+ logger.warn("App is start");

# Conflicts:
#	src/main/java/org/ccalm/jwt/MainController.java

README.md

@@ -28,6 +28,47 @@ ____
 
 ____
 
+Запаковка в хранилище ключей
+
+```sh
+openssl pkcs12 -export \
+-in authorization.crt \
+-inkey authorization.key \
+-out keystore.p12 \
+-name tomcat \
+-CAfile authorization-ca.crt \
+-caname root \
+-password pass:MFNX344yh4
+```
+
+📖 Расшифровка аргументов:
+
+| Параметр                        | Назначение                                                                                  |
+|---------------------------------|---------------------------------------------------------------------------------------------|
+| `openssl pkcs12`                | Утилита OpenSSL, работающая с PKCS#12 контейнерами (включают сертификаты и ключи).          |
+| `-export`                       | Указывает, что нужно экспортировать (создать) PKCS#12-файл.                                 |
+| `-in authorization.crt`         | Основной (публичный) сертификат. Это то, что выдано для твоего домена.                      |
+| `-inkey authorization.key`      | Приватный ключ, соответствующий сертификату. Нужен для использования сертификата.           |
+| `-out keystore.p12`             | Выходной файл (итоговый контейнер PKCS#12). Это будет твой `keystore`.                      |
+| `-name tomcat`                  | Алиас (имя) для ключа в хранилище. Spring Boot (и Tomcat) по умолчанию ищет alias `tomcat`. |
+| `-CAfile authorization-ca.crt`  | (Необязательно) Цепочка доверенных сертификатов (например, корневой и промежуточные CA).    |
+| `-caname root`                  | Имя для CA-сертификата (используется внутри контейнера).                                    |
+| `-password pass: XXXXXX`        | Пароль для защиты хранилища (в Spring Boot это `key-store-password`).                       |
+
+
+### Получить токен для защиты от CSRF атак
+https://istransit.kz/api/authorization/v02/get_request_token
+
+GET запрос без данных.
+
+Пример ответа:
+```json
+{
+  "ttl":600,
+  "token":"VTf8zvHKqK7QFJ0ZEyheOYAUrI7cRIbejxMzRKlMzYM"
+}
+```
+
 ### Получить список разрешений для пользователя по Access token
 https://istransit.kz/api/authorization/v02/access/
 

pom.xml

@@ -10,7 +10,7 @@
     </parent>
     <groupId>org.ccalm</groupId>
     <artifactId>jwt</artifactId>
-    <version>0.0.1-SNAPSHOT</version>
+    <version>1.0.1</version>
     <name>jwt</name>
     <description>jwt</description>
     <properties>
@@ -79,16 +79,7 @@
             <artifactId>json</artifactId>
             <version>20231013</version>
         </dependency>
-        <!--dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-api</artifactId>
-            <version>0.11.5</version>
-        </dependency-->
-        <!--dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-api</artifactId>
-            <version>0.12.6</version>
-        </dependency-->
+
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-api</artifactId>
@@ -180,6 +171,7 @@
     </dependencies>
 
     <build>
+        <finalName>org-ccalm-jwt</finalName>
         <plugins>
             <plugin>
                 <groupId>org.springframework.boot</groupId>

src/main/java/org/ccalm/jwt/GlobalExceptionHandler.java

@@ -16,7 +16,8 @@ public class GlobalExceptionHandler {
     @ExceptionHandler(NoHandlerFoundException.class)
     public ResponseEntity<ErrorResponseModel> handleNotFound(NoHandlerFoundException ex) {
         ErrorResponseModel errorResponse = new ErrorResponseModel(
-                10000 + HttpStatus.NOT_FOUND.value(),
+                HttpStatus.NOT_FOUND.value(),
+                10000,
                 "Not_Found",
                 UUID.randomUUID().toString()
         );
@@ -26,7 +27,8 @@ public class GlobalExceptionHandler {
     @ExceptionHandler(Exception.class)
     public ResponseEntity<ErrorResponseModel> handleException(Exception ex) {
         ErrorResponseModel errorResponse = new ErrorResponseModel(
-                10000 + HttpStatus.NOT_FOUND.value(),
+                HttpStatus.NOT_FOUND.value(),
+                10000,
                 "Internal_Server_Error", //Collections.singletonList("Internal_Server_Error"),
                 UUID.randomUUID().toString()
         );
@@ -36,7 +38,8 @@ public class GlobalExceptionHandler {
     @RequestMapping("/error")
     public ResponseEntity<ErrorResponseModel> handleError() {
         ErrorResponseModel errorResponse = new ErrorResponseModel(
-                10000 + HttpStatus.NOT_FOUND.value(),
+                HttpStatus.NOT_FOUND.value(),
+                10000,
                 "Unknown_error",
                 UUID.randomUUID().toString()
         );

src/main/java/org/ccalm/jwt/SecurityConfig.java

@@ -60,6 +60,8 @@ public class SecurityConfig {
                     path.equals("/reset") ||
                     path.equals("/get_session") ||
                     path.equals("/get_request_token") ||
+                    path.equals("/verification") ||
+                    path.equals("/update") ||
                     path.equals("/access");
         }
 
@@ -85,6 +87,7 @@ public class SecurityConfig {
             //Simple check
             if (jwt_a == null || !jwt_a.contains(".")) {
                 ErrorResponseModel errorResponse = new ErrorResponseModel(
+                        HttpServletResponse.SC_UNAUTHORIZED,
                         10000 + HttpServletResponse.SC_UNAUTHORIZED,
                         List.of("Please_log_in", "Please_send_a_valid_JWT_token"),
                         ""
@@ -107,6 +110,7 @@ public class SecurityConfig {
 
             if(userId==0L) {
                 ErrorResponseModel errorResponse = new ErrorResponseModel(
+                        HttpServletResponse.SC_UNAUTHORIZED,
                         10000 + HttpServletResponse.SC_UNAUTHORIZED,
                         List.of("Please_log_in"),
                         ""

src/main/java/org/ccalm/jwt/SingleLineThrowableProxyConverter.java

@@ -0,0 +1,14 @@
+package org.ccalm.jwt;
+
+import ch.qos.logback.classic.spi.IThrowableProxy;
+import ch.qos.logback.classic.spi.ThrowableProxyUtil;
+import ch.qos.logback.classic.pattern.ThrowableProxyConverter;
+
+public class SingleLineThrowableProxyConverter extends ThrowableProxyConverter {
+    @Override
+    protected String throwableProxyToString(IThrowableProxy tp) {
+        if (tp == null) return "";
+        String stackTrace = ThrowableProxyUtil.asString(tp);
+        return stackTrace.replace("\r", "").replace("\n", "\\n").replace("\t", "    ");
+    }
+}

src/main/java/org/ccalm/jwt/SpringContext.java

@@ -1,16 +1,20 @@
 package org.ccalm.jwt;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationContextAware;
 import org.springframework.stereotype.Component;
 
 @Component
 public class SpringContext implements ApplicationContextAware {
+    private static final Logger logger = LoggerFactory.getLogger(SpringContext.class);
     private static ApplicationContext context;
 
     @Override
     public void setApplicationContext(ApplicationContext applicationContext) {
         context = applicationContext;
+        logger.warn("App is start");
     }
 
     public static ApplicationContext getApplicationContext() {

src/main/java/org/ccalm/jwt/models/ErrorResponseModel.java

@@ -1,5 +1,6 @@
 package org.ccalm.jwt.models;
 
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import io.swagger.v3.oas.annotations.media.Schema;
 import org.springframework.http.HttpStatus;
@@ -7,6 +8,7 @@ import org.springframework.web.bind.annotation.ResponseStatus;
 
 import java.util.Collections;
 import java.util.List;
+import java.util.UUID;
 
 @Schema(
         description = "Error API response",
@@ -15,6 +17,9 @@ import java.util.List;
 
 public class ErrorResponseModel {
 
+    @JsonIgnore
+    private int httpCode;
+
     @Schema(description = "Error code", example = "10000")
     @JsonProperty("error_code")
     private int errorCode;
@@ -31,39 +36,51 @@ public class ErrorResponseModel {
     @JsonProperty("error_marker")
     private String errorMarker;
 
-    public ErrorResponseModel(int errorCode) {
+    public ErrorResponseModel(int httpCode, int errorCode) {
+        this.httpCode = httpCode;
         this.errorCode = errorCode;
         this.errorMessage = null;
         this.errorSetting = null;
-        this.errorMarker = null;
+        this.errorMarker = UUID.randomUUID().toString();
     }
 
-    public ErrorResponseModel(int errorCode, List<String> errorMessage, String errorMarker) {
+    public ErrorResponseModel(int httpCode, int errorCode, List<String> errorMessage, String errorMarker) {
+        this.httpCode = httpCode;
         this.errorCode = errorCode;
         this.errorMessage = errorMessage;
         this.errorMarker = errorMarker;
     }
 
-    public ErrorResponseModel(int errorCode, String errorMessage, String errorMarker) {
+    public ErrorResponseModel(int httpCode, int errorCode, String errorMessage, String errorMarker) {
+        this.httpCode = httpCode;
         this.errorCode = errorCode;
         this.errorMessage = Collections.singletonList(errorMessage);
         this.errorMarker = errorMarker;
     }
 
-    public ErrorResponseModel(int errorCode, String errorMessage, String errorSetting, String errorMarker) {
+    public ErrorResponseModel(int httpCode, int errorCode, String errorMessage, String errorSetting, String errorMarker) {
+        this.httpCode = httpCode;
         this.errorCode = errorCode;
         this.errorMessage = Collections.singletonList(errorMessage);
         this.errorSetting = Collections.singletonList(errorSetting);
         this.errorMarker = errorMarker;
     }
 
-    public ErrorResponseModel(int errorCode, List<String> errorMessage, List<String> errorSetting, String errorMarker) {
+    public ErrorResponseModel(int httpCode, int errorCode, List<String> errorMessage, List<String> errorSetting, String errorMarker) {
+        this.httpCode = httpCode;
         this.errorCode = errorCode;
         this.errorMessage = errorMessage;
         this.errorSetting = errorSetting;
         this.errorMarker = errorMarker;
     }
 
+    public int getHttp_code() {
+        return httpCode;
+    }
+    public void setHttp_code(int errorCode) {
+        this.httpCode = httpCode;
+    }
+
     public int getError_code() {
         return errorCode;
     }

src/main/java/org/ccalm/jwt/models/NewUserModel.java

@@ -31,6 +31,10 @@ public class NewUserModel {
     private String code;
     @JsonProperty("token")
     private String token;
+
+    @JsonProperty("password")
+    private String password;
+
 /*
     public String getCountry() {
         if(country==null) return "";

src/main/java/org/ccalm/jwt/models/VerificationModel.java

@@ -0,0 +1,20 @@
+package org.ccalm.jwt.models;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+public class VerificationModel {
+    @JsonProperty("email")
+    private String email;
+    @JsonProperty("code")
+    private String code;
+    @JsonProperty("token")
+    private String token;
+}

src/main/java/org/ccalm/jwt/tools/CustomException.java

@@ -19,30 +19,34 @@ public class CustomException extends Exception {
     @Getter
     private boolean saveToLog = false;
 
-    public CustomException(int errorCode, String errorMessage, String marker, boolean saveToLog) {
+    public CustomException(int httpCode, int errorCode, String errorMessage, String marker, boolean saveToLog) {
         super(errorMessage);
-        error = new ErrorResponseModel(errorCode, errorMessage, marker);
+        error = new ErrorResponseModel(httpCode, errorCode, errorMessage, marker);
         this.saveToLog = saveToLog;
     }
 
-    public CustomException(int errorCode, String errorMessage, String errorSetting, String marker, boolean saveToLog) {
+    public CustomException(int httpCode, int errorCode, String errorMessage, String errorSetting, String marker, boolean saveToLog) {
         super(errorMessage);
-        error = new ErrorResponseModel(errorCode, errorMessage, errorSetting, marker);
+        error = new ErrorResponseModel(httpCode, errorCode, errorMessage, errorSetting, marker);
         this.saveToLog = saveToLog;
     }
 
-    public CustomException(int errorCode, List<String> errorMessages, String marker, boolean saveToLog) {
+    public CustomException(int httpCode, int errorCode, List<String> errorMessages, String marker, boolean saveToLog) {
         super(String.join(" ", errorMessages));
-        error = new ErrorResponseModel(errorCode, errorMessages, marker);
+        error = new ErrorResponseModel(httpCode, errorCode, errorMessages, marker);
         this.saveToLog = saveToLog;
     }
 
-    public CustomException(int errorCode, List<String> errorMessages, List<String> errorSettings, String marker, boolean saveToLog) {
+    public CustomException(int httpCode, int errorCode, List<String> errorMessages, List<String> errorSettings, String marker, boolean saveToLog) {
         super(String.join(" ", errorMessages));
-        error = new ErrorResponseModel(errorCode, errorMessages, errorSettings, marker);
+        error = new ErrorResponseModel(httpCode, errorCode, errorMessages, errorSettings, marker);
         this.saveToLog = saveToLog;
     }
 
+    public int getHttpCode() {
+        return error.getHttp_code();
+    }
+
     public int getErrorCode() {
         return error.getError_code();
     }

src/main/resources/logback-spring.xml

@@ -1,17 +1,17 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
 
+    <conversionRule conversionWord="exOneLine" converterClass="org.ccalm.jwt.SingleLineThrowableProxyConverter"/>
 
-
-
-    <!-- Please check if the user has access to the directory from which the application is being executed -->
     <property name="LOGS" value="logs" />
     <springProperty scope="context" name="appName" source="spring.application.name"/>
 
     <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
         <file>${LOGS}/${appName}.log</file>
         <encoder>
-            <pattern>{"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}","thread":"[%thread]","level":"%level","logger":"%logger{36}","marker":"%X{marker}","message":"%msg"}%n</pattern>
+            <pattern>
+                {"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}","thread":"[%thread]","level":"%level","logger":"%logger{36}","marker":"%marker","message":"%msg","exception":"%exOneLine"}%n
+            </pattern>
         </encoder>
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
             <fileNamePattern>${LOGS}/${appName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
@@ -24,15 +24,16 @@
 
     <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
         <encoder>
-            <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'} | %level | %logger{36} | %X{marker} | %msg%n</pattern>
+            <pattern>
+                %d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'} | %level | %logger{36} | %marker | %msg%n
+            </pattern>
         </encoder>
     </appender>
 
-    <root level="info">
     <!--root level="warn"-->
+    <root level="info">
         <appender-ref ref="FILE" />
         <appender-ref ref="CONSOLE" />
     </root>
 
-
 </configuration>