Encoded password does not look like BCrypt

Question

I am using Spring Boot, Spring Security, OAuth2 and JWT to authenticate my application, but I keep getting this nasty error and I don\'t have any idea what is wrong. My

Answer 1

BCryptPasswordEncoder shows this warning when it fails to match a raw password with an encoded password.

The hashed password might be “$2b” or “$2y” now.

And there is a bug in Spring Security that has a regex always looking for “$2a”. Put a debug point at the matches() function in the BCryptPasswordEncoder.class.