diff --git a/ballerina-tests/http-interceptor-tests/Ballerina.toml b/ballerina-tests/http-interceptor-tests/Ballerina.toml index 0a326c6adc..496a7c0b15 100644 --- a/ballerina-tests/http-interceptor-tests/Ballerina.toml +++ b/ballerina-tests/http-interceptor-tests/Ballerina.toml @@ -1,17 +1,17 @@ [package] org = "ballerina" name = "http_interceptor_tests" -version = "2.10.4" +version = "2.10.5" [[dependency]] org = "ballerina" name = "http_test_common" repository = "local" -version = "2.10.4" +version = "2.10.5" [platform.java17] graalvmCompatible = true [[platform.java17.dependency]] scope = "testOnly" -path = "../../test-utils/build/libs/http-test-utils-2.10.4.jar" +path = "../../test-utils/build/libs/http-test-utils-2.10.5-SNAPSHOT.jar" diff --git a/ballerina-tests/http-interceptor-tests/Dependencies.toml b/ballerina-tests/http-interceptor-tests/Dependencies.toml index 73259210ab..9255587af4 100644 --- a/ballerina-tests/http-interceptor-tests/Dependencies.toml +++ b/ballerina-tests/http-interceptor-tests/Dependencies.toml @@ -66,7 +66,7 @@ dependencies = [ [[package]] org = "ballerina" name = "http" -version = "2.10.4" +version = "2.10.5" scope = "testOnly" dependencies = [ {org = "ballerina", name = "auth"}, @@ -99,7 +99,7 @@ modules = [ [[package]] org = "ballerina" name = "http_interceptor_tests" -version = "2.10.4" +version = "2.10.5" dependencies = [ {org = "ballerina", name = "http"}, {org = "ballerina", name = "http_test_common"}, @@ -115,7 +115,7 @@ modules = [ [[package]] org = "ballerina" name = "http_test_common" -version = "2.10.4" +version = "2.10.5" scope = "testOnly" dependencies = [ {org = "ballerina", name = "lang.string"}, diff --git a/ballerina-tests/http-interceptor-tests/tests/interceptors_basic_tests.bal b/ballerina-tests/http-interceptor-tests/tests/interceptors_basic_tests.bal index d29c452f88..d3ce85c5a2 100644 --- a/ballerina-tests/http-interceptor-tests/tests/interceptors_basic_tests.bal +++ b/ballerina-tests/http-interceptor-tests/tests/interceptors_basic_tests.bal @@ -574,6 +574,7 @@ service http:InterceptableService /requestInterceptorJwtInformation on new http: @test:Config{} function testJwtInformationInRequestContext() returns error? { + reqCtxJwtValues = []; http:Client jwtClient = check new("https://localhost:" + jwtInformationInReqCtxtTestPort.toString(), secureSocket = { cert: common:CERT_FILE @@ -602,6 +603,19 @@ function testJwtInformationInRequestContext() returns error? { test:assertEquals(reqCtxJwtValues[1]["scp"], "admin"); } +@test:Config{} +function testEmptyJwtInformationInRequestContext() returns error? { + reqCtxJwtValues = []; + http:Client jwtClient = check new("https://localhost:" + jwtInformationInReqCtxtTestPort.toString(), + secureSocket = { + cert: common:CERT_FILE + }); + http:Response response = check jwtClient->get("/requestInterceptorJwtInformation", {"authorization": "Basic "}); + test:assertEquals(response.statusCode, 500); + check common:assertJsonErrorPayload(check response.getJsonPayload(), "no member found for key: JWT_INFORMATION", + "Internal Server Error", 500, "/requestInterceptorJwtInformation", "GET"); +} + @test:Config{} function testJwtInformationDecodeErrorInRequestContext() returns error? { http:Client jwtClient = check new("https://localhost:" + jwtInformationInReqCtxtTestPort.toString(), diff --git a/ballerina-tests/http-test-common/Ballerina.toml b/ballerina-tests/http-test-common/Ballerina.toml index a1cd6aa6cd..8a9e9b671f 100644 --- a/ballerina-tests/http-test-common/Ballerina.toml +++ b/ballerina-tests/http-test-common/Ballerina.toml @@ -1,4 +1,4 @@ [package] org = "ballerina" name = "http_test_common" -version = "2.10.4" +version = "2.10.5" diff --git a/ballerina-tests/http-test-common/Dependencies.toml b/ballerina-tests/http-test-common/Dependencies.toml index 810e229a31..d347a64fac 100644 --- a/ballerina-tests/http-test-common/Dependencies.toml +++ b/ballerina-tests/http-test-common/Dependencies.toml @@ -10,7 +10,7 @@ distribution-version = "2201.8.0" [[package]] org = "ballerina" name = "http_test_common" -version = "2.10.4" +version = "2.10.5" dependencies = [ {org = "ballerina", name = "lang.string"}, {org = "ballerina", name = "mime"}, diff --git a/ballerina/Ballerina.toml b/ballerina/Ballerina.toml index c0b542a51c..1a999b248b 100644 --- a/ballerina/Ballerina.toml +++ b/ballerina/Ballerina.toml @@ -1,7 +1,7 @@ [package] org = "ballerina" name = "http" -version = "2.10.4" +version = "2.10.5" authors = ["Ballerina"] keywords = ["http", "network", "service", "listener", "client"] repository = "https://github.com/ballerina-platform/module-ballerina-http" @@ -16,8 +16,8 @@ graalvmCompatible = true [[platform.java17.dependency]] groupId = "io.ballerina.stdlib" artifactId = "http-native" -version = "2.10.4" -path = "../native/build/libs/http-native-2.10.4.jar" +version = "2.10.5" +path = "../native/build/libs/http-native-2.10.5-SNAPSHOT.jar" [[platform.java17.dependency]] groupId = "io.ballerina.stdlib" diff --git a/ballerina/CompilerPlugin.toml b/ballerina/CompilerPlugin.toml index f281c204da..d169504d52 100644 --- a/ballerina/CompilerPlugin.toml +++ b/ballerina/CompilerPlugin.toml @@ -3,4 +3,4 @@ id = "http-compiler-plugin" class = "io.ballerina.stdlib.http.compiler.HttpCompilerPlugin" [[dependency]] -path = "../compiler-plugin/build/libs/http-compiler-plugin-2.10.4.jar" +path = "../compiler-plugin/build/libs/http-compiler-plugin-2.10.5-SNAPSHOT.jar" diff --git a/ballerina/Dependencies.toml b/ballerina/Dependencies.toml index f17306eb50..afcb80ecc4 100644 --- a/ballerina/Dependencies.toml +++ b/ballerina/Dependencies.toml @@ -76,7 +76,7 @@ modules = [ [[package]] org = "ballerina" name = "http" -version = "2.10.4" +version = "2.10.5" dependencies = [ {org = "ballerina", name = "auth"}, {org = "ballerina", name = "cache"}, diff --git a/changelog.md b/changelog.md index cbcddffc1e..07b11afcda 100644 --- a/changelog.md +++ b/changelog.md @@ -5,6 +5,11 @@ This file contains all the notable changes done to the Ballerina HTTP package th The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## Unreleased + +### Fixed +- [Fix `IndexOutOfBoundsException` when decoding jwt header](https://github.com/ballerina-platform/ballerina-library/issues/5856) + ## [2.10.4] - 2023-11-17 ### Fixed diff --git a/native/src/main/java/io/ballerina/stdlib/http/api/HttpDispatcher.java b/native/src/main/java/io/ballerina/stdlib/http/api/HttpDispatcher.java index 282c61c678..dba6f94b81 100644 --- a/native/src/main/java/io/ballerina/stdlib/http/api/HttpDispatcher.java +++ b/native/src/main/java/io/ballerina/stdlib/http/api/HttpDispatcher.java @@ -490,7 +490,10 @@ public void notifyFailure(BError bError) { } }; - String jwtValue = authHeader.split(WHITESPACE)[1]; + String[] splitValues = authHeader.split(WHITESPACE); + if (splitValues.length != 2) { + return null; + } runtime.invokeMethodAsyncSequentially( ValueCreator.createObjectValue(ModuleUtils.getHttpPackage(), JWT_DECODER_CLASS_NAME), JWT_DECODE_METHOD_NAME, @@ -499,7 +502,7 @@ public void notifyFailure(BError bError) { decodeCallback, null, PredefinedTypes.TYPE_ANY, - StringUtils.fromString(jwtValue), + StringUtils.fromString(splitValues[1]), true); try { countDownLatch.await();