From 27db117baa91facc8298576eaed8e0f5b5ca69cd Mon Sep 17 00:00:00 2001
From: Huynh Thanh Binh <1653006@student.hcmus.edu.vn>
Date: Sun, 23 Aug 2020 11:02:32 +0700
Subject: [PATCH] [SERVER] update SaigonParkingAuthentication using UUID as jti

---
 common/pom.xml                                            | 5 +++++
 .../common/auth/SaigonParkingAuthenticationImpl.java      | 8 +++++---
 service/booking-service/pom.xml                           | 5 -----
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/common/pom.xml b/common/pom.xml
index 1f74b943..e075eff0 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -230,6 +230,11 @@
             <artifactId>jjwt-jackson</artifactId>
             <version>${java-jwt.version}</version>
         </dependency>
+        <dependency>
+            <groupId>com.fasterxml.uuid</groupId>
+            <artifactId>java-uuid-generator</artifactId>
+            <version>${java-uuid-generator.version}</version>
+        </dependency>
     </dependencies>
 
     <build>
diff --git a/common/src/main/java/com/bht/saigonparking/common/auth/SaigonParkingAuthenticationImpl.java b/common/src/main/java/com/bht/saigonparking/common/auth/SaigonParkingAuthenticationImpl.java
index 6b85e5d0..d458e194 100644
--- a/common/src/main/java/com/bht/saigonparking/common/auth/SaigonParkingAuthenticationImpl.java
+++ b/common/src/main/java/com/bht/saigonparking/common/auth/SaigonParkingAuthenticationImpl.java
@@ -20,6 +20,8 @@
 import org.springframework.data.util.Pair;
 
 import com.bht.saigonparking.common.util.LoggingUtil;
+import com.fasterxml.uuid.Generators;
+import com.fasterxml.uuid.impl.TimeBasedGenerator;
 import com.google.common.io.ByteStreams;
 
 import io.jsonwebtoken.Claims;
@@ -34,6 +36,7 @@ public final class SaigonParkingAuthenticationImpl implements SaigonParkingAuthe
 
     private static final String SAIGON_PARKING_ISSUER = "www.saigonparking.wtf";
     private static final short MAX_RANDOM_EXCLUSIVE = 1000;
+    private static final TimeBasedGenerator UUID_GENERATOR = Generators.timeBasedGenerator();
 
     private static final String USER_ROLE_KEY_NAME = "role";
     private static final String FACTOR_KEY_NAME = "fac";
@@ -88,8 +91,7 @@ private Pair<String, String> generateJwtToken(@NotNull SaigonParkingTokenType ty
                                                   @NotNull ChronoUnit timeUnit) {
         Instant now = Instant.now();
         Integer factor = new Random().nextInt(MAX_RANDOM_EXCLUSIVE);
-        Long encryptedUserId = encryptUserId(userId, factor);
-        String tokenId = String.format("%d@%d", encryptedUserId, now.toEpochMilli());
+        String tokenId = UUID_GENERATOR.generate().toString();
 
         return Pair.of(tokenId, Jwts.builder()
                 .setId(tokenId)
@@ -97,7 +99,7 @@ private Pair<String, String> generateJwtToken(@NotNull SaigonParkingTokenType ty
                 .claim(USER_ROLE_KEY_NAME, userRole)
                 .claim(FACTOR_KEY_NAME, factor)
                 .claim(TOKEN_TYPE_KEY_NAME, type)
-                .setSubject(encryptedUserId.toString())
+                .setSubject(encryptUserId(userId, factor).toString())
                 .setIssuedAt(Date.from(now))
                 .setExpiration(Date.from(now.plus(timeAmount, timeUnit)))
                 .signWith(secretKey)
diff --git a/service/booking-service/pom.xml b/service/booking-service/pom.xml
index cfbe0a35..2c8497b0 100644
--- a/service/booking-service/pom.xml
+++ b/service/booking-service/pom.xml
@@ -31,11 +31,6 @@
             <artifactId>parkinglot-api</artifactId>
             <version>${revision}</version>
         </dependency>
-        <dependency>
-            <groupId>com.fasterxml.uuid</groupId>
-            <artifactId>java-uuid-generator</artifactId>
-            <version>${java-uuid-generator.version}</version>
-        </dependency>
         <dependency>
             <groupId>com.google.zxing</groupId>
             <artifactId>core</artifactId>