From a50d9500b82bfc901a395e37d3d344e9b6ff5544 Mon Sep 17 00:00:00 2001
From: Manuel Spuhler <manuel.spuhler@chuv.ch>
Date: Wed, 5 Jun 2019 08:54:22 +0200
Subject: [PATCH] Downgraded jsonwebtoken lib

---
 pom.xml                                       | 16 ++-----------
 .../java/eu/hbp/mip/controllers/JWTApi.java   | 23 +++++++++++--------
 2 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/pom.xml b/pom.xml
index c5f359c44..3eaee9e54 100644
--- a/pom.xml
+++ b/pom.xml
@@ -295,20 +295,8 @@
         </dependency>
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-api</artifactId>
-            <version>0.10.5</version>
-        </dependency>
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-impl</artifactId>
-            <version>0.10.5</version>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-jackson</artifactId>
-            <version>0.10.5</version>
-            <scope>runtime</scope>
+            <artifactId>jjwt</artifactId>
+            <version>0.9.1</version>
         </dependency>
     </dependencies>
 
diff --git a/src/main/java/eu/hbp/mip/controllers/JWTApi.java b/src/main/java/eu/hbp/mip/controllers/JWTApi.java
index fa27e5b38..4073a58e2 100644
--- a/src/main/java/eu/hbp/mip/controllers/JWTApi.java
+++ b/src/main/java/eu/hbp/mip/controllers/JWTApi.java
@@ -33,10 +33,10 @@ public class JWTApi {
 
         LOGGER.info("Create a JSON Web Token");
 
-        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
-        String apiKey = "6v2oxpJMzU14U-dqVireln5AUKTtx5fBPSEgaBZiI983d98cfa6";
-        byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(apiKey);
-        Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
+        // SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
+        // String apiKey = "6v2oxpJMzU14U-dqVireln5AUKTtx5fBPSEgaBZiI983d98cfa6";
+        // byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(apiKey);
+        // Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
 
         long nowMillis = System.currentTimeMillis();
         Date now = new Date(nowMillis);
@@ -44,13 +44,16 @@ public class JWTApi {
         User user = userInfo.getUser();
 
         // Set the JWT Claims
-        JwtBuilder builder = Jwts.builder().setIssuedAt(now)
-                .setIssuer("mip.humanbrainproject.eu").setSubject(user.getEmail()).signWith(signatureAlgorithm, signingKey);
+        JwtBuilder builder = Jwts.builder().setIssuedAt(now).setIssuer("mip.humanbrainproject.eu")
+                .setSubject(user.getEmail()).signWith(SignatureAlgorithm.HS512,
+                        "hbpSecret");
 
-        long expMillis = nowMillis + 86400 * 24;
-        Date exp = new Date(expMillis);
-        builder.setExpiration(exp);
+        String token = builder.compact();
+        LOGGER.info(token);
+        // long expMillis = nowMillis + 86400 * 24;
+        // Date exp = new Date(expMillis);
+        // builder.setExpiration(exp);
 
-        return ResponseEntity.status(HttpStatus.CREATED).body(builder.compact());
+        return ResponseEntity.status(HttpStatus.CREATED).body(token);
     }
 }
\ No newline at end of file
-- 
GitLab