[SERVER] update SaigonParkingAuthentication using UUID as jti

huynhthanhbinh · Aug 23, 2020 · 27db117 · 27db117
1 parent 9f03d6a
commit 27db117
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 8 deletions.
diff --git a/common/pom.xml b/common/pom.xml
@@ -230,6 +230,11 @@
             <artifactId>jjwt-jackson</artifactId>
             <version>${java-jwt.version}</version>
         </dependency>
+        <dependency>
+            <groupId>com.fasterxml.uuid</groupId>
+            <artifactId>java-uuid-generator</artifactId>
+            <version>${java-uuid-generator.version}</version>
+        </dependency>
     </dependencies>
 
     <build>

diff --git a/common/src/main/java/com/bht/saigonparking/common/auth/SaigonParkingAuthenticationImpl.java b/common/src/main/java/com/bht/saigonparking/common/auth/SaigonParkingAuthenticationImpl.java
@@ -20,6 +20,8 @@
 import org.springframework.data.util.Pair;
 
 import com.bht.saigonparking.common.util.LoggingUtil;
+import com.fasterxml.uuid.Generators;
+import com.fasterxml.uuid.impl.TimeBasedGenerator;
 import com.google.common.io.ByteStreams;
 
 import io.jsonwebtoken.Claims;
@@ -34,6 +36,7 @@ public final class SaigonParkingAuthenticationImpl implements SaigonParkingAuthe
 
     private static final String SAIGON_PARKING_ISSUER = "www.saigonparking.wtf";
     private static final short MAX_RANDOM_EXCLUSIVE = 1000;
+    private static final TimeBasedGenerator UUID_GENERATOR = Generators.timeBasedGenerator();
 
     private static final String USER_ROLE_KEY_NAME = "role";
     private static final String FACTOR_KEY_NAME = "fac";
@@ -88,16 +91,15 @@ private Pair<String, String> generateJwtToken(@NotNull SaigonParkingTokenType ty
                                                   @NotNull ChronoUnit timeUnit) {
         Instant now = Instant.now();
         Integer factor = new Random().nextInt(MAX_RANDOM_EXCLUSIVE);
-        Long encryptedUserId = encryptUserId(userId, factor);
-        String tokenId = String.format("%d@%d", encryptedUserId, now.toEpochMilli());
+        String tokenId = UUID_GENERATOR.generate().toString();
 
         return Pair.of(tokenId, Jwts.builder()
                 .setId(tokenId)
                 .setIssuer(SAIGON_PARKING_ISSUER)
                 .claim(USER_ROLE_KEY_NAME, userRole)
                 .claim(FACTOR_KEY_NAME, factor)
                 .claim(TOKEN_TYPE_KEY_NAME, type)
-                .setSubject(encryptedUserId.toString())
+                .setSubject(encryptUserId(userId, factor).toString())
                 .setIssuedAt(Date.from(now))
                 .setExpiration(Date.from(now.plus(timeAmount, timeUnit)))
                 .signWith(secretKey)

diff --git a/service/booking-service/pom.xml b/service/booking-service/pom.xml
@@ -31,11 +31,6 @@
             <artifactId>parkinglot-api</artifactId>
             <version>${revision}</version>
         </dependency>
-        <dependency>
-            <groupId>com.fasterxml.uuid</groupId>
-            <artifactId>java-uuid-generator</artifactId>
-            <version>${java-uuid-generator.version}</version>
-        </dependency>
         <dependency>
             <groupId>com.google.zxing</groupId>
             <artifactId>core</artifactId>