diff --git a/pom.xml b/pom.xml
index 2129fed..b98be0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,17 +5,24 @@
org.springframework.boot
spring-boot-starter-parent
- 2.5.3
+ 2.7.0
- org.sadech.exaple.jwt.client.one
- client-one
+
+ dev.struchkov.example
+ jwt-client-one
0.0.1-SNAPSHOT
+
client-one
client-one
- 11
+ 17
+ ${java.version}
+ ${java.version}
+ UTF-8
+ UTF-8
+
org.springframework.boot
@@ -33,13 +40,26 @@
io.jsonwebtoken
- jjwt
- 0.9.1
+ jjwt-api
+ 0.11.5
+
+ io.jsonwebtoken
+ jjwt-impl
+ 0.11.5
+ runtime
+
+
+ io.jsonwebtoken
+ jjwt-jackson
+ 0.11.5
+ runtime
+
+
javax.xml.bind
jaxb-api
- 2.4.0-b180830.0359
+ 2.3.1
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/ClientOneApplication.java b/src/main/java/dev/struchkov/example/jwt/client/one/ClientOneApplication.java
similarity index 86%
rename from src/main/java/org/sadech/exaple/jwt/client/one/ClientOneApplication.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/ClientOneApplication.java
index 287c44e..47260af 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/ClientOneApplication.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/ClientOneApplication.java
@@ -1,4 +1,4 @@
-package org.sadech.exaple.jwt.client.one;
+package dev.struchkov.example.jwt.client.one;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/config/SecurityConfig.java b/src/main/java/dev/struchkov/example/jwt/client/one/config/SecurityConfig.java
similarity index 62%
rename from src/main/java/org/sadech/exaple/jwt/client/one/config/SecurityConfig.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/config/SecurityConfig.java
index dc03be1..2cd142d 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/config/SecurityConfig.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/config/SecurityConfig.java
@@ -1,16 +1,16 @@
-package org.sadech.exaple.jwt.client.one.config;
+package dev.struchkov.example.jwt.client.one.config;
import lombok.RequiredArgsConstructor;
-import org.sadech.exaple.jwt.client.one.filter.JwtFilter;
+import dev.struchkov.example.jwt.client.one.filter.JwtFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import javax.servlet.http.HttpServletResponse;
@@ -19,20 +19,17 @@ import javax.servlet.http.HttpServletResponse;
@EnableWebSecurity
@RequiredArgsConstructor
@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecurityConfig {
private final JwtFilter jwtFilter;
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http = http.httpBasic().disable()
- .csrf().disable();
-
- http = http.sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- .and();
-
- http = http
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ return http
+ .httpBasic().disable()
+ .csrf().disable()
+ .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+ .and()
.exceptionHandling()
.authenticationEntryPoint(
(request, response, ex) -> response.sendError(
@@ -40,12 +37,13 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
ex.getMessage()
)
)
- .and();
-
- http
- .authorizeRequests().anyRequest().authenticated()
.and()
- .addFilterAfter(jwtFilter, UsernamePasswordAuthenticationFilter.class);
+ .authorizeHttpRequests(
+ authz -> authz
+ .anyRequest().authenticated()
+ .and()
+ .addFilterAfter(jwtFilter, UsernamePasswordAuthenticationFilter.class)
+ ).build();
}
@Bean
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/controller/Controller.java b/src/main/java/dev/struchkov/example/jwt/client/one/controller/Controller.java
similarity index 88%
rename from src/main/java/org/sadech/exaple/jwt/client/one/controller/Controller.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/controller/Controller.java
index fcc0a37..f4167d2 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/controller/Controller.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/controller/Controller.java
@@ -1,7 +1,7 @@
-package org.sadech.exaple.jwt.client.one.controller;
+package dev.struchkov.example.jwt.client.one.controller;
import lombok.RequiredArgsConstructor;
-import org.sadech.exaple.jwt.client.one.service.AuthService;
+import dev.struchkov.example.jwt.client.one.service.AuthService;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/domain/JwtAuthentication.java b/src/main/java/dev/struchkov/example/jwt/client/one/domain/JwtAuthentication.java
similarity index 95%
rename from src/main/java/org/sadech/exaple/jwt/client/one/domain/JwtAuthentication.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/domain/JwtAuthentication.java
index ac6be56..49e165a 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/domain/JwtAuthentication.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/domain/JwtAuthentication.java
@@ -1,4 +1,4 @@
-package org.sadech.exaple.jwt.client.one.domain;
+package dev.struchkov.example.jwt.client.one.domain;
import lombok.Getter;
import lombok.Setter;
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/domain/Role.java b/src/main/java/dev/struchkov/example/jwt/client/one/domain/Role.java
similarity index 85%
rename from src/main/java/org/sadech/exaple/jwt/client/one/domain/Role.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/domain/Role.java
index a973f53..36f741b 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/domain/Role.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/domain/Role.java
@@ -1,4 +1,4 @@
-package org.sadech.exaple.jwt.client.one.domain;
+package dev.struchkov.example.jwt.client.one.domain;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/filter/JwtFilter.java b/src/main/java/dev/struchkov/example/jwt/client/one/filter/JwtFilter.java
similarity index 87%
rename from src/main/java/org/sadech/exaple/jwt/client/one/filter/JwtFilter.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/filter/JwtFilter.java
index 699db8f..e360e9f 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/filter/JwtFilter.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/filter/JwtFilter.java
@@ -1,11 +1,11 @@
-package org.sadech.exaple.jwt.client.one.filter;
+package dev.struchkov.example.jwt.client.one.filter;
+import dev.struchkov.example.jwt.client.one.domain.JwtAuthentication;
+import dev.struchkov.example.jwt.client.one.service.AuthService;
+import dev.struchkov.example.jwt.client.one.service.JwtUtils;
import io.jsonwebtoken.Claims;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
-import org.sadech.exaple.jwt.client.one.domain.JwtAuthentication;
-import org.sadech.exaple.jwt.client.one.service.AuthService;
-import org.sadech.exaple.jwt.client.one.service.JwtUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/service/AuthService.java b/src/main/java/dev/struchkov/example/jwt/client/one/service/AuthService.java
similarity index 65%
rename from src/main/java/org/sadech/exaple/jwt/client/one/service/AuthService.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/service/AuthService.java
index 302a9af..6f3d0a3 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/service/AuthService.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/service/AuthService.java
@@ -1,31 +1,38 @@
-package org.sadech.exaple.jwt.client.one.service;
+package dev.struchkov.example.jwt.client.one.service;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
-import io.jsonwebtoken.SignatureException;
import io.jsonwebtoken.UnsupportedJwtException;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import io.jsonwebtoken.security.SignatureException;
import lombok.NonNull;
import lombok.extern.slf4j.Slf4j;
-import org.sadech.exaple.jwt.client.one.domain.JwtAuthentication;
+import dev.struchkov.example.jwt.client.one.domain.JwtAuthentication;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
+import javax.crypto.SecretKey;
+
@Slf4j
@Component
public final class AuthService {
- private final String jwtSecret;
+ private final SecretKey jwtSecret;
public AuthService(@Value("${jwt.secret}") String secret) {
- this.jwtSecret = secret;
+ this.jwtSecret = Keys.hmacShaKeyFor(Decoders.BASE64.decode(secret));
}
public boolean validateToken(String token) {
try {
- Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token);
+ Jwts.parserBuilder()
+ .setSigningKey(jwtSecret)
+ .build()
+ .parseClaimsJws(token);
return true;
} catch (ExpiredJwtException expEx) {
log.error("Token expired", expEx);
@@ -42,7 +49,11 @@ public final class AuthService {
}
public Claims getClaims(@NonNull String token) {
- return Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token).getBody();
+ return Jwts.parserBuilder()
+ .setSigningKey(jwtSecret)
+ .build()
+ .parseClaimsJws(token)
+ .getBody();
}
public JwtAuthentication getAuthentication() {
diff --git a/src/main/java/org/sadech/exaple/jwt/client/one/service/JwtUtils.java b/src/main/java/dev/struchkov/example/jwt/client/one/service/JwtUtils.java
similarity index 82%
rename from src/main/java/org/sadech/exaple/jwt/client/one/service/JwtUtils.java
rename to src/main/java/dev/struchkov/example/jwt/client/one/service/JwtUtils.java
index 55b035a..66c02b2 100644
--- a/src/main/java/org/sadech/exaple/jwt/client/one/service/JwtUtils.java
+++ b/src/main/java/dev/struchkov/example/jwt/client/one/service/JwtUtils.java
@@ -1,10 +1,10 @@
-package org.sadech.exaple.jwt.client.one.service;
+package dev.struchkov.example.jwt.client.one.service;
+import dev.struchkov.example.jwt.client.one.domain.Role;
import io.jsonwebtoken.Claims;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
-import org.sadech.exaple.jwt.client.one.domain.JwtAuthentication;
-import org.sadech.exaple.jwt.client.one.domain.Role;
+import dev.struchkov.example.jwt.client.one.domain.JwtAuthentication;
import java.util.List;
import java.util.Set;
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 74000d2..f2ec69f 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,2 +1,2 @@
-server.port=8082
-jwt.secret=supermegasecret
\ No newline at end of file
+server.port=8099
+jwt.secret=qBTmv4oXFFR2GwjexDJ4t6fsIUIUhhXqlktXjXdkcyygs8nPVEwMfo29VDRRepYDVV5IkIxBMzr7OEHXEHd37w==
\ No newline at end of file