Merge pull request #15 from IlyaLisov/dependabot/maven/jjwt.version-0.12.3

Bump jjwt.version from 0.11.5 to 0.12.3

Author: IlyaLisov

pom.xml

@@ -22,7 +22,7 @@
         <mapstruct.version>1.5.5.Final</mapstruct.version>
         <hibernate-validator.version>8.0.1.Final</hibernate-validator.version>
         <jakarta-validation.version>3.0.2</jakarta-validation.version>
-        <jjwt.version>0.11.5</jjwt.version>
+        <jjwt.version>0.12.3</jjwt.version>
         <liquibase.version>4.23.0</liquibase.version>
         <springdoc.version>2.0.2</springdoc.version>
         <preliquibase.version>1.4.0</preliquibase.version>
@@ -73,7 +73,7 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
-          
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-mail</artifactId>

src/main/java/com/example/tasklist/web/security/JwtTokenProvider.java

@@ -18,7 +18,7 @@
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.stereotype.Service;
 
-import java.security.Key;
+import javax.crypto.SecretKey;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Date;
@@ -34,7 +34,7 @@ public class JwtTokenProvider {
 
     private final UserDetailsService userDetailsService;
     private final UserService userService;
-    private Key key;
+    private SecretKey key;
 
     @PostConstruct
     public void init() {
@@ -44,14 +44,16 @@ public void init() {
     public String createAccessToken(final Long userId,
                                     final String username,
                                     final Set<Role> roles) {
-        Claims claims = Jwts.claims().setSubject(username);
-        claims.put("id", userId);
-        claims.put("roles", resolveRoles(roles));
+        Claims claims = Jwts.claims()
+                .subject(username)
+                .add("id", userId)
+                .add("roles", resolveRoles(roles))
+                .build();
         Instant validity = Instant.now()
                 .plus(jwtProperties.getAccess(), ChronoUnit.HOURS);
         return Jwts.builder()
-                .setClaims(claims)
-                .setExpiration(Date.from(validity))
+                .claims(claims)
+                .expiration(Date.from(validity))
                 .signWith(key)
                 .compact();
     }
@@ -63,13 +65,15 @@ private List<String> resolveRoles(final Set<Role> roles) {
     }
 
     public String createRefreshToken(final Long userId, final String username) {
-        Claims claims = Jwts.claims().setSubject(username);
-        claims.put("id", userId);
+        Claims claims = Jwts.claims()
+                .subject(username)
+                .add("id", userId)
+                .build();
         Instant validity = Instant.now()
                 .plus(jwtProperties.getRefresh(), ChronoUnit.DAYS);
         return Jwts.builder()
-                .setClaims(claims)
-                .setExpiration(Date.from(validity))
+                .claims(claims)
+                .expiration(Date.from(validity))
                 .signWith(key)
                 .compact();
     }
@@ -94,31 +98,30 @@ public JwtResponse refreshUserTokens(final String refreshToken) {
 
     public boolean validateToken(final String token) {
         Jws<Claims> claims = Jwts
-                .parserBuilder()
-                .setSigningKey(key)
+                .parser()
+                .verifyWith(key)
                 .build()
-                .parseClaimsJws(token);
-        return !claims.getBody().getExpiration().before(new Date());
+                .parseSignedClaims(token);
+        return claims.getPayload().getExpiration().after(new Date());
     }
 
     private String getId(final String token) {
         return Jwts
-                .parserBuilder()
-                .setSigningKey(key)
+                .parser()
+                .verifyWith(key)
                 .build()
-                .parseClaimsJws(token)
-                .getBody()
-                .get("id")
-                .toString();
+                .parseSignedClaims(token)
+                .getPayload()
+                .get("id", String.class);
     }
 
     private String getUsername(final String token) {
         return Jwts
-                .parserBuilder()
-                .setSigningKey(key)
+                .parser()
+                .verifyWith(key)
                 .build()
-                .parseClaimsJws(token)
-                .getBody()
+                .parseSignedClaims(token)
+                .getPayload()
                 .getSubject();
     }