Improved: Update method calls to comply with modified JWT validation methods.
diff --git a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
index accf708..5b6fc31 100644
--- a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
+++ b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/resources/AuthenticationResource.java
@@ -105,7 +105,7 @@
Delegator delegator = (Delegator) servletContext.getAttribute("delegator");
httpRequest.setAttribute("delegator", delegator);
httpRequest.setAttribute("dispatcher", delegator);
- Map<String, Object> claims = JWTManager.validateRefreshToken(refreshToken, JWTManager.getJWTKey(delegator));
+ Map<String, Object> claims = JWTManager.validateRefreshToken(delegator, refreshToken);
// Fetch delegator, dispatcher, and userLogin
if (claims.containsKey("errorMessage")) {
diff --git a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
index 2260f1f..e0b4259 100644
--- a/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
+++ b/rest-api/src/main/java/org/apache/ofbiz/ws/rs/security/auth/APIAuthFilter.java
@@ -98,7 +98,7 @@
return;
}
String jwtToken = JWTManager.getHeaderAuthBearerToken(httpRequest);
- Map<String, Object> claims = JWTManager.validateToken(jwtToken, JWTManager.getJWTKey(delegator));
+ Map<String, Object> claims = JWTManager.validateToken(delegator, jwtToken);
if (claims.containsKey(ModelService.ERROR_MESSAGE)) {
abortWithUnauthorized(requestContext, true, "Unauthorized: " + (String) claims.get(ModelService.ERROR_MESSAGE));
} else {
