JJWT library and handle expiration ExpiredJWTException

user8920693 picture user8920693 · Mar 3, 2018 · Viewed 13.7k times · Source

The problem is that my application throws an exception when the token expires and I can't catch that exception. I want to catch that exception and do another thing. Tried commenting exception statement on catch block but no progress.

Exception:

 **03-Mar-2018 18:32:16.941 SEVERE [http-nio-1234-exec-26]                          org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service()
 for servlet [Jersey Web Application] in context with path [/uis] threw
 exception [io.jsonwebtoken.ExpiredJwtException: JWT expired at
 2018-03-03T18:32:03Z. Current time: 2018-03-03T18:32:16Z, a difference
 of 13940 milliseconds.  Allowed clock skew: 0 milliseconds.] with root
 cause  io.jsonwebtoken.ExpiredJwtException: JWT expired at
 2018-03-03T18:32:03Z. Current time: 2018-03-03T18:32:16Z, a difference
 of 13940 milliseconds.  Allowed clock skew: 0 milliseconds.    at
 io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:385)
    at
 io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:481)
    at
 io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:541)
    at az.naxtel.java.JWTController.isValid(JWTController.java:53)  at
 az.naxtel.java.JWTController.getManagerFromToken(JWTController.java:37)
    at
 az.naxtel.api.cc.resource.RedmineJournalResource.getJournalsCount(RedmineJournalResource.java:59)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)  at
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)     at
 org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:76)
    at
 org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:148)
    at
 org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:191)
    at
 org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:200)
    at
 org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:103)
    at
 org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:493)
    at
 org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:415)
    at
 org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:104)
    at
 org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:277)
    at org.glassfish.jersey.internal.Errors$1.call(Errors.java:272)     at
 org.glassfish.jersey.internal.Errors$1.call(Errors.java:268)   at
 org.glassfish.jersey.internal.Errors.process(Errors.java:316)  at
 org.glassfish.jersey.internal.Errors.process(Errors.java:298)  at
 org.glassfish.jersey.internal.Errors.process(Errors.java:268)  at
 org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:289)
    at
 org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:256)
    at
 org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:703)
    at
 org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:416)
    at
 org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:370)
    at
 org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:389)
    at
 org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:342)
    at
 org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:229)
    at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at
 org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at
 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
    at
 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at
 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
    at
 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
    at
 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
    at
 org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
    at
 org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
    at
 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
    at
 org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
    at
 org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at
 org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
    at
 org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
    at
 org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at
 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at
 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at
 org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:748)**

Checking token:

    private boolean isValid(String token) {
    boolean validation = false;
    try {
        Jwts.parser().setSigningKey(PRIVATE_KEY).parseClaimsJws(token).getBody().getSubject();
        validation = true;
    } catch (SignatureException e) {
        Logger.getLogger(JWTController.class.getName()).log(Level.ERROR, e);
    }
    return validation;
}

Answer

tryingToLearn picture tryingToLearn · Mar 3, 2018

It's because you are not catching the relevant exception.

Change your code by adding the following catch (ExpiredJwtException e) declaration:

Try this:

try {
    Jwts.parser().setSigningKey(PRIVATE_KEY).parseClaimsJws(token).getBody().getSubject();
    validation = true;
} catch (ExpiredJwtException e) {
    System.out.println(" Token expired ");
} catch (SignatureException e) {
    Logger.getLogger(JWTController.class.getName()).log(Level.ERROR, e);
} catch(Exception e){
    System.out.println(" Some other exception in JWT parsing ");
}