feat: Update JwtTokenProvider to use secret key from application properties

src/main/java/com/olympus/apollo/security/utility/JwtTokenProvider.java

@@ -3,13 +3,13 @@ package com.olympus.apollo.security.utility;
 import org.springframework.stereotype.Component;
 
 import io.jsonwebtoken.*;
+import io.jsonwebtoken.io.Decoders;
 import io.jsonwebtoken.security.Keys;
 import io.jsonwebtoken.security.SignatureException;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;
 import java.security.Key;
 import java.util.Date;
@@ -19,19 +19,30 @@ import java.util.Date;
 public class JwtTokenProvider {
 
     Key key = Keys.secretKeyFor(SignatureAlgorithm.HS512);
+    
+
+    public static final String SECRET = "5367566B59703373367639792F423F4528482B4D6251655468576D5A713474375367566B59703373367639792F423F4528482B4D6251655468576D5A71347437";
+
+
+    private Key getSignKey() {
+            byte[] keyBytes = Decoders.BASE64.decode(SECRET);
+            return Keys.hmacShaKeyFor(keyBytes);
+        }
+
 
     public String createToken(Authentication authentication) {
-
+    
         UserDetails userDetails = (UserDetails) authentication.getPrincipal();
         Date now = new Date();
         Date expiryDate = new Date(now.getTime() + 3600000);
 
         return Jwts.builder()
-                .setSubject(userDetails.getUsername())
+            .setSubject(userDetails.getUsername())
-                .setIssuedAt(new Date())
+            .setIssuedAt(new Date())
-                .setExpiration(expiryDate)
+            .setExpiration(expiryDate)
-                .signWith(SignatureAlgorithm.HS512, key)
+            .signWith(getSignKey(), SignatureAlgorithm.HS512)
-                .compact();
+            //.signWith(SignatureAlgorithm.HS512, SECRET)
+            .compact();
     }
 
 
@@ -39,38 +50,39 @@ public class JwtTokenProvider {
 
         String bearerToken = request.getHeader("Authorization");
         if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
-            return bearerToken.substring(7);
+        return bearerToken.substring(7);
         }
         return null;
     }
 
     // Check if the token is valid and not expired
     public boolean validateToken(String token) {
-
+        
         try {
-            Jwts.parser().setSigningKey(key).parseClaimsJws(token);
+        Jwts.parser().setSigningKey(getSignKey()).parseClaimsJws(token);
-            return true;
+        return true;
         } catch (MalformedJwtException ex) {
-            log.error("Invalid JWT token");
+        log.error("Invalid JWT token");
         } catch (ExpiredJwtException ex) {
-            log.error("Expired JWT token");
+        log.error("Expired JWT token");
         } catch (UnsupportedJwtException ex) {
-            log.error("Unsupported JWT token");
+        log.error("Unsupported JWT token");
         } catch (IllegalArgumentException ex) {
-            log.error("JWT claims string is empty");
+        log.error("JWT claims string is empty");
         } catch (SignatureException e) {
-            log.error("there is an error with the signature of you token ");
+        log.error("there is an error with the signature of you token ");
         }
         return false;
     }
 
-    // Extract the username from the JWT token
+	// Extract the username from the JWT token
     public String getUsername(String token) {
-
+        
         return Jwts.parser()
-                .setSigningKey(key)
+            .setSigningKey(getSignKey())
-                .parseClaimsJws(token)
+            .parseClaimsJws(token)
-                .getBody()
+            .getBody()
-                .getSubject();
+            .getSubject();
     }
-}
+}
+