update spring boot and jjwt version

.gitignore

@@ -23,4 +23,7 @@
 /dist/
 /nbdist/
 /.nb-gradle/
-nbactions.xml
+nbactions.xml
+
+# VS Code #
+.vscode

pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.0.0.RELEASE</version>
+		<version>2.1.1.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 
@@ -33,15 +33,27 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-webflux</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt</artifactId>
-			<version>0.7.0</version>
-		</dependency>
 		<dependency>
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.10.5</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.10.5</version>
+			<scope>runtime</scope>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.10.5</version>
+			<scope>runtime</scope>
+		</dependency>
 
 
 		<dependency>

src/main/java/com/ard333/springbootwebfluxjjwt/rest/AuthenticationREST.java

@@ -30,7 +30,7 @@ public class AuthenticationREST {
 	@Autowired
 	private UserService userRepository;
 
-	@RequestMapping(value = "login", method = RequestMethod.POST)
+	@RequestMapping(value = "/login", method = RequestMethod.POST)
 	public Mono<ResponseEntity<?>> login(@RequestBody AuthRequest ar) {
 		return userRepository.findByUsername(ar.getUsername()).map((userDetails) -> {
 			if (passwordEncoder.encode(ar.getPassword()).equals(userDetails.getPassword())) {

src/main/java/com/ard333/springbootwebfluxjjwt/security/JWTUtil.java

@@ -2,6 +2,7 @@ package com.ard333.springbootwebfluxjjwt.security;
 
 import com.ard333.springbootwebfluxjjwt.model.User;
 import java.io.Serializable;
+import java.util.Base64;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -27,7 +28,7 @@ public class JWTUtil implements Serializable {
 	private String expirationTime;
 	
 	public Claims getAllClaimsFromToken(String token) {
-		return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
+		return Jwts.parser().setSigningKey(Base64.getEncoder().encodeToString(secret.getBytes())).parseClaimsJws(token).getBody();
 	}
 	
 	public String getUsernameFromToken(String token) {
@@ -46,7 +47,6 @@ public class JWTUtil implements Serializable {
 	public String generateToken(User user) {
 		Map<String, Object> claims = new HashMap<>();
 		claims.put("role", user.getRoles());
-		claims.put("enable", user.getEnabled());
 		return doGenerateToken(claims, user.getUsername());
 	}
 
@@ -60,7 +60,7 @@ public class JWTUtil implements Serializable {
 				.setSubject(username)
 				.setIssuedAt(createdDate)
 				.setExpiration(expirationDate)
-				.signWith(SignatureAlgorithm.HS512, secret)
+				.signWith(SignatureAlgorithm.HS512, Base64.getEncoder().encodeToString(secret.getBytes()))
 				.compact();
 	}
 	

src/main/java/com/ard333/springbootwebfluxjjwt/security/WebSecurityConfig.java

@@ -31,7 +31,7 @@ public class WebSecurityConfig {
 				.securityContextRepository(securityContextRepository)
 				.authorizeExchange()
 				.pathMatchers(HttpMethod.OPTIONS).permitAll()
-				.pathMatchers("/auth").permitAll()
+				.pathMatchers("/login").permitAll()
 				.anyExchange().authenticated()
 				.and().build();
 		

src/main/resources/application.properties

@@ -1,5 +1,6 @@
 springbootwebfluxjjwt.password.encoder.secret=mysecret
 springbootwebfluxjjwt.password.encoder.iteration=33
 springbootwebfluxjjwt.password.encoder.keylength=256
-springbootwebfluxjjwt.jjwt.secret=mysecret
+
+springbootwebfluxjjwt.jjwt.secret=ThisIsSecretForJWTHS512SignatureAlgorithmThatMUSTHave512bitsKeySize
 springbootwebfluxjjwt.jjwt.expiration=28800