spring mvc - Authentication-Flows: java.lang.StringIndexOutOfBoundsException: String index out of range: -1 -


i'm refer project of ohadr, using spring security login , set new password email. link: 

authentication-flows: https://github.com/ohadr/authentication-flows

i have finished steps as:

1. create account 2. confirm account email 3. login sucess 4. change or set new password (this step happened exception)

but when input new password , confirm new password, received exception following as:

severe: servlet.service() servlet [action] in context path [] threw exception [request processing failed; nested exception java.lang.stringindexoutofboundsexception: string index out of range: -1] root cause  java.lang.stringindexoutofboundsexception: string index out of range: -1 @ java.lang.string.substring(unknown source) @ com.ohadr.web.crypto.service.cryptoservice.getdecodedstringfromencodedbased64string(cryptoservice.java:244) @ com.ohadr.web.crypto.service.cryptoservice.extractstringanddate(cryptoservice.java:107) @ com.ohadr.web.auth_flows.core.authenticationflowsprocessorimpl.handlesetnewpassword(authenticationflowsprocessorimpl.java:279) @ com.ohadr.web.auth_flows.web.useractioncontroller.setnewpassword(useractioncontroller.java:239) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source) @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source) @ java.lang.reflect.method.invoke(unknown source) @ org.springframework.web.method.support.invocablehandlermethod.doinvoke(invocablehandlermethod.java:222) @ org.springframework.web.method.support.invocablehandlermethod.invokeforrequest(invocablehandlermethod.java:137) @ org.springframework.web.servlet.mvc.method.annotation.servletinvocablehandlermethod.invokeandhandle(servletinvocablehandlermethod.java:110) @ org.springframework.web.servlet.mvc.method.annotation.requestmappinghandleradapter.invokehandlermethod(requestmappinghandleradapter.java:814) @ org.springframework.web.servlet.mvc.method.annotation.requestmappinghandleradapter.handleinternal(requestmappinghandleradapter.java:737) @ org.springframework.web.servlet.mvc.method.abstracthandlermethodadapter.handle(abstracthandlermethodadapter.java:85)

this scope code cause exception:

@override public string handlesetnewpassword(          string encuserandtimestamp,         string password,         string retypedpassword) throws authenticationflowsexception {     validateretypedpassword(password, retypedpassword);      immutablepair<date, string> stringanddate =     cryptoservice.extractstringanddate( encuserandtimestamp );      validateexpiration(stringanddate.getleft());      string email = stringanddate.getright();      //after validations, make work: validate password constraints, , update db:      //validate input:     authenticationpolicy settings = getauthenticationsettings();      validatepassword(password, settings);        string encodedpassword = encodestring(email, password);      // go db and: (1) update password, , (2) activate account:     setpassword(email, encodedpassword);      return email; }

set values debug: (updated) enter image description here

(updated)

get , set value when debug: value of link in email:

http://localhost:9999/rp?uts=ap0wgvpl56fiybmshhle5yh5pwekz/kwebja32ujpsxw

when click link, redirect url(set new password screen):

http://localhost:9999/login/setnewpassword.jsp?enc=ap0wgvpl56fiybmshhle5yh5pwekz/kwebja32ujpsxw

and input value in encuserandtimestamp parameter in debug

finally, received message error:

failed decrypt url content http://localhost:9999/login/setnewpassword.jsp?enc=ap0wgvpl56fiybmshhle5yh5pwekz/kwebja32ujpsxw

it seem url wrong !!

how fix exception, thank much!

you right; indeed bug (since 2014...)

https://github.com/ohadr/authentication-flows/issues/13

however though, i've try reproduce (forgot-password flow), , works fine! here link youtube, can see did...


Comments

Post a Comment

Popular posts from this blog

javascript - Clear button on addentry page doesn't work -

this addentry blog page have made scratch , there underlying problems code particularly clear button supposed clear text entered when button clicked on doesn't work have saved html file problem. also 1 other problem submit button works doesn't pass of text index file have written php , reason whenever click on submit button redirects me index page without posting entry have made. <!doctype html> <html> <head> <script> function message() { alert("clear form?"); } </script> <style> body {background-color: beige;} h1 {color: black;} p {color: black;} textarea { width: 50%; height: 150px; padding: 12px 20px; box-sizing: border-box; border: 2px solid #ccc; border-radius: 4px; background-color: white; font-size: 16px; resize: none; } div { padding-left: 20px; } </style> </head> <meta charset="utf-8"> <link rel="stylesheet" href="....
Read more

python - Error: Unresolved reference 'selenium' What is the reason? -

# -*- coding: utf-8 -*- selenium import selenium import unittest, time, re class rc(unittest.testcase): def setup(self): self.verificationerrors = [] self.selenium = selenium("localhost", 4444, "*chrome", "http://stackoverflow.com/") self.selenium.start() def test_rc(self): sel = self.selenium sel.open("/") sel.type("id=kw", "selenium") sel.click("id=container") sel.click("id=su") def teardown(self): self.selenium.stop() self.assertequal([], self.verificationerrors) if __name__ == "__main__": unittest.main() this recorded selenium ide, selenium remote control code. in ide test passed.   in pycharm open, first line ( from selenium import selenium ) there error: unresolved reference 'selenium' what reason? my environment is python3.5 selenium3.3.1 selenium-server-standalone-...
Read more

php - Need to store a large amount of data in session with CI 3 but on storing large data in session it is itself destorying automatically -

i working on large web application need database retrieved session instead of database. first time retrieving db , saving session onward calls of data going session. it handling data @ stage when got more data stored in session session got destroyed automatically... "this problem seems similar question says title session destroyed after redirect other pages of site." i got answer questions point here how handle thing when know in future have more data stored inside session, i wanted know little bit more involved answer right in development stage on production when have user 100000 or more how session behave, application behave in same manner did before. kindly discuss me, researching, need corporation more technical in php discussion may solution many of people facing same kind of issues.. you need use native php session because php session stores id in cookie. codeigniter stores data in cookie , problem stuck. so either need use native php sessions...
Read more