From 173663d935fe91ef5b84c68327ddffce6d5e1c5b Mon Sep 17 00:00:00 2001 From: Wasiullah Khan Jadoon Date: Fri, 12 Dec 2025 16:15:16 +0500 Subject: [PATCH] security module- login screen --- .../configuration/constant/AconnectURI.java | 1 + .../constant/TokenBypassURI.java | 1 + .../configuration/service/JwtService.java | 3 ++- econnect/pom.xml | 6 ++--- .../client/service/TransactionService.java | 25 +++++++++---------- .../main/resources/application-dev.properties | 2 +- .../resources/application-live.properties | 2 +- .../resources/application-test.properties | 2 +- .../main/resources/application-uat.properties | 2 +- .../src/main/resources/application.properties | 2 +- 10 files changed, 24 insertions(+), 22 deletions(-) diff --git a/common/src/main/java/com/mfsys/common/configuration/constant/AconnectURI.java b/common/src/main/java/com/mfsys/common/configuration/constant/AconnectURI.java index 2cc905b..3f9cde0 100644 --- a/common/src/main/java/com/mfsys/common/configuration/constant/AconnectURI.java +++ b/common/src/main/java/com/mfsys/common/configuration/constant/AconnectURI.java @@ -1,6 +1,7 @@ package com.mfsys.common.configuration.constant; public interface AconnectURI { + String ACONNECT = "/aconnect"; String REFRESH_TOKEN = "/refreshtoken"; String DEPOSIT = "/deposit"; String GENERALLEDGER = "/generalledger"; diff --git a/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java b/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java index f1a61e1..669355b 100644 --- a/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java +++ b/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java @@ -6,6 +6,7 @@ import java.util.List; public interface TokenBypassURI { List URIs = new ArrayList(Arrays.asList( + "/aconnect/authentication/login", "/aconnect/signin", "/aconnect/transactions/accounttogl", "/aconnect/account/miscDetails", diff --git a/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java b/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java index 83eca6e..dc8ad2f 100644 --- a/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java +++ b/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java @@ -8,6 +8,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import javax.crypto.SecretKey; +import java.nio.charset.StandardCharsets; import java.security.Key; import java.time.Instant; import java.util.Date; @@ -91,7 +92,7 @@ public class JwtService { } private Key getSigningKey() { - byte[] keyBytes = secret.getBytes(); + byte[] keyBytes = secret.getBytes(StandardCharsets.UTF_8); return Keys.hmacShaKeyFor(keyBytes); } } diff --git a/econnect/pom.xml b/econnect/pom.xml index 13b9db9..55c2a0c 100644 --- a/econnect/pom.xml +++ b/econnect/pom.xml @@ -88,18 +88,18 @@ io.jsonwebtoken jjwt-api - 0.12.3 + 0.12.6 io.jsonwebtoken jjwt-impl - 0.12.3 + 0.12.6 runtime io.jsonwebtoken jjwt-jackson - 0.12.3 + 0.12.6 runtime diff --git a/econnect/src/main/java/com/mfsys/aconnect/client/service/TransactionService.java b/econnect/src/main/java/com/mfsys/aconnect/client/service/TransactionService.java index 3a468bb..85aa339 100644 --- a/econnect/src/main/java/com/mfsys/aconnect/client/service/TransactionService.java +++ b/econnect/src/main/java/com/mfsys/aconnect/client/service/TransactionService.java @@ -13,8 +13,7 @@ import org.springframework.http.HttpHeaders; import java.time.LocalDate; import java.util.Map; - -import static com.mfsys.common.configuration.constant.AconnectURI.DEPOSIT_CIIHIVE_ACCOUNT_MISCELLANEOUS_DETAILS_URI; +import static com.mfsys.common.configuration.constant.AconnectURI.*; @Service @@ -59,7 +58,7 @@ public class TransactionService { } String porOrgacode = accountGLTransactionRequest.getPorOrgacode(); - String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions/accounttogls"; + String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT + "/accounttogls"; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); @@ -90,7 +89,7 @@ public class TransactionService { .body("Credit and Debit amounts must be equal"); } String porOrgacode = gLtoGLRequest.getPorOrgacode(); - String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions/gltogls"; + String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT +"/gltogls"; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); headers.set("POR_ORGACODE", porOrgacode); @@ -111,7 +110,7 @@ public class TransactionService { } public Object processDepositAuthTransaction(DepositAuthorizationRequest authorizationRequest, String tokenHeader) { String porOrgacode = authorizationRequest.getPorOrgacode(); - String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions/authorizations"; + String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT + "/authorizations"; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); headers.set("POR_ORGACODE", porOrgacode); @@ -158,7 +157,7 @@ public class TransactionService { String porOrgacode = reversalRequest.getPorOrgacode(); String nodeID = reversalRequest.getNodeId(); String sgtGntrtranlink = reversalRequest.getSgtGntrtranlink(); - String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions/reversals/nodes/" + nodeID + "/trannums/" + sgtGntrtranlink; + String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT + "/reversals/nodes/" + nodeID + "/trannums/" + sgtGntrtranlink; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); headers.set("POR_ORGACODE", porOrgacode); @@ -183,7 +182,7 @@ public class TransactionService { String nodeID = reversalRequest.getNodeId(); String sgtGntrtranlink = reversalRequest.getSgtGntrtranlink(); - String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions/reversals/nodes/" + nodeID + "/trannums/" + sgtGntrtranlink; + String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions"+ ACONNECT +"/reversals/nodes/" + nodeID + "/trannums/" + sgtGntrtranlink; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); headers.set("POR_ORGACODE", porOrgacode); @@ -205,7 +204,7 @@ public class TransactionService { public Object processDepositRejectionTransaction(DepositRejectDTO rejectRequest, String tokenHeader) { String porOrgacode = rejectRequest.getPorOrgacode(); - String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions/rejection"; + String url = depositURI + "/deposit/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT +"/rejection"; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); headers.set("POR_ORGACODE", porOrgacode); @@ -227,7 +226,7 @@ public class TransactionService { public Object processGLRejectionTransaction(DepositRejectDTO rejectRequest, String tokenHeader) { String porOrgacode = rejectRequest.getPorOrgacode(); - String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions/rejection"; + String url = generalledgerURI + "/generalledger/" + "/organizations/" + porOrgacode + "/transactions" + ACONNECT +"/rejection"; HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", tokenHeader); headers.set("POR_ORGACODE", porOrgacode); @@ -248,8 +247,8 @@ public class TransactionService { } public Object processDepositCancellationTransaction(DepositCancellationDTO depositCancellationDTO, String tokenHeader) { String porOrgacode = depositCancellationDTO.getPorOrgacode(); - String url = depositURI + "/deposit/" + "/organizations/" + depositCancellationDTO.getPorOrgacode() + - "/transactions/cancel/nodes/" + depositCancellationDTO.getNodeId() + + String url = depositURI + "/deposit" + "/organizations/" + depositCancellationDTO.getPorOrgacode() + + "/transactions" + ACONNECT + "/cancel/nodes/" + depositCancellationDTO.getNodeId() + "/trannums/" + depositCancellationDTO.getSgtGntrtranlink(); HttpHeaders headers = new HttpHeaders(); @@ -273,8 +272,8 @@ public class TransactionService { public Object processGLCancellationTransaction(GLCancellationDTO glCancellationDTO, String tokenHeader) { String porOrgacode = glCancellationDTO.getPorOrgacode(); - String url = generalledgerURI + "/generalledger/" + "/organizations/" + glCancellationDTO.getPorOrgacode() + - "/transactions/cancel/nodes/" + glCancellationDTO.getNodeId() + + String url = generalledgerURI + GENERALLEDGER + "/organizations/" + glCancellationDTO.getPorOrgacode() + + "/transactions" + ACONNECT + "/cancel/nodes/" + glCancellationDTO.getNodeId() + "/trannums/" + glCancellationDTO.getSgtGntrtranlink(); HttpHeaders headers = new HttpHeaders(); diff --git a/econnect/src/main/resources/application-dev.properties b/econnect/src/main/resources/application-dev.properties index 02b1c3f..361bf69 100644 --- a/econnect/src/main/resources/application-dev.properties +++ b/econnect/src/main/resources/application-dev.properties @@ -15,7 +15,7 @@ spring.jpa.properties.hibernate.connection.useUnicode=true spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect spring.jpa.hibernate.ddl-auto=update -jwt.secret = mySecretKey123456789012345678901234567890 +jwt.secret = D1kD4fP8wQ2zL6hM9sR3vX7yU0tJ5nB2cV8pG4qW6eY1iK3oA9uH7jN2mZ5xT9bS4rF0lP3dQ8wE1 jwt.expiration = 86400000 jwt.refresh-expiration= 604800000 diff --git a/econnect/src/main/resources/application-live.properties b/econnect/src/main/resources/application-live.properties index 7768e2b..bf33848 100644 --- a/econnect/src/main/resources/application-live.properties +++ b/econnect/src/main/resources/application-live.properties @@ -15,7 +15,7 @@ spring.jpa.properties.hibernate.connection.useUnicode=true spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect spring.jpa.hibernate.ddl-auto=update -jwt.secret = mySecretKey123456789012345678901234567890 +jwt.secret = D1kD4fP8wQ2zL6hM9sR3vX7yU0tJ5nB2cV8pG4qW6eY1iK3oA9uH7jN2mZ5xT9bS4rF0lP3dQ8wE1 jwt.expiration = 86400000 jwt.refresh-expiration= 604800000 diff --git a/econnect/src/main/resources/application-test.properties b/econnect/src/main/resources/application-test.properties index 4682fe1..3c4b464 100644 --- a/econnect/src/main/resources/application-test.properties +++ b/econnect/src/main/resources/application-test.properties @@ -15,7 +15,7 @@ spring.jpa.properties.hibernate.connection.useUnicode=true spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect spring.jpa.hibernate.ddl-auto=update -jwt.secret = mySecretKey123456789012345678901234567890 +jwt.secret = D1kD4fP8wQ2zL6hM9sR3vX7yU0tJ5nB2cV8pG4qW6eY1iK3oA9uH7jN2mZ5xT9bS4rF0lP3dQ8wE1 jwt.expiration = 86400000 jwt.refresh-expiration= 604800000 diff --git a/econnect/src/main/resources/application-uat.properties b/econnect/src/main/resources/application-uat.properties index 636d9c7..989ff94 100644 --- a/econnect/src/main/resources/application-uat.properties +++ b/econnect/src/main/resources/application-uat.properties @@ -15,7 +15,7 @@ spring.jpa.properties.hibernate.connection.useUnicode=true spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect spring.jpa.hibernate.ddl-auto=update -jwt.secret = mySecretKey123456789012345678901234567890 +jwt.secret = D1kD4fP8wQ2zL6hM9sR3vX7yU0tJ5nB2cV8pG4qW6eY1iK3oA9uH7jN2mZ5xT9bS4rF0lP3dQ8wE1 jwt.expiration = 86400000 jwt.refresh-expiration= 604800000 diff --git a/econnect/src/main/resources/application.properties b/econnect/src/main/resources/application.properties index 9e1e3fc..ec0591c 100644 --- a/econnect/src/main/resources/application.properties +++ b/econnect/src/main/resources/application.properties @@ -15,7 +15,7 @@ spring.jpa.properties.hibernate.connection.useUnicode=true spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect spring.jpa.hibernate.ddl-auto=update -jwt.secret = mySecretKey123456789012345678901234567890 +jwt.secret = D1kD4fP8wQ2zL6hM9sR3vX7yU0tJ5nB2cV8pG4qW6eY1iK3oA9uH7jN2mZ5xT9bS4rF0lP3dQ8wE1 jwt.expiration = 86400000 jwt.refresh-expiration= 604800000 -- 2.32.0