Skip to content

Upgrade JJWT to 0.12.6 and update JwtService for compatibility #384

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
R-Sandor merged 3 commits into from
Jun 11, 2025
Merged

Upgrade JJWT to 0.12.6 and update JwtService for compatibility #384

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bdebb3a
Upgrade JJWT to 0.12.6 and update JwtService for compatibility
reetikg07 Jun 7, 2025
842dc78
Merge branch 'main' into update-jjwt-0.12.6
reetikg Jun 7, 2025
9119238
Fix Java version mismatch in createKeys task
reetikg07 Jun 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 6 additions & 5 deletions server/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ spotless {
task createKeys(type: JavaExec) {
main = 'dev.findfirst.security.util.KeyGenerator' // Replace with the fully qualified class name of your utility
classpath = sourceSets.main.runtimeClasspath
executable = javaToolchains.launcherFor(java.toolchain).get().executablePath
}

tasks.named("build") {
Expand Down Expand Up @@ -97,11 +98,11 @@ dependencies {

runtimeOnly 'org.flywaydb:flyway-database-postgresql:11.8.1'
runtimeOnly 'org.postgresql:postgresql:42.7.5'
runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.11.5'
//implementation 'io.jsonwebtoken:jjwt-api:0.12.6'
//runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6'
runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6'
implementation 'io.jsonwebtoken:jjwt-api:0.12.6'
runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6'
//runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
//implementation 'io.jsonwebtoken:jjwt-api:0.11.5'

annotationProcessor 'org.projectlombok:lombok'

Expand Down
7 changes: 5 additions & 2 deletions server/src/main/java/dev/findfirst/security/jwt/JwtService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package dev.findfirst.security.jwt;

import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Map;

import jakarta.annotation.PostConstruct;
Expand All @@ -27,6 +28,8 @@ public class JwtService {

@Value("${jwt.private.key}")
private RSAPrivateKey priv;
@Value("${jwt.public.key}")
private RSAPublicKey pubKey;

@Value("${findfirst.app.jwtCookieName}")
private String jwtCookie;
Expand All @@ -37,7 +40,7 @@ public class JwtService {

@PostConstruct
private void init() {
jwtParser = Jwts.parserBuilder().setSigningKey(priv).build();
jwtParser = Jwts.parser().verifyWith(pubKey).build();
}

public String getJwtFromCookies(HttpServletRequest request) {
Expand All @@ -47,7 +50,7 @@ public String getJwtFromCookies(HttpServletRequest request) {

public Jws<Claims> parseJwt(String jwt) throws ExpiredJwtException, UnsupportedJwtException,
MalformedJwtException, SignatureException, IllegalArgumentException {
return jwtParser.parseClaimsJws(jwt);
return jwtParser.parseSignedClaims(jwt);
}

public String getUserNameFromJwtToken(String token) {
Expand Down
Loading