(ofbiz-plugins) branch trunk updated: Improved: Update method calls to comply with modified JWT validation methods.

Wed, 12 Nov 2025 01:13:01 -0800 

This is an automated email from the ASF dual-hosted git repository.

jacopoc pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-plugins.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 8ccab4445 Improved: Update method calls to comply with modified JWT 
validation methods.
8ccab4445 is described below

commit 8ccab444581cf9657e9adc981d3d6832fb4d1742
Author: Jacopo Cappellato <[email protected]>
AuthorDate: Mon Nov 10 18:18:38 2025 +0100

    Improved: Update method calls to comply with modified JWT validation 
methods.
---
 .../java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java   | 2 +-
 .../main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
 
b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
index accf70823..5b6fc31fc 100644
--- 
a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
+++ 
b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
@@ -105,7 +105,7 @@ public class AuthenticationResource {
         Delegator delegator = (Delegator) 
servletContext.getAttribute("delegator");
         httpRequest.setAttribute("delegator", delegator);
         httpRequest.setAttribute("dispatcher", delegator);
-        Map<String, Object> claims = 
JWTManager.validateRefreshToken(refreshToken, JWTManager.getJWTKey(delegator));
+        Map<String, Object> claims = 
JWTManager.validateRefreshToken(delegator, refreshToken);
 
         // Fetch delegator, dispatcher, and userLogin
         if (claims.containsKey("errorMessage")) {
diff --git 
a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
 
b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
index 2260f1f1c..e0b4259cc 100644
--- 
a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
+++ 
b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
@@ -98,7 +98,7 @@ public class APIAuthFilter implements ContainerRequestFilter {
             return;
         }
         String jwtToken = JWTManager.getHeaderAuthBearerToken(httpRequest);
-        Map<String, Object> claims = JWTManager.validateToken(jwtToken, 
JWTManager.getJWTKey(delegator));
+        Map<String, Object> claims = JWTManager.validateToken(delegator, 
jwtToken);
         if (claims.containsKey(ModelService.ERROR_MESSAGE)) {
             abortWithUnauthorized(requestContext, true, "Unauthorized: " + 
(String) claims.get(ModelService.ERROR_MESSAGE));
         } else {

Reply via email to