diff --git a/pom.xml b/pom.xml
index 15fab51..db4b21c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -33,7 +33,7 @@
io.jsonwebtoken
jjwt
- 0.9.1
+ 0.12.5
com.mysql
diff --git a/src/main/java/com/ons/securitylayerJwt/security/JwtUtilities.java b/src/main/java/com/ons/securitylayerJwt/security/JwtUtilities.java
index 4dd7502..132a818 100644
--- a/src/main/java/com/ons/securitylayerJwt/security/JwtUtilities.java
+++ b/src/main/java/com/ons/securitylayerJwt/security/JwtUtilities.java
@@ -1,8 +1,8 @@
package com.ons.securitylayerJwt.security;
-
import io.jsonwebtoken.*;
+import io.jsonwebtoken.security.Keys;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
@@ -19,7 +19,7 @@
@Slf4j
@Component
-public class JwtUtilities{
+public class JwtUtilities {
@Value("${jwt.secret}")
@@ -33,32 +33,48 @@ public String extractUsername(String token) {
return extractClaim(token, Claims::getSubject);
}
- public Claims extractAllClaims(String token) {return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();}
+ public Claims extractAllClaims(String token) {
+ return Jwts.parser()
+ .verifyWith(Keys.hmacShaKeyFor(secret.getBytes()))
+ .build()
+ .parseSignedClaims(token)
+ .getPayload();
+ }
public T extractClaim(String token, Function claimsResolver) {
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
- public Date extractExpiration(String token) { return extractClaim(token, Claims::getExpiration); }
+
+ public Date extractExpiration(String token) {
+ return extractClaim(token, Claims::getExpiration);
+ }
public Boolean validateToken(String token, UserDetails userDetails) {
final String email = extractUsername(token);
return (email.equals(userDetails.getUsername()) && !isTokenExpired(token));
}
+
public Boolean isTokenExpired(String token) {
return extractExpiration(token).before(new Date());
}
- public String generateToken(String email , List roles) {
-
- return Jwts.builder().setSubject(email).claim("role",roles).setIssuedAt(new Date(System.currentTimeMillis()))
- .setExpiration(Date.from(Instant.now().plus(jwtExpiration, ChronoUnit.MILLIS)))
- .signWith(SignatureAlgorithm.HS256, secret).compact();
+ public String generateToken(String email, List roles) {
+ return Jwts.builder()
+ .subject(email)
+ .claim("role", roles)
+ .issuedAt(new Date(System.currentTimeMillis()))
+ .expiration(Date.from(Instant.now().plus(jwtExpiration, ChronoUnit.MILLIS)))
+ .signWith(Keys.hmacShaKeyFor(secret.getBytes()))
+ .compact();
}
public boolean validateToken(String token) {
try {
- Jwts.parser().setSigningKey(secret).parseClaimsJws(token);
+ Jwts.parser()
+ .verifyWith(Keys.hmacShaKeyFor(secret.getBytes()))
+ .build()
+ .parseSignedClaims(token);
return true;
} catch (SignatureException e) {
log.info("Invalid JWT signature.");
@@ -79,11 +95,12 @@ public boolean validateToken(String token) {
return false;
}
- public String getToken (HttpServletRequest httpServletRequest) {
- final String bearerToken = httpServletRequest.getHeader("Authorization");
- if(StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer "))
- {return bearerToken.substring(7,bearerToken.length()); } // The part after "Bearer "
- return null;
+ public String getToken(HttpServletRequest httpServletRequest) {
+ final String bearerToken = httpServletRequest.getHeader("Authorization");
+ if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
+ return bearerToken.substring(7, bearerToken.length());
+ } // The part after "Bearer "
+ return null;
}
}