Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

make JwtJson4s.parseClaim, JwtJson4s.parseHeader publicly accessible

See original GitHub issue


I am not able to use JwtJson4s.decode() without first getting the publicKey (since my signature is always non-empty). But in order to get the publicKey, my specific approach to using JWT involves looking up the publicKey from a database using the so-called kid header claim.

So, the process is:

  1. decode the claims
  2. check if the claims are expired (if not continue)
  3. decode the header
  4. get the kid from the decoded header
  5. select the corresponding publicKey from the database based on the kid
  6. using the publicKey, validate

This means I ended up copying and pasting the parse boilerplate of these protected methods, that way I didn’t need any key to decode the claims:

val parts = token.split("\\.")
val claims = JwtJson4s.readClaim(parse(JwtBase64.decodeString(parts(1))))
val keyId = extractString(parse(JwtBase64.decodeString(parts(0))), "kid").get

Would it be alright to make those methods publicly accessible for this fairly common use case? Or, could there be a decodeAll method that did not perform validate?

Here is the boilerplate used above that it would help to avoid:

protected def parse(value: String): JObject = jparse(value) match {
    case res: JObject => res
    case _ => throw new RuntimeException(s"Couldn't parse [$value] to a JObject")

  private def extractString(json: JObject, fieldName: String): Option[String] = (json \ fieldName) match {
    case JString(value) => Option(value)
    case JNull => None
    case JNothing => None
    case _ => throw new JwtNonStringException(fieldName)

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:6 (2 by maintainers)

github_iconTop GitHub Comments

pauldijoucommented, Mar 5, 2018

Sure, I can do that. I don’t think the error is related to the project itself btw.

pauldijoucommented, Mar 5, 2018

Done in 0.16.0

Read more comments on GitHub >

github_iconTop Results From Across the Web

JWT Scala: Json4s
libraryDependencies += "com.github.jwt-scala" %% "jwt-json4s-native" % "9.1.2" ... val token = JwtJson4s.encode(claim, key, algo) // token: String ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found