Throyer
diff --git a/‎src/main/java/com/github/throyer/common/springboot/configurations/SpringSecurityConfiguration.java
Lines changed: 6 additions & 16 deletions b/‎src/main/java/com/github/throyer/common/springboot/configurations/SpringSecurityConfiguration.java
Lines changed: 6 additions & 16 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/controllers/app/RecoveryController.java
Lines changed: 2 additions & 2 deletions b/‎src/main/java/com/github/throyer/common/springboot/controllers/app/RecoveryController.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/controllers/app/RegisterController.java
Lines changed: 2 additions & 2 deletions b/‎src/main/java/com/github/throyer/common/springboot/controllers/app/RegisterController.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/controllers/app/UserController.java
Lines changed: 2 additions & 2 deletions b/‎src/main/java/com/github/throyer/common/springboot/controllers/app/UserController.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/mail/exceptions/EmailNotUniqueException.java
Lines changed: 7 additions & 7 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/mail/exceptions/EmailNotUniqueException.java
Lines changed: 7 additions & 7 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/mail/exceptions/EmailValidations.java
Lines changed: 2 additions & 2 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/mail/exceptions/EmailValidations.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/CreateTokenService.java
Lines changed: 21 additions & 14 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/CreateTokenService.java
Lines changed: 21 additions & 14 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/JsonWebToken.java
Lines changed: 7 additions & 11 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/JsonWebToken.java
Lines changed: 7 additions & 11 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/RefreshTokenService.java
Lines changed: 21 additions & 14 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/RefreshTokenService.java
Lines changed: 21 additions & 14 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/SessionService.java
Lines changed: 12 additions & 8 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/session/service/SessionService.java
Lines changed: 12 additions & 8 deletions
@@ -1,23 +1,7 @@
 package com.github.throyer.common.springboot.configurations;
 
-import static com.github.throyer.common.springboot.errors.ValidationHandlers.forbidden;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.ACESSO_NEGADO_URL;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.DAY_MILLISECONDS;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.HOME_URL;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.LOGIN_ERROR_URL;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.LOGIN_URL;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.LOGOUT_URL;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.PASSWORD_PARAMETER;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.SESSION_COOKIE_NAME;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.STATIC_FILES;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.USERNAME_PARAMETER;
-import static org.springframework.http.HttpMethod.GET;
-import static org.springframework.http.HttpMethod.POST;
-import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
-
 import com.github.throyer.common.springboot.domain.session.service.SessionService;
 import com.github.throyer.common.springboot.middlewares.AuthorizationMiddleware;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
@@ -36,6 +20,12 @@
 import org.springframework.stereotype.Component;
 import org.springframework.web.cors.CorsConfiguration;
 
+import static com.github.throyer.common.springboot.utils.Constants.SECURITY.*;
+import static com.github.throyer.common.springboot.utils.Responses.forbidden;
+import static org.springframework.http.HttpMethod.GET;
+import static org.springframework.http.HttpMethod.POST;
+import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
+
 @Component
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 
@@ -8,8 +8,8 @@
 import com.github.throyer.common.springboot.domain.recovery.model.Codes;
 import com.github.throyer.common.springboot.domain.recovery.model.RecoveryRequest;
 import com.github.throyer.common.springboot.domain.recovery.model.Update;
-import com.github.throyer.common.springboot.domain.shared.Type;
-import com.github.throyer.common.springboot.utils.Toasts;
+import com.github.throyer.common.springboot.domain.toast.Type;
+import com.github.throyer.common.springboot.domain.toast.Toasts;
 
 import javax.validation.Valid;
 
 
@@ -1,11 +1,11 @@
 package com.github.throyer.common.springboot.controllers.app;
 
-import static com.github.throyer.common.springboot.domain.shared.Type.SUCCESS;
+import static com.github.throyer.common.springboot.domain.toast.Type.SUCCESS;
 import static com.github.throyer.common.springboot.utils.Responses.validateAndUpdateModel;
 
 import com.github.throyer.common.springboot.domain.user.model.CreateUserProps;
 import com.github.throyer.common.springboot.domain.user.service.CreateUserService;
-import com.github.throyer.common.springboot.utils.Toasts;
+import com.github.throyer.common.springboot.domain.toast.Toasts;
 
 import javax.validation.Valid;
 
 
@@ -1,9 +1,9 @@
 package com.github.throyer.common.springboot.controllers.app;
 
-import com.github.throyer.common.springboot.domain.shared.Type;
+import com.github.throyer.common.springboot.domain.toast.Type;
 import com.github.throyer.common.springboot.domain.user.service.FindUserService;
 import com.github.throyer.common.springboot.domain.user.service.RemoveUserService;
-import com.github.throyer.common.springboot.utils.Toasts;
+import com.github.throyer.common.springboot.domain.toast.Toasts;
 import java.util.Optional;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 
@@ -1,35 +1,35 @@
 package com.github.throyer.common.springboot.domain.mail.exceptions;
 
-import com.github.throyer.common.springboot.domain.shared.SimpleError;
+import com.github.throyer.common.springboot.errors.Error;
 import java.util.List;
 
 public class EmailNotUniqueException extends RuntimeException {
 
     private static final long serialVersionUID = 1L;
 
-    private List<SimpleError> errors;
+    private List<Error> errors;
 
-    public EmailNotUniqueException(List<SimpleError> errors) {
+    public EmailNotUniqueException(List<Error> errors) {
         super();
         this.errors = errors;
     }
 
-    public EmailNotUniqueException(String message, List<SimpleError> errors) {
+    public EmailNotUniqueException(String message, List<Error> errors) {
         super(message);
         this.errors = errors;
     }
 
-    public EmailNotUniqueException(String message, Throwable cause, List<SimpleError> errors) {
+    public EmailNotUniqueException(String message, Throwable cause, List<Error> errors) {
         super(message, cause);
         this.errors = errors;
     }
 
-    public EmailNotUniqueException(Throwable cause, List<SimpleError> errors) {
+    public EmailNotUniqueException(Throwable cause, List<Error> errors) {
         super(cause);
         this.errors = errors;
     }
 
-    public List<SimpleError> getErrors() {
+    public List<Error> getErrors() {
         return errors;
     }
 
 
@@ -9,7 +9,7 @@
 import org.springframework.validation.BindingResult;
 import org.springframework.validation.ObjectError;
 import com.github.throyer.common.springboot.domain.management.model.Addressable;
-import com.github.throyer.common.springboot.domain.shared.SimpleError;
+import com.github.throyer.common.springboot.errors.Error;
 
 @Component
 public class EmailValidations {
@@ -19,7 +19,7 @@ public class EmailValidations {
     private static String FIELD = "email";
     private static String MESSAGE = "This email has already been used by another user. Please use a different email.";
 
-    private static final List<SimpleError> EMAIL_ERROR = List.of(new SimpleError(FIELD, MESSAGE));
+    private static final List<Error> EMAIL_ERROR = List.of(new Error(FIELD, MESSAGE));
 
     @Autowired
     public EmailValidations(UserRepository repository) {
 
@@ -7,9 +7,8 @@
 import com.github.throyer.common.springboot.domain.session.repository.RefreshTokenRepository;
 import com.github.throyer.common.springboot.domain.session.model.TokenRequest;
 import com.github.throyer.common.springboot.domain.session.model.TokenResponse;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.CREATE_SESSION_ERROR_MESSAGE;
 
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.JWT;
+import static com.github.throyer.common.springboot.utils.Constants.SECURITY.*;
 import static com.github.throyer.common.springboot.utils.Responses.forbidden;
 
 import java.time.LocalDateTime;
@@ -20,21 +19,29 @@
 
 @Service
 public class CreateTokenService {
-    
-    @Value("${token.secret}")
-    private String TOKEN_SECRET;
 
-    @Value("${token.expiration-in-hours}")
-    private Integer TOKEN_EXPIRATION_IN_HOURS;
+    private final String TOKEN_SECRET;
+    private final Integer TOKEN_EXPIRATION_IN_HOURS;
+    private final Integer REFRESH_TOKEN_EXPIRATION_IN_DAYS;
+
+    private final RefreshTokenRepository refreshTokenRepository;
+    private final UserRepository userRepository;
 
-    @Value("${token.refresh.expiration-in-days}")
-    private Integer REFRESH_TOKEN_EXPIRATION_IN_DAYS;
-    
-    @Autowired
-    private RefreshTokenRepository refreshTokenRepository;
     @Autowired
-    private UserRepository userRepository;
-    
+    public CreateTokenService(
+        @Value(TOKEN_SECRET_ENV_PROPERTY) String tokenSecret,
+        @Value(EXPIRATION_TOKEN_ENV_PROPERTY) Integer tokenExpirationInHours,
+        @Value(REFRESH_TOKEN_ENV_PROPERTY) Integer refreshTokenExpirationInDays,
+        RefreshTokenRepository refreshTokenRepository,
+        UserRepository userRepository
+    ) {
+        this.TOKEN_SECRET = tokenSecret;
+        this.TOKEN_EXPIRATION_IN_HOURS = tokenExpirationInHours;
+        this.REFRESH_TOKEN_EXPIRATION_IN_DAYS = refreshTokenExpirationInDays;
+        this.refreshTokenRepository = refreshTokenRepository;
+        this.userRepository = userRepository;
+    }
+
     public TokenResponse create(TokenRequest request) {
         var user = userRepository.findOptionalByEmailFetchRoles(request.getEmail())
             .filter(session -> session.validatePassword(request.getPassword()))
 
@@ -13,24 +13,24 @@
 import com.github.throyer.common.springboot.domain.session.model.Authorized;
 
 import io.jsonwebtoken.Jwts;
+
+import static com.github.throyer.common.springboot.utils.Constants.SECURITY.ROLES_KEY_ON_JWT;
 import static io.jsonwebtoken.SignatureAlgorithm.HS256;
+import static java.time.ZoneId.systemDefault;
 import static java.util.Arrays.stream;
+import static java.util.Date.from;
 
 
 public class JsonWebToken {
-
-    public static final String ROLES_KEY_ON_JWT = "roles";
-
     public String encode(User user, LocalDateTime expiration, String secret) {
-        var roles = user.getRoles().stream().map(role -> role.getAuthority()).toList();
+        var roles = user.getRoles().stream().map(Role::getAuthority).toList();
         return encode(user.getId(), roles, expiration, secret);
     }
 
     public String encode(UserDetails user, LocalDateTime expiration, String secret) {
         return encode(user.getId(), user.getRoles(), expiration, secret);
     }
 
-
     public String encode(
         Long id,
         List<String> authorities,
@@ -39,12 +39,8 @@ public String encode(
     ) {
         return Jwts.builder()
             .setSubject(id.toString())
-            .claim(ROLES_KEY_ON_JWT, authorities
-                .stream()                
-                .collect(Collectors.joining(",")))
-            .setExpiration(Date.from(expiration
-                .atZone(ZoneId.systemDefault())
-                .toInstant()))
+            .claim(ROLES_KEY_ON_JWT, String.join(",", authorities))
+            .setExpiration(from(expiration.atZone(systemDefault()).toInstant()))
             .signWith(HS256, secret)
             .compact();
     }
 
@@ -4,36 +4,43 @@
 import com.github.throyer.common.springboot.domain.session.model.RefreshTokenRequest;
 import com.github.throyer.common.springboot.domain.session.model.RefreshTokenResponse;
 import com.github.throyer.common.springboot.domain.session.repository.RefreshTokenRepository;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.JWT;
+
+import static com.github.throyer.common.springboot.utils.Constants.SECURITY.*;
 import static com.github.throyer.common.springboot.utils.Responses.forbidden;
+import static java.time.LocalDateTime.now;
+
 import java.time.LocalDateTime;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
 @Service
 public class RefreshTokenService {
+    private final String TOKEN_SECRET;
+    private final Integer TOKEN_EXPIRATION_IN_HOURS;
+    private final Integer REFRESH_TOKEN_EXPIRATION_IN_DAYS;
 
-    public static final String REFRESH_SESSION_ERROR_MESSAGE = "Refresh token expirado ou inválido.";
-
-    @Value("${token.secret}")
-    private String TOKEN_SECRET;
-
-    @Value("${token.expiration-in-hours}")
-    private Integer TOKEN_EXPIRATION_IN_HOURS;
-
-    @Value("${token.refresh.expiration-in-days}")
-    private Integer REFRESH_TOKEN_EXPIRATION_IN_DAYS;
+    private final RefreshTokenRepository refreshTokenRepository;
 
     @Autowired
-    private RefreshTokenRepository refreshTokenRepository;
+    public RefreshTokenService(
+        @Value(TOKEN_SECRET_ENV_PROPERTY) String tokenSecret,
+        @Value(EXPIRATION_TOKEN_ENV_PROPERTY) Integer tokenExpirationInHours,
+        @Value(REFRESH_TOKEN_ENV_PROPERTY) Integer refreshTokenExpirationInDays,
+        RefreshTokenRepository refreshTokenRepository
+    ) {
+        this.TOKEN_SECRET = tokenSecret;
+        this.TOKEN_EXPIRATION_IN_HOURS = tokenExpirationInHours;
+        this.REFRESH_TOKEN_EXPIRATION_IN_DAYS = refreshTokenExpirationInDays;
+        this.refreshTokenRepository = refreshTokenRepository;
+    }
 
     public RefreshTokenResponse refresh(RefreshTokenRequest request) {
         var old = refreshTokenRepository.findOptionalByCodeAndAvailableIsTrue(request.getRefresh())
-            .filter(token -> token.nonExpired())
+            .filter(RefreshToken::nonExpired)
                 .orElseThrow(() -> forbidden(REFRESH_SESSION_ERROR_MESSAGE));
 
-        var now = LocalDateTime.now();
+        var now = now();
         var expiresIn = now.plusHours(TOKEN_EXPIRATION_IN_HOURS);
         var token = JWT.encode(old.getUser(), expiresIn, TOKEN_SECRET);
 
 
@@ -2,11 +2,14 @@
 
 import com.github.throyer.common.springboot.domain.user.repository.UserRepository;
 import com.github.throyer.common.springboot.domain.session.model.Authorized;
-import static com.github.throyer.common.springboot.utils.Constants.SECURITY.JWT;
+
+import static com.github.throyer.common.springboot.utils.Constants.SECURITY.*;
 import static java.util.Objects.nonNull;
 import java.util.Optional;
 import static java.util.Optional.empty;
 import static java.util.Optional.of;
+import static java.util.logging.Level.WARNING;
+
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -19,17 +22,18 @@
 
 @Service
 public class SessionService implements UserDetailsService {
-
-    @Autowired
-    UserRepository repository;
     private static final Logger LOGGER = Logger.getLogger(SessionService.class.getName());
-    
-    public static final String INVALID_USERNAME = "Invalid user name.";
+
+    private final UserRepository repository;
 
     private static String SECRET;
 
-    public SessionService(@Value("${token.secret}") String secret) {
+    public SessionService(
+        @Value(TOKEN_SECRET_ENV_PROPERTY) String secret,
+        UserRepository repository
+    ) {
         SessionService.SECRET = secret;
+        this.repository = repository;
     }
 
     @Override
@@ -47,7 +51,7 @@ public static void authorize(String token) {
                     .getContext()
                     .setAuthentication(authorized.getAuthentication());
         } catch (Exception exception) {
-            LOGGER.log(Level.WARNING, "Token expired or invalid");
+            LOGGER.log(WARNING, TOKEN_EXPIRED_MESSAGE);
         }
     }