diff --git a/common/src/main/java/org/keycloak/common/util/Base64Url.java b/common/src/main/java/org/keycloak/common/util/Base64Url.java
index e76905f..6d06a0c 100755
--- a/common/src/main/java/org/keycloak/common/util/Base64Url.java
+++ b/common/src/main/java/org/keycloak/common/util/Base64Url.java
@@ -49,7 +49,8 @@ public class Base64Url {
"Illegal base64url string!");
}
try {
- return Base64.decode(s);
+ // KEYCLOAK-2479 : Avoid to try gzip decoding as for some objects, it may display exception to STDERR. And we know that object wasn't encoded as GZIP
+ return Base64.decode(s, Base64.DONT_GUNZIP);
} catch (Exception e) {
throw new RuntimeException(e);
}
diff --git a/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java b/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
index 484d829..ff11936 100755
--- a/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
+++ b/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
@@ -126,4 +126,12 @@ public class SkeletonKeyTokenTest {
token.addAccess("bar").addRole("user");
return token;
}
+
+ @Test
+ public void testZipException() throws Exception {
+ // KEYCLOAK-2479
+ // Example of LogoutAction, which shows the exception to STDERR during Base64.decode . Need to use flag DONT_GUNZIP to avoid it.
+ String logoutAction = "eyJhbGciOiJSUzI1NiJ9.eyJpZCI6ImUwYmRmMjQyLWJjZGItNGVjMy1hMGU4LTNjN2YyOTUzOTk5MC0xNDU1NzgyNTU2NjAyIiwiZXhwaXJhdGlvbiI6MTQ1NTc4MjU4NiwicmVzb3VyY2UiOiJwcm9kdWN0LXBvcnRhbCIsImFjdGlvbiI6IkxPR09VVCIsImFkYXB0ZXJTZXNzaW9uSWRzIjpbImx2c0oxNUpSX01XUE13aTIwbWRhTkJFRVZQZzQtMTkzVUZKem42M1EiXSwibm90QmVmb3JlIjowLCJrZXljbG9ha1Nlc3Npb25JZHMiOlsiOThkNWE3YTYtYjNmNi00ZTg3LWI5OTktOTg1N2YzMDRiZjY4Il19.H4vo7YXW8oQgYsIo9VPYeSsp1jXJR0TwJUwmiXjQJSyxFoKhHgIh3Y63ldVUeBRppxX9xhjOdYEckeppAn-1XnNxUmbExXWXirRIw8tiEtUPPCPztdkKsM0y6xWRd3Sjgg4fWB_1sMn6EWvCAvO7ahs6Rbb2Vo18nlHfxYRSTWw";
+ JWSInput input = new JWSInput(logoutAction);
+ }
}
