From d3548ea4b84f19ffd158e572c4da7f94dc1f8f76 Mon Sep 17 00:00:00 2001
From: Asim Alam Chowdhury <asimalam0032@gmail.com>
Date: Sat, 27 Jun 2026 12:36:15 +0600
Subject: [PATCH] Preserve original JSON parse error in JWTParser

JWTParser was wrapping malformed JSON errors in a JWTDecodeException without keeping the original IOException as the cause.

This change passes the original IOException through so callers can inspect the root cause. It also adds a regression test for malformed JSON parsing.
---
 lib/src/main/java/com/auth0/jwt/impl/JWTParser.java |  9 +++++++--
 .../test/java/com/auth0/jwt/impl/JWTParserTest.java | 13 +++++++++++++
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/lib/src/main/java/com/auth0/jwt/impl/JWTParser.java b/lib/src/main/java/com/auth0/jwt/impl/JWTParser.java
index 022520f5..110922be 100644
--- a/lib/src/main/java/com/auth0/jwt/impl/JWTParser.java
+++ b/lib/src/main/java/com/auth0/jwt/impl/JWTParser.java
@@ -44,7 +44,7 @@ public Payload parsePayload(String json) throws JWTDecodeException {
         try {
             return payloadReader.readValue(json);
         } catch (IOException e) {
-            throw decodeException(json);
+            throw decodeException(json, e);
         }
     }
 
@@ -57,7 +57,7 @@ public Header parseHeader(String json) throws JWTDecodeException {
         try {
             return headerReader.readValue(json);
         } catch (IOException e) {
-            throw decodeException(json);
+            throw decodeException(json, e);
         }
     }
 
@@ -89,4 +89,9 @@ private static JWTDecodeException decodeException() {
     private static JWTDecodeException decodeException(String json) {
         return new JWTDecodeException(String.format("The string '%s' doesn't have a valid JSON format.", json));
     }
+
+    private static JWTDecodeException decodeException(String json, Throwable cause) {
+        return new JWTDecodeException(
+                String.format("The string '%s' doesn't have a valid JSON format.", json), cause);
+    }
 }
diff --git a/lib/src/test/java/com/auth0/jwt/impl/JWTParserTest.java b/lib/src/test/java/com/auth0/jwt/impl/JWTParserTest.java
index da62131a..b7c8e9b9 100644
--- a/lib/src/test/java/com/auth0/jwt/impl/JWTParserTest.java
+++ b/lib/src/test/java/com/auth0/jwt/impl/JWTParserTest.java
@@ -7,6 +7,7 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.ObjectReader;
 import com.fasterxml.jackson.databind.SerializationFeature;
+import java.io.IOException;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -15,6 +16,7 @@
 import static com.auth0.jwt.impl.JWTParser.getDefaultObjectMapper;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.*;
+import static org.junit.Assert.fail;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
@@ -113,4 +115,15 @@ public void shouldThrowWhenConvertingPayloadFromInvalidJson() {
         exception.expectMessage("The string '}{' doesn't have a valid JSON format.");
         parser.parsePayload("}{");
     }
+
+    @Test
+    public void shouldPreserveCauseWhenParsingInvalidJson() {
+        try {
+            parser.parsePayload("}{");
+            fail("Expected JWTDecodeException to be thrown");
+        } catch (JWTDecodeException e) {
+            assertThat(e.getCause(), is(notNullValue()));
+            assertThat(e.getCause(), is(instanceOf(IOException.class)));
+        }
+    }
 }