build(deps): bump io.jsonwebtoken:jjwt from 0.9.1 to 0.12.6

pom.xml

@@ -359,7 +359,7 @@
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt</artifactId>
-            <version>0.9.1</version>
+            <version>0.12.6</version>
         </dependency>
 
         <dependency>

src/main/java/fr/icdc/ebad/repository/LogBatchRepository.java

@@ -34,7 +34,8 @@ default void customize(QuerydslBindings bindings, QLogBatch root) {
             ")" +
             " from LogBatch logBatch " +
             "where logBatch.logDate  >= :date " +
-            "group by function('to_char',logBatch.logDate,'YYYY-MM-DD') " +
+            "group by logBatch.logDate " +
+//            "group by function('to_char',logBatch.logDate,'YYYY-MM-DD') " +
             "order by function('to_char',logBatch.logDate,'YYYY-MM-DD') desc")
     List<StatisticByDayDto> countBatchByDay(@Param("date") Date date);
 

src/main/java/fr/icdc/ebad/security/jwt/TokenProvider.java

@@ -8,7 +8,10 @@
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.SignatureException;
 import io.jsonwebtoken.UnsupportedJwtException;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
 import jakarta.annotation.PostConstruct;
+import org.bouncycastle.jcajce.provider.util.SecretKeyUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -18,7 +21,9 @@
 import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Component;
 
+import javax.crypto.SecretKey;
 import java.util.Arrays;
+import java.util.Base64;
 import java.util.Collection;
 import java.util.Date;
 import java.util.stream.Collectors;
@@ -69,16 +74,23 @@ public String createToken(Authentication authentication, Boolean rememberMe) {
         return Jwts.builder()
             .setSubject(authentication.getName())
             .claim(AUTHORITIES_KEY, authorities)
-            .signWith(SignatureAlgorithm.HS512, secretKey)
+            .signWith(SignatureAlgorithm.HS512, Base64.getEncoder().encodeToString(secretKey.getBytes()))
             .setExpiration(validity)
             .compact();
     }
 
     public Authentication getAuthentication(String token) {
-        Claims claims = Jwts.parser()
-            .setSigningKey(secretKey)
-            .parseClaimsJws(token)
-            .getBody();
+        SecretKey secret = Keys.hmacShaKeyFor(secretKey.getBytes());
+        Claims claims =
+                Jwts.parser()
+                .verifyWith(secret)
+                .build()
+                .parseSignedClaims(token)
+                .getPayload();
+//        Jwts.parser()
+//            .setSigningKey(secretKey)
+//            .parseClaimsJws(token)
+//            .getBody();
 
         Collection<? extends GrantedAuthority> authorities =
             Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(","))
@@ -92,7 +104,12 @@ public Authentication getAuthentication(String token) {
 
     public boolean validateToken(String authToken) {
         try {
-            Jwts.parser().setSigningKey(secretKey).parseClaimsJws(authToken);
+            SecretKey secret = Keys.hmacShaKeyFor(secretKey.getBytes());
+            Jwts.parser()
+                            .verifyWith(secret)
+                            .build()
+                            .parseSignedClaims(authToken)
+                            .getPayload();
             return true;
         } catch (SignatureException e) {
             log.info("Invalid JWT signature.");

src/main/resources/config/application-local.yml

@@ -15,6 +15,6 @@ ebad:
   security:
     authentication:
       jwt:
-        secret: my-secret-token-to-change-in-production
+        secret: my-secret-token-to-change-in-production-my-secret-token-to-change-in-production
         token-validity-in-seconds: 86400
         token-validity-in-seconds-for-remember-me: 2592000

src/main/resources/db/changelog/changeset/2.11.0-0.changeset.yaml

@@ -0,0 +1,7 @@
+databaseChangeLog:
+  - changeSet:
+      id: 2.11.0-0-changeset
+      author: dtrouillet
+      changes:
+        - sql:
+            sql: update T_USER  set PASSWORD = '$2y$10$MTbH9pg7B8zTpg9D1pMkb.cA2ZMAJwqMQwTdR9cDdRcAC4d6odjdy'  where PASSWORD = '$2a$10$bPgTE7J0KkKC00Ep7i4w4.YhPgBklTDn1W4idlkv9tV5zcc1r54eq';