My app needs to save and restore HttpCookie(s) in/from a database. So I tried to encode/decode HttpCookie objects to a String via the following code. The result is in some cases the error message: Last unit does not have enough valid bits.
Yes, I read post about the error, but that is about reading-via-a-buffer & converting-the-buffer. This one is different, because the stream reading is in 1 go!
In some cases, this code gives the mentioned error message. How can I solve this?
public class SerializableHttpCookie implements Serializable {
private static final long serialVersionUID = 6374381323722046732L;
private transient HttpCookie cookie;
private Field fieldHttpOnly; // needed for a workaround
...
public String encode2(HttpCookie cookie) {
this.cookie = cookie;
ByteArrayOutputStream os = new ByteArrayOutputStream();
try {
ObjectOutputStream outputStream = new ObjectOutputStream(os);
outputStream.writeObject(this);
} catch (IOException e) {
logger.error( "IOException in encodeCookie", e);
return null;
}
return Base64.getUrlEncoder().encodeToString( os.toByteArray());
}
public HttpCookie decode2(String encodedCookie) {
byte[] bytes = Base64.getUrlDecoder().decode(encodedCookie);
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream( bytes);
HttpCookie cookie = null;
try {
ObjectInputStream objectInputStream = new ObjectInputStream( byteArrayInputStream);
cookie = ((SerializableHttpCookie) objectInputStream.readObject()).cookie;
} catch (IOException e) {
logger.error( "IOException in decodeCookie", e);
} catch (ClassNotFoundException e) {
logger.error( "ClassNotFoundException in decodeCookie", e);
}
return cookie;
}
ReadObject and WriteObject are:
private void writeObject(ObjectOutputStream out) throws IOException {
out.writeObject(cookie.getName());
out.writeObject(cookie.getValue());
out.writeObject(cookie.getComment());
out.writeObject(cookie.getCommentURL());
out.writeObject(cookie.getDomain());
out.writeLong(cookie.getMaxAge());
out.writeObject(cookie.getPath());
out.writeObject(cookie.getPortlist());
out.writeInt(cookie.getVersion());
out.writeBoolean(cookie.getSecure());
out.writeBoolean(cookie.getDiscard());
out.writeBoolean(getHttpOnly());
}
private void readObject(ObjectInputStream in) throws IOException,
ClassNotFoundException {
String name = (String) in.readObject();
String value = (String) in.readObject();
cookie = new HttpCookie(name, value);
cookie.setComment((String) in.readObject());
cookie.setCommentURL((String) in.readObject());
cookie.setDomain((String) in.readObject());
cookie.setMaxAge(in.readLong());
cookie.setPath((String) in.readObject());
cookie.setPortlist((String) in.readObject());
cookie.setVersion(in.readInt());
cookie.setSecure(in.readBoolean());
cookie.setDiscard(in.readBoolean());
setHttpOnly(in.readBoolean());
}
I used different approaches like the following resulting in errors as well (in the counting). The error is marked as comment.
private String byteArrayToHexString(byte[] bytes) {
StringBuilder sb = new StringBuilder(bytes.length * 2);
for (byte element : bytes) {
int v = element & 0xff;
if (v < 16) {
sb.append('0');
}
sb.append(Integer.toHexString(v));
}
return sb.toString();
}
private byte[] hexStringToByteArray(String hexString) {
int len = hexString.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(hexString.charAt(i), 16) << 4) + Character
.digit(hexString.charAt(i + 1), 16)); // ERROR: hexString.charAt(i+1) out of range
}
return data;
}
EncodeAndSerialize
Another way of doing this is by calling the code in the Answer. Alas, I get the same error on decoding the string.
new SerializableHttpCookie2().serializeAndEncode(cookie)));
And
HttpCookie cookie = new SerializableHttpCookie2().decodeAndDeserialize(encodedCookie);
Using the commons-codec library:
public String serializeAndEncode(final HttpCookie cookie) throws IllegalAccessException, IllegalArgumentException {
final String serialized = this.serialize(cookie);
return new String( Hex.encodeHex(serialized.getBytes()));
}
And
public HttpCookie decodeAndDeserialize(final String string)
throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
// final String decoded = this.decode(string);
String decoded;
try {
decoded = new String(Hex.decodeHex(string.toCharArray()));
} catch ( Exception e) {
return null;
}
return this.deserialize(decoded);
}
perhaps the following class solves your problem
because HttpCookie doesnt implement Serializable, values are read and written back by reflection.
im using java 12 and in my case reflection triggers a warning, cause the code accesses private final fields. the warning says:
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by HttpCookieDeSerializer (file:...) to field java.net.HttpCookie.name
WARNING: Please consider reporting this to the maintainers of HttpCookieDeSerializer
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
the class:
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.net.HttpCookie;
import java.util.Base64;
public class HttpCookieDeSerializer {
// TODO: need to be changed?
private final String fieldValueDelimiter = "===";
// TODO: need to be changed?
private final String fieldValuePairDelimiter = "###";
public HttpCookieDeSerializer() {
super();
}
public String decode(final String string) {
return new String(Base64.getUrlDecoder().decode(string));
}
public HttpCookie decodeAndDeserialize(final String string)
throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
final String decoded = this.decode(string);
// TODO: remove sysout
System.out.println(decoded);
return this.deserialize(decoded);
}
public HttpCookie deserialize(final String decoded)
throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
final String name = this.preGet(decoded, "name");
final String value = this.preGet(decoded, "value");
final HttpCookie cookie = new HttpCookie(name, value);
final String[] fieldsAndValues = decoded.split("(" + this.fieldValuePairDelimiter + ")");
for (final String fieldAndValue : fieldsAndValues) {
final String[] fieldAndValueSplitted = fieldAndValue.split("(" + this.fieldValueDelimiter + ")");
final Field field = HttpCookie.class.getDeclaredField(fieldAndValueSplitted[0]);
if (Modifier.isFinal(field.getModifiers())) {
// ???
// continue;
}
field.setAccessible(true);
final Class<?> type = field.getType();
if (String.class.equals(type)) {
field.set(cookie, this.convertNullStringToNullObject(fieldAndValueSplitted[1]));
} else if (Long.TYPE.equals(type)) {
field.setLong(cookie, Long.parseLong(fieldAndValueSplitted[1]));
} else if (Integer.TYPE.equals(type)) {
field.setInt(cookie, Integer.parseInt(fieldAndValueSplitted[1]));
} else if (Boolean.TYPE.equals(type)) {
field.setBoolean(cookie, Boolean.parseBoolean(fieldAndValueSplitted[1]));
}
}
return cookie;
}
public String encode(final String string) {
return Base64.getUrlEncoder().encodeToString(string.getBytes());
}
public String serialize(final HttpCookie cookie) throws IllegalAccessException, IllegalArgumentException {
final StringBuilder builder = new StringBuilder();
final Field[] fields = HttpCookie.class.getDeclaredFields();
boolean first = true;
for (final Field field : fields) {
if (Modifier.isStatic(field.getModifiers())) {
continue;
}
if (!first) {
builder.append(this.fieldValuePairDelimiter);
}
builder.append(field.getName());
builder.append(this.fieldValueDelimiter);
final Class<?> type = field.getType();
field.setAccessible(true);
if (String.class.equals(type)) {
builder.append((String) field.get(cookie));
} else if (Long.TYPE.equals(type)) {
builder.append(Long.toString(field.getLong(cookie)));
} else if (Integer.TYPE.equals(type)) {
builder.append(Integer.toString(field.getInt(cookie)));
} else if (Boolean.TYPE.equals(type)) {
builder.append(Boolean.toString(field.getBoolean(cookie)));
}
first = false;
}
final String serialized = builder.toString();
return serialized;
}
public String serializeAndEncode(final HttpCookie cookie) throws IllegalAccessException, IllegalArgumentException {
final String serialized = this.serialize(cookie);
// TODO: remove sysout
System.out.println(serialized);
return this.encode(serialized);
}
private Object convertNullStringToNullObject(final String string) {
if ("null".equals(string)) {
return null;
}
return string;
}
private String preGet(final String decoded, final String fieldName) {
final String[] fieldsAndValues = decoded.split("(" + this.fieldValuePairDelimiter + ")");
for (final String fieldAndValue : fieldsAndValues) {
if (fieldAndValue.startsWith(fieldName + this.fieldValueDelimiter)) {
return fieldAndValue.split("(" + this.fieldValueDelimiter + ")")[1];
}
}
return null;
}
public static void main(final String[] args) {
final HttpCookieDeSerializer hcds = new HttpCookieDeSerializer();
try {
final HttpCookie cookie = new HttpCookie("myCookie", "first");
final String serializedAndEncoded = hcds.serializeAndEncode(cookie);
// TODO: remove sysout
System.out.println(serializedAndEncoded);
final HttpCookie other = hcds.decodeAndDeserialize(serializedAndEncoded);
// TODO: remove sysout
System.out.println(cookie.equals(other));
} catch (final Throwable t) {
t.printStackTrace();
}
}
}
in my mind there is no need to encode/and or hex the serialization-string.
but if you want to do so, i suggest to use apache commons-codec library's org.apache.commons.codec.binary.Hex cause its a tested and stable lib without runtime-dependencies at the size of ~331kb
never the less, ive tried the following possibilities of serializing and deserializing
for me, all possibilities work fine.