search

auth0 / java-jwt

Java implementation of JSON Web Token (JWT)
MIT License
5.85k stars 922 forks source link

Android Crash: Fatal Exception: java.lang.NoClassDefFoundError Failed resolution of: Ljava/util/Base64; #598

Closed MTayyabSarfraz closed 2 years ago

MTayyabSarfraz commented 2 years ago

Problem:

The app is crashing on some Rooted devices while working for most, crash logs are as follows:

Fatal Exception: java.lang.NoClassDefFoundError
Failed resolution of: Ljava/util/Base64;
Fatal Exception: java.lang.NoClassDefFoundError: Failed resolution of: Ljava/util/Base64;
       at com.auth0.jwt.JWTCreator.sign(JWTCreator.java)
       at com.auth0.jwt.JWTCreator.access$100(JWTCreator.java)
       at com.auth0.jwt.JWTCreator$Builder.sign(JWTCreator.java)
       at com.antiquelogic.crickslab.Application.AppController.initFuscia(AppController.java)
       at com.antiquelogic.crickslab.Application.AppController$1.onResponse(AppController.java)
       at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java)
       at android.os.Handler.handleCallback(Handler.java:739)
       at android.os.Handler.dispatchMessage(Handler.java:95)
       at android.os.Looper.loop(Looper.java:148)
       at android.app.ActivityThread.main(ActivityThread.java:7406)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)

also

Caused by java.lang.ClassNotFoundException: Didn't find class "java.util.Base64" on path: DexPathList[[zip file "/data/app/com.antiquelogic.crickslab-1/base.apk", zip file "/data/app/com.antiquelogic.crickslab-1/split_config.en.apk", zip file "/data/app/com.antiquelogic.crickslab-1/split_config.hdpi.apk"],nativeLibraryDirectories=[/data/app/com.antiquelogic.crickslab-1/lib/arm, /vendor/lib, /system/lib]]
       at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:511)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:469)
       at com.auth0.jwt.JWTCreator.sign(JWTCreator.java)
       at com.auth0.jwt.JWTCreator.access$100(JWTCreator.java)
       at com.auth0.jwt.JWTCreator$Builder.sign(JWTCreator.java)
       at com.antiquelogic.crickslab.Application.AppController.initFuscia(AppController.java)
       at com.antiquelogic.crickslab.Application.AppController$1.onResponse(AppController.java)
       at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java)
       at android.os.Handler.handleCallback(Handler.java:739)
       at android.os.Handler.dispatchMessage(Handler.java:95)
       at android.os.Looper.loop(Looper.java:148)
       at android.app.ActivityThread.main(ActivityThread.java:7406)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)

Reproduction

Since crash is happening on some of clients' devices, I'm not able to reproduce on any of my devices but had attached detailed Logs from firebase

Environment

  1. I'm using 'com.auth0:java-jwt:3.19.2' version
  2. Min supported SDK is API 20
  3. Advance log indicates 57% of devices were rooted and 89% were in the background (if that may help)
  4. JavaVersion.VERSION_11

I have looked into related issues tagged android: and found some of your responses that goes: "this library is not for Android", whereas I've discovered, that most android users are using this library for JWT generation. and your library also provides the documentation for the Android implementation of JWT. so, I found both things contradicting, Is there a permanent solution for that? (Supporting Android)

Root Cause

The root cause I've understood from several issues mentioned in this repo and from SO link here is JAVA run time can't find the package java.util.Base64 that is true as android contains android.util.Base64.

So, what I am looking for is a better approach to this issue rather than a workaround if possible!

End Note:

thanks for all the wonderful work and your efforts. Cheers!

poovamraj commented 2 years ago

Hi @MTayyabSarfraz, as mentioned in the README, the best solution to be used for Android would be our JWTDecode.Android library. Hope this helps!

MTayyabSarfraz commented 2 years ago

@poovamraj

Hi @MTayyabSarfraz, as mentioned in the README, the best solution to be used for Android would be our JWTDecode.Android library. Hope this helps!

isn't this JWTDecode.Android library for verifying/decoding Already created JWT. in my case, I'm generating JWT on the client side(irrespective of insecurity, as for now it serves our purpose!)!

poovamraj commented 2 years ago

and your library also provides the documentation for the Android implementation of JWT.

Can you point to this doc @MTayyabSarfraz, it might need some updating

I don't think we will support the Android platform in this SDK since it is for backend environments.