TokenFilter.java 79行

userCacheManager.cleanUserCache(String.valueOf(tokenProvider.getClaims(token).get(TokenProvider.AUTHORITIES_KEY)));

中tokenProvider.getClaims(token) 解析token报错时异常没有处理。

token增加或者减少一个字符就能复现

io.jsonwebtoken.MalformedJwtException: Unable to read JSON value: �쉅����!L��ȉ
at io.jsonwebtoken.impl.DefaultJwtParser.readValue(DefaultJwtParser.java:624)
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:311)
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:550)
at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:610)
at io.jsonwebtoken.impl.ImmutableJwtParser.parseClaimsJws(ImmutableJwtParser.java:173)
at me.zhengjie.modules.security.security.TokenProvider.getClaims(TokenProvider.java:96)
at me.zhengjie.modules.security.security.TokenFilter.doFilter(TokenFilter.java:79)

io.jsonwebtoken.security.SignatureException: JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:420)
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:550)
at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:610)
at io.jsonwebtoken.impl.ImmutableJwtParser.parseClaimsJws(ImmutableJwtParser.java:173)
at me.zhengjie.modules.security.security.TokenProvider.getClaims(TokenProvider.java:96)
at me.zhengjie.modules.security.security.TokenFilter.doFilter(TokenFilter.java:79)