Build has been canceled!

torresj / community-api / 6

Committed 28 May 2025 02:43PM UTC coverage: 75.157% (+53.1%) from 22.105%

Build # 6

Build Type

push

circleci

Committed by Jaime Torres Benavente

Commit Message

Security added

Run Details

87 of 133 new or added lines in 15 files covered. (65.41%)

239 of 318 relevant lines covered (75.16%)

0.75 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

53.85

/src/main/java/com/torresj/community/services/impl/JwtServiceImpl.java

package com.torresj.community.services.impl;

import com.torresj.community.services.JwtService;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.UnsupportedJwtException;
import io.jsonwebtoken.security.Keys;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import java.nio.charset.StandardCharsets;
import java.util.Date;

@Service
@Slf4j
@RequiredArgsConstructor
public class JwtServiceImpl implements JwtService {

    @Value("${jwt.token.secret}")
    private final String secret;

    @Value("${jwt.token.expiration}")
    private final String expiration;

    @Value("${jwt.token.prefix}")
    private final String prefix;

    @Value("${jwt.token.issuer.info}")
    private final String issuer;

    @Override
    public String createJWS(String name) {
        log.debug("[JWT SERVICE] Generating JWT");
        return Jwts.builder()
                .issuedAt(new Date())
                .issuer(issuer)
                .subject(name)
                .expiration(new Date(System.currentTimeMillis() + Long.parseLong(expiration)))
                .signWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)))
                .compact();
    }

    @Override
    public String validateJWS(String jws) {
        try {
            var claims = Jwts.parser()
                    .verifyWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)))
                    .build()
                    .parseSignedClaims(jws);
            return claims.getPayload().getSubject();
        } catch (SecurityException e) {
            log.error("Invalid JWT signature: {}", e.getMessage());
        } catch (MalformedJwtException e) {
            log.error("Invalid JWT token: {}", e.getMessage());
        } catch (ExpiredJwtException e) {
            log.error("JWT token is expired: {}", e.getMessage());
        } catch (UnsupportedJwtException e) {
            log.error("JWT token is unsupported: {}", e.getMessage());
        } catch (IllegalArgumentException e) {
            log.error("JWT claims string is empty: {}", e.getMessage());
        }
        return null;
    }
}

1	package com.torresj.community.services.impl;
2
3	import com.torresj.community.services.JwtService;
4	import io.jsonwebtoken.ExpiredJwtException;
5	import io.jsonwebtoken.Jwts;
6	import io.jsonwebtoken.MalformedJwtException;
7	import io.jsonwebtoken.UnsupportedJwtException;
8	import io.jsonwebtoken.security.Keys;
9	import lombok.RequiredArgsConstructor;
10	import lombok.extern.slf4j.Slf4j;
11	import org.springframework.beans.factory.annotation.Value;
12	import org.springframework.stereotype.Service;
13
14	import java.nio.charset.StandardCharsets;
15	import java.util.Date;
16
17	@Service
18	@Slf4j	1✔
19	@RequiredArgsConstructor
20	public class JwtServiceImpl implements JwtService {
21
22	@Value("${jwt.token.secret}")
23	private final String secret;
24
25	@Value("${jwt.token.expiration}")
26	private final String expiration;
27
28	@Value("${jwt.token.prefix}")
29	private final String prefix;
30
31	@Value("${jwt.token.issuer.info}")
32	private final String issuer;
33
34	@Override
35	public String createJWS(String name) {
36	log.debug("[JWT SERVICE] Generating JWT");	1✔
37	return Jwts.builder()	1✔
38	.issuedAt(new Date())	1✔
39	.issuer(issuer)	1✔
40	.subject(name)	1✔
41	.expiration(new Date(System.currentTimeMillis() + Long.parseLong(expiration)))	1✔
42	.signWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)))	1✔
43	.compact();	1✔
44	}
45
46	@Override
47	public String validateJWS(String jws) {
48	try {
49	var claims = Jwts.parser()	1✔
50	.verifyWith(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)))	1✔
51	.build()	1✔
52	.parseSignedClaims(jws);	1✔
53	return claims.getPayload().getSubject();	1✔
NEW 54	} catch (SecurityException e) {	×
NEW 55	log.error("Invalid JWT signature: {}", e.getMessage());	×
NEW 56	} catch (MalformedJwtException e) {	×
NEW 57	log.error("Invalid JWT token: {}", e.getMessage());	×
NEW 58	} catch (ExpiredJwtException e) {	×
NEW 59	log.error("JWT token is expired: {}", e.getMessage());	×
NEW 60	} catch (UnsupportedJwtException e) {	×
NEW 61	log.error("JWT token is unsupported: {}", e.getMessage());	×
NEW 62	} catch (IllegalArgumentException e) {	×
NEW 63	log.error("JWT claims string is empty: {}", e.getMessage());	×
NEW 64	}	×
NEW 65	return null;	×
66	}
67	}

torresj / community-api / 6

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous