Conversation
https://github.com/jwtk/jjwt ---- Additionally added a inner class to the User.java for data that is allowed to be shared publicly (aka send back to the user).
MaximilianRau04
left a comment
MaximilianRau04
left a comment
There was a problem hiding this comment.
SECRET_KEY is injected by Spring after object construction via @value("${jwt.secret}").
This means that when the JwtParser is initialized at field level, SECRET_KEY is still null, causing getSigningKey() to be called with null, leading to a potential NullPointerException.
Consider initializing the parser lazily (e.g., in a getter) or inside a @PostConstruct method after the secret has been set.
| private JwtParser parser = Jwts.parser() | ||
| .verifyWith(getSigningKey()) | ||
| .build(); | ||
|
|
There was a problem hiding this comment.
SECRET_KEY is injected by Spring after object construction via @value("${jwt.secret}").
This means that when the JwtParser is initialized at field level, SECRET_KEY is still null, causing getSigningKey() to be called with null, leading to a potential NullPointerException.
Consider initializing the parser lazily (e.g., in a getter) or inside a @PostConstruct method after the secret has been set.
3 participants
I implemented a basic springboot json web token handler class, that is based on the newest version(0.13.0) of the io.jsonwebtoken api. This was fully built without the help of AI.