-
-
Notifications
You must be signed in to change notification settings - Fork 243
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
traits/nlohmann-json using json::parse with exceptions without catch, an uncaught exception is generated when handling bad input. #293
Comments
This library is not exception free so could you elaborate on what the advantages of this would be? This would be suppressing a useful error case for users with malformed token as well. I am curious what pros you see to this? |
In the expected case, jwt-cpp throws an invalid_json_exception exception when parsing json fails. In fact, I failed when I tried to catch std::runtime_error because a nlohmann::json::parse_error exception was thrown instead. Obviously, the actual exception thrown does not match the expected one. |
I think the bigger issue is that using the error_code overloads might still throw exceptions in this case. |
Yes but the traits could easily be modified. However we'd need to do this for every single json library where some might not support this. Then how do we expose that? I think as a header-only library we do not care how the JSON libraries are compiled or setup. https://github.com/nlohmann/json/blob/a0c1318830519eac027a31edec1a99ce1ae5670e/docs/mkdocs/docs/home/exceptions.md?plain=1#L29 could easily be setup with the current implementation to have the desired effect? I work on a package manager so in my head if you need to set something on a dependency it's not the responsibility of the upstream projects to do that for you. Especially for the "user provided override" there's no obvious we could handle that? 🤔 |
I agree with you, in fact I'm just giving feedback since nlohmann-json is a commonly used json lib. |
Oh this is a good discussion let's keep it open |
What happened?
There is the following functions in the include/jwt-cpp/traits/nlohmann-json/traits.h header file.
This function uses json::parse with exceptions, an uncaught exception is generated when handling bad input.
Could you please refer to the following nlohmann-json official example? Thank you.
How To Reproduce?
No response
Version
0.6.0
What OS are you seeing the problem on?
Linux
What compiler are you seeing the problem on?
GCC
Relevant log output
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: