception {
322325
assertEquals("userId", info.userId);
323326
assertEquals("refreshTokenHash1", info.refreshTokenHash1);
324327
assertEquals("parentRefreshTokenHash1", info.parentRefreshTokenHash1);
325-
assertEquals("value", info.userData.get("key").getAsString());
328+
assertEquals(testValue, info.userData.get("key").getAsString());
326329
assertEquals("antiCsrfToken", info.antiCsrfToken);
327330
assertEquals(expiryTime, info.expiryTime);
328331
process.kill();
@@ -337,7 +340,8 @@ public void inputOutputTestv1() throws InterruptedException, InvalidKeyException
337340
EventAndException e = process.checkOrWaitForEvent(PROCESS_STATE.STARTED);
338341
assertNotNull(e);
339342
JsonObject jsonObj = new JsonObject();
340-
jsonObj.addProperty("key", "value");
343+
String testValue = "asdf???123";
344+
jsonObj.addProperty("key", testValue);
341345

342346
// db key
343347
TokenInfo newToken = AccessToken.createNewAccessTokenV1(process.getProcess(), "sessionHandle", "userId",
@@ -347,7 +351,7 @@ public void inputOutputTestv1() throws InterruptedException, InvalidKeyException
347351
assertEquals("userId", info.userId);
348352
assertEquals("refreshTokenHash1", info.refreshTokenHash1);
349353
assertEquals("parentRefreshTokenHash1", info.parentRefreshTokenHash1);
350-
assertEquals("value", info.userData.get("key").getAsString());
354+
assertEquals(testValue, info.userData.get("key").getAsString());
351355
assertEquals("antiCsrfToken", info.antiCsrfToken);
352356
process.kill();
353357
}

0 commit comments

Comments
 (0)