diff --git a/src/main/java/com/primefactorsolutions/service/AccountService.java b/src/main/java/com/primefactorsolutions/service/AccountService.java index 8a4bf76..8400a6e 100644 --- a/src/main/java/com/primefactorsolutions/service/AccountService.java +++ b/src/main/java/com/primefactorsolutions/service/AccountService.java @@ -6,8 +6,6 @@ import com.auth0.jwt.exceptions.JWTCreationException; import com.auth0.jwt.exceptions.JWTVerificationException; import com.auth0.jwt.interfaces.DecodedJWT; import com.auth0.jwt.interfaces.JWTVerifier; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; import com.primefactorsolutions.model.Employee; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -16,14 +14,12 @@ import org.springframework.stereotype.Service; import java.time.Instant; import java.time.temporal.ChronoUnit; -import java.util.Map; @Service @Slf4j public class AccountService { private final EmailService emailService; private final EmployeeService employeeService; - private final ObjectMapper objectMapper = new ObjectMapper(); private final String secret; public AccountService(final EmailService emailService, final EmployeeService employeeService, @@ -56,14 +52,16 @@ public class AccountService { .build(); decodedJWT = verifier.verify(token); - final Map payload = (Map) objectMapper.readValue(decodedJWT.getPayload(), Map.class); + final Instant expiry = decodedJWT.getExpiresAtAsInstant(); + final String claim = decodedJWT.getClaim("username").asString(); - if (Instant.parse((String) payload.get("expire")).isBefore(Instant.now()) - || !username.equals(payload.get("username"))) { - log.warn("token invalid {} {} {}", username, payload.get("username"), payload.get("expire")); + if (expiry.isBefore(Instant.now()) + || !username.equals(claim)) { + log.warn("token invalid {} {} {}", username, claim, expiry); return; } - } catch (JWTVerificationException | JsonProcessingException e) { + } catch (JWTVerificationException e) { + log.warn("error updating password", e); return; } @@ -79,6 +77,8 @@ public class AccountService { } employeeService.updatePassword(employee, newPassword); + + log.info("updated password for {}", username); } private String createResetPasswordLink(final String username) { @@ -88,10 +88,10 @@ public class AccountService { Algorithm algorithm = Algorithm.HMAC512(secret); token = JWT.create() .withIssuer("pfs") - .withPayload(objectMapper.writeValueAsString(Map.of("username", username, - "expire", Instant.now().plus(1, ChronoUnit.HOURS).toString()))) + .withClaim("username", username) + .withExpiresAt(Instant.now().plus(1, ChronoUnit.HOURS)) .sign(algorithm); - } catch (JWTCreationException | JsonProcessingException e) { + } catch (JWTCreationException e) { throw new RuntimeException(e); } diff --git a/src/main/java/com/primefactorsolutions/service/EmployeeService.java b/src/main/java/com/primefactorsolutions/service/EmployeeService.java index d273ac4..e63c88a 100644 --- a/src/main/java/com/primefactorsolutions/service/EmployeeService.java +++ b/src/main/java/com/primefactorsolutions/service/EmployeeService.java @@ -18,7 +18,7 @@ import java.util.Collections; @Service @AllArgsConstructor public class EmployeeService { - private static final String USERPASSWORD = "userpassword"; + private static final String USERPASSWORD = "userPassword"; private static final String OBJECTCLASS = "objectclass"; private static final String ORGANIZATIONAL_PERSON = "organizationalPerson"; private static final String INET_ORG_PERSON = "inetOrgPerson";