From bdebb3ae6e9caf6a892ad10bbcb1d8203760160a Mon Sep 17 00:00:00 2001
From: Reetik <gandatereetik06@gmail.com>
Date: Sat, 7 Jun 2025 12:30:03 +0530
Subject: [PATCH 1/2] Upgrade JJWT to 0.12.6 and update JwtService for
 compatibility

---
 server/build.gradle                                    | 10 +++++-----
 .../java/dev/findfirst/security/jwt/JwtService.java    |  7 +++++--
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/server/build.gradle b/server/build.gradle
index 7f605f43..a52358f0 100644
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -97,11 +97,11 @@ dependencies {
 
   runtimeOnly 'org.flywaydb:flyway-database-postgresql:11.8.1'
   runtimeOnly 'org.postgresql:postgresql:42.7.5'
-  runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.11.5'
-  //implementation 'io.jsonwebtoken:jjwt-api:0.12.6'
-  //runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6'
-  runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
-  implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+  runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6'
+  implementation 'io.jsonwebtoken:jjwt-api:0.12.6'
+  runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6'
+  //runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
+  //implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
 
   annotationProcessor 'org.projectlombok:lombok'
 
diff --git a/server/src/main/java/dev/findfirst/security/jwt/JwtService.java b/server/src/main/java/dev/findfirst/security/jwt/JwtService.java
index 77bc0cd1..a501b15d 100644
--- a/server/src/main/java/dev/findfirst/security/jwt/JwtService.java
+++ b/server/src/main/java/dev/findfirst/security/jwt/JwtService.java
@@ -1,6 +1,7 @@
 package dev.findfirst.security.jwt;
 
 import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
 import java.util.Map;
 
 import jakarta.annotation.PostConstruct;
@@ -27,6 +28,8 @@ public class JwtService {
 
   @Value("${jwt.private.key}")
   private RSAPrivateKey priv;
+  @Value("${jwt.public.key}")
+  private RSAPublicKey pubKey;
 
   @Value("${findfirst.app.jwtCookieName}")
   private String jwtCookie;
@@ -37,7 +40,7 @@ public class JwtService {
 
   @PostConstruct
   private void init() {
-    jwtParser = Jwts.parserBuilder().setSigningKey(priv).build();
+    jwtParser = Jwts.parser().verifyWith(pubKey).build();
   }
 
   public String getJwtFromCookies(HttpServletRequest request) {
@@ -47,7 +50,7 @@ public String getJwtFromCookies(HttpServletRequest request) {
 
   public Jws<Claims> parseJwt(String jwt) throws ExpiredJwtException, UnsupportedJwtException,
       MalformedJwtException, SignatureException, IllegalArgumentException {
-    return jwtParser.parseClaimsJws(jwt);
+    return jwtParser.parseSignedClaims(jwt);
   }
 
   public String getUserNameFromJwtToken(String token) {

From 91192387896788382349e6cfd084707cf0772816 Mon Sep 17 00:00:00 2001
From: Reetik <gandatereetik06@gmail.com>
Date: Sat, 7 Jun 2025 14:20:37 +0530
Subject: [PATCH 2/2] Fix Java version mismatch in createKeys task

---
 server/build.gradle | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/build.gradle b/server/build.gradle
index ccb30dda..dd5ed9c9 100644
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -60,6 +60,7 @@ spotless {
 task createKeys(type: JavaExec) {
     main = 'dev.findfirst.security.util.KeyGenerator'  // Replace with the fully qualified class name of your utility
     classpath = sourceSets.main.runtimeClasspath
+  executable = javaToolchains.launcherFor(java.toolchain).get().executablePath
 }
 
 tasks.named("build") {