@@ -595,43 +595,48 @@ private void verifySignature(final TokenizedJwt tokenized, final JwsHeader jwsHe
595595 Claims claims = null ;
596596 byte [] payloadBytes = payload .getBytes ();
597597 if (payload .isConsumable ()) {
598-
599- InputStream in = payload .toInputStream ();
600-
601- if (!hasContentType (header )) { // If there is a content type set, then the application using JJWT is expected
602- // to convert the byte payload themselves based on this content type
603- // https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 :
604- //
605- // "This parameter is ignored by JWS implementations; any processing of this
606- // parameter is performed by the JWS application."
607- //
608- Map <String , ?> claimsMap = null ;
609- try {
610- // if deserialization fails, we'll need to rewind to convert to a byte array. So if
611- // mark/reset isn't possible, we'll need to buffer:
612- if (!in .markSupported ()) {
613- in = new BufferedInputStream (in );
614- in .mark (0 );
615- }
616- claimsMap = deserialize (new UncloseableInputStream (in ) /* Don't close in case we need to rewind */ , "claims" );
617- } catch (DeserializationException | MalformedJwtException ignored ) { // not JSON, treat it as a byte[]
598+ InputStream in = null ;
599+ try {
600+ in = payload .toInputStream ();
601+
602+ if (!hasContentType (header )) { // If there is a content type set, then the application using JJWT is expected
603+ // to convert the byte payload themselves based on this content type
604+ // https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 :
605+ //
606+ // "This parameter is ignored by JWS implementations; any processing of this
607+ // parameter is performed by the JWS application."
608+ //
609+ Map <String , ?> claimsMap = null ;
610+ try {
611+ // if deserialization fails, we'll need to rewind to convert to a byte array. So if
612+ // mark/reset isn't possible, we'll need to buffer:
613+ if (!in .markSupported ()) {
614+ in = new BufferedInputStream (in );
615+ in .mark (0 );
616+ }
617+ claimsMap = deserialize (new UncloseableInputStream (in ) /* Don't close in case we need to rewind */ , "claims" );
618+ } catch (DeserializationException |
619+ MalformedJwtException ignored ) { // not JSON, treat it as a byte[]
618620// String msg = "Invalid claims: " + e.getMessage();
619621// throw new MalformedJwtException(msg, e);
620- } finally {
621- Streams .reset (in );
622- }
623- if (claimsMap != null ) {
624- try {
625- claims = new DefaultClaims (claimsMap );
626- } catch (Throwable t ) {
627- String msg = "Invalid claims: " + t .getMessage ();
628- throw new MalformedJwtException (msg );
622+ } finally {
623+ Streams .reset (in );
624+ }
625+ if (claimsMap != null ) {
626+ try {
627+ claims = new DefaultClaims (claimsMap );
628+ } catch (Throwable t ) {
629+ String msg = "Invalid claims: " + t .getMessage ();
630+ throw new MalformedJwtException (msg );
631+ }
629632 }
630633 }
631- }
632- if (claims == null ) {
633- // consumable, but not claims, so convert to byte array:
634- payloadBytes = Streams .bytes (in , "Unable to convert payload to byte array." );
634+ if (claims == null ) {
635+ // consumable, but not claims, so convert to byte array:
636+ payloadBytes = Streams .bytes (in , "Unable to convert payload to byte array." );
637+ }
638+ } finally {
639+ Objects .nullSafeClose (in );
635640 }
636641 }
637642
0 commit comments