diff --git a/src/main/java/com/olympus/apollo/security/utility/JwtTokenProvider.java b/src/main/java/com/olympus/apollo/security/utility/JwtTokenProvider.java index 55c13c2..cb00594 100644 --- a/src/main/java/com/olympus/apollo/security/utility/JwtTokenProvider.java +++ b/src/main/java/com/olympus/apollo/security/utility/JwtTokenProvider.java @@ -3,13 +3,13 @@ package com.olympus.apollo.security.utility; import org.springframework.stereotype.Component; import io.jsonwebtoken.*; +import io.jsonwebtoken.io.Decoders; import io.jsonwebtoken.security.Keys; import io.jsonwebtoken.security.SignatureException; import jakarta.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.Authentication; import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import java.security.Key; import java.util.Date; @@ -19,19 +19,30 @@ import java.util.Date; public class JwtTokenProvider { Key key = Keys.secretKeyFor(SignatureAlgorithm.HS512); + + + public static final String SECRET = "5367566B59703373367639792F423F4528482B4D6251655468576D5A713474375367566B59703373367639792F423F4528482B4D6251655468576D5A71347437"; + + + private Key getSignKey() { + byte[] keyBytes = Decoders.BASE64.decode(SECRET); + return Keys.hmacShaKeyFor(keyBytes); + } + public String createToken(Authentication authentication) { - + UserDetails userDetails = (UserDetails) authentication.getPrincipal(); Date now = new Date(); Date expiryDate = new Date(now.getTime() + 3600000); return Jwts.builder() - .setSubject(userDetails.getUsername()) - .setIssuedAt(new Date()) - .setExpiration(expiryDate) - .signWith(SignatureAlgorithm.HS512, key) - .compact(); + .setSubject(userDetails.getUsername()) + .setIssuedAt(new Date()) + .setExpiration(expiryDate) + .signWith(getSignKey(), SignatureAlgorithm.HS512) + //.signWith(SignatureAlgorithm.HS512, SECRET) + .compact(); } @@ -39,38 +50,39 @@ public class JwtTokenProvider { String bearerToken = request.getHeader("Authorization"); if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) { - return bearerToken.substring(7); + return bearerToken.substring(7); } return null; } // Check if the token is valid and not expired public boolean validateToken(String token) { - + try { - Jwts.parser().setSigningKey(key).parseClaimsJws(token); - return true; + Jwts.parser().setSigningKey(getSignKey()).parseClaimsJws(token); + return true; } catch (MalformedJwtException ex) { - log.error("Invalid JWT token"); + log.error("Invalid JWT token"); } catch (ExpiredJwtException ex) { - log.error("Expired JWT token"); + log.error("Expired JWT token"); } catch (UnsupportedJwtException ex) { - log.error("Unsupported JWT token"); + log.error("Unsupported JWT token"); } catch (IllegalArgumentException ex) { - log.error("JWT claims string is empty"); + log.error("JWT claims string is empty"); } catch (SignatureException e) { - log.error("there is an error with the signature of you token "); + log.error("there is an error with the signature of you token "); } return false; } - // Extract the username from the JWT token + // Extract the username from the JWT token public String getUsername(String token) { - + return Jwts.parser() - .setSigningKey(key) - .parseClaimsJws(token) - .getBody() - .getSubject(); + .setSigningKey(getSignKey()) + .parseClaimsJws(token) + .getBody() + .getSubject(); } -} \ No newline at end of file +} +