Merge pull request #1823 from dilanSachi/improve-data-binding

Fix `IndexOutOfBoundsException` exception when decoding jwt header

ballerina-tests/http-interceptor-tests/Ballerina.toml

@@ -1,17 +1,17 @@
 [package]
 org = "ballerina"
 name = "http_interceptor_tests"
-version = "2.10.4"
+version = "2.10.5"
 
 [[dependency]]
 org = "ballerina"
 name = "http_test_common"
 repository = "local"
-version = "2.10.4"
+version = "2.10.5"
 
 [platform.java17]
 graalvmCompatible = true
 
 [[platform.java17.dependency]]
 scope = "testOnly"
-path = "../../test-utils/build/libs/http-test-utils-2.10.4.jar"
+path = "../../test-utils/build/libs/http-test-utils-2.10.5-SNAPSHOT.jar"

ballerina-tests/http-interceptor-tests/Dependencies.toml

@@ -66,7 +66,7 @@ dependencies = [
 [[package]]
 org = "ballerina"
 name = "http"
-version = "2.10.4"
+version = "2.10.5"
 scope = "testOnly"
 dependencies = [
 	{org = "ballerina", name = "auth"},
@@ -99,7 +99,7 @@ modules = [
 [[package]]
 org = "ballerina"
 name = "http_interceptor_tests"
-version = "2.10.4"
+version = "2.10.5"
 dependencies = [
 	{org = "ballerina", name = "http"},
 	{org = "ballerina", name = "http_test_common"},
@@ -115,7 +115,7 @@ modules = [
 [[package]]
 org = "ballerina"
 name = "http_test_common"
-version = "2.10.4"
+version = "2.10.5"
 scope = "testOnly"
 dependencies = [
 	{org = "ballerina", name = "lang.string"},

ballerina-tests/http-interceptor-tests/tests/interceptors_basic_tests.bal

@@ -574,6 +574,7 @@ service http:InterceptableService /requestInterceptorJwtInformation on new http:
 
 @test:Config{}
 function testJwtInformationInRequestContext() returns error? {
+    reqCtxJwtValues = [];
     http:Client jwtClient = check new("https://localhost:" + jwtInformationInReqCtxtTestPort.toString(),
     secureSocket = {
         cert: common:CERT_FILE
@@ -602,6 +603,19 @@ function testJwtInformationInRequestContext() returns error? {
     test:assertEquals(reqCtxJwtValues[1]["scp"], "admin");
 }
 
+@test:Config{}
+function testEmptyJwtInformationInRequestContext() returns error? {
+    reqCtxJwtValues = [];
+    http:Client jwtClient = check new("https://localhost:" + jwtInformationInReqCtxtTestPort.toString(),
+    secureSocket = {
+        cert: common:CERT_FILE
+    });
+    http:Response response = check jwtClient->get("/requestInterceptorJwtInformation", {"authorization": "Basic "});
+    test:assertEquals(response.statusCode, 500);
+    check common:assertJsonErrorPayload(check response.getJsonPayload(), "no member found for key: JWT_INFORMATION",
+        "Internal Server Error", 500, "/requestInterceptorJwtInformation", "GET");
+}
+
 @test:Config{}
 function testJwtInformationDecodeErrorInRequestContext() returns error? {
     http:Client jwtClient = check new("https://localhost:" + jwtInformationInReqCtxtTestPort.toString(),

ballerina-tests/http-test-common/Ballerina.toml

@@ -1,4 +1,4 @@
 [package]
 org = "ballerina"
 name = "http_test_common"
-version = "2.10.4"
+version = "2.10.5"

ballerina-tests/http-test-common/Dependencies.toml

@@ -10,7 +10,7 @@ distribution-version = "2201.8.0"
 [[package]]
 org = "ballerina"
 name = "http_test_common"
-version = "2.10.4"
+version = "2.10.5"
 dependencies = [
 	{org = "ballerina", name = "lang.string"},
 	{org = "ballerina", name = "mime"},

ballerina/Ballerina.toml

@@ -1,7 +1,7 @@
 [package]
 org = "ballerina"
 name = "http"
-version = "2.10.4"
+version = "2.10.5"
 authors = ["Ballerina"]
 keywords = ["http", "network", "service", "listener", "client"]
 repository = "https://github.com/ballerina-platform/module-ballerina-http"
@@ -16,8 +16,8 @@ graalvmCompatible = true
 [[platform.java17.dependency]]
 groupId = "io.ballerina.stdlib"
 artifactId = "http-native"
-version = "2.10.4"
-path = "../native/build/libs/http-native-2.10.4.jar"
+version = "2.10.5"
+path = "../native/build/libs/http-native-2.10.5-SNAPSHOT.jar"
 
 [[platform.java17.dependency]]
 groupId = "io.ballerina.stdlib"

ballerina/CompilerPlugin.toml

@@ -3,4 +3,4 @@ id = "http-compiler-plugin"
 class = "io.ballerina.stdlib.http.compiler.HttpCompilerPlugin"
 
 [[dependency]]
-path = "../compiler-plugin/build/libs/http-compiler-plugin-2.10.4.jar"
+path = "../compiler-plugin/build/libs/http-compiler-plugin-2.10.5-SNAPSHOT.jar"

ballerina/Dependencies.toml

@@ -76,7 +76,7 @@ modules = [
 [[package]]
 org = "ballerina"
 name = "http"
-version = "2.10.4"
+version = "2.10.5"
 dependencies = [
 	{org = "ballerina", name = "auth"},
 	{org = "ballerina", name = "cache"},

changelog.md

@@ -5,6 +5,11 @@ This file contains all the notable changes done to the Ballerina HTTP package th
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to 
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## Unreleased
+
+### Fixed
+- [Fix `IndexOutOfBoundsException` when decoding jwt header](https://github.com/ballerina-platform/ballerina-library/issues/5856)
+
 ## [2.10.4] - 2023-11-17
 
 ### Fixed

native/src/main/java/io/ballerina/stdlib/http/api/HttpDispatcher.java

@@ -490,7 +490,10 @@ public void notifyFailure(BError bError) {
             }
         };
 
-        String jwtValue = authHeader.split(WHITESPACE)[1];
+        String[] splitValues = authHeader.split(WHITESPACE);
+        if (splitValues.length != 2) {
+            return null;
+        }
         runtime.invokeMethodAsyncSequentially(
                 ValueCreator.createObjectValue(ModuleUtils.getHttpPackage(), JWT_DECODER_CLASS_NAME),
                 JWT_DECODE_METHOD_NAME,
@@ -499,7 +502,7 @@ public void notifyFailure(BError bError) {
                 decodeCallback,
                 null,
                 PredefinedTypes.TYPE_ANY,
-                StringUtils.fromString(jwtValue),
+                StringUtils.fromString(splitValues[1]),
                 true);
         try {
             countDownLatch.await();