class cannot be cast to class(Refresh token login part spring)

See also questions close to this topic

• Read each name in Array list to create seperate object for

  I have a file that has student names, age, and an id number. I have a student class that holds the everything above for each student object. I stored all the names, id numbers. and age separately in an array list. Now im trying to assign the info to create a student object.

  public class Student {
      private String lName;
      private int idNumber;
      private int age;
  
      public Student() {
          lName = "";
          idNumber = 0;
          age = 0;
      }
      public Student(String l, int i, int a) {
          lName = l;
          idNumber = i;
          age = a;
      }
  
      public void setName(String last) {
          lName = last;
      }
  
      public String getName() {
          return lName;
      }
  
      public void setIdNum(int num) {
          idNumber = num;
      }
  
      public int getIdNum() {
          return idNumber;
      }
  
      public void setAge(int a) {
          age = a;
      }
  
      public int getAge() {
          return age;
      }
  }
  

  My Text File looks something like this: This info is stored in parallel array lists. I don't quite get how to implement this into an object to pass it into my second contractor method.

    Josh          2134         19
    Smith         5256         21
    Rogers        9248         19
    Andrew        7742         20
  

  Here's what I've tried;

  public static void main(String[] args) {
      String file = "studentData.txt";
      Scanner reader = new Scanner(file);
  
      ArrayList<String> lastNames = lNames(file);
      ArrayList<Integer> idNumbers = idNum(file);
      ArrayList<Integer> ageList = ages(file);
  
      Scanner input = new Scanner(System.in);
  
      Student s1 = new Student();
  
      // confused about how to implement this constructor with the textile info
      for (int i = 0; i<idNumbers.size(); i++) {
          Student user = new Student(lastNames.get(i), idNumbers.get(i), ageList.get(i));
      }
  
      //user enters idNumber to display age
      System.out.println("Enter ID Number"); //exception handling to be added
      int idNum = input.nextInt();
  
      for (int i = 0; i<idNumbers.size(); i++) {
          if (idNum == idNumbers.get(i)) {
              s1.setAge(ageList.get(i));
              System.out.println(s1.getAge());
  
          }
      }
  }
  
• Using EdittextPreference for Goto search

  sorry for my poor English. I want to use EditTextPreference in my bottom nav like the pic below, ![screenshot][1]

  I have recycleview xml in my project with in many sub cardview layouts(which is scrollable) and I want to create item in the bottom nav which is called "Goto". When the "Goto" item is clicked i want it to pop-up like the screenshot. And when user enters a number(according to the cardviews i.e if the number of cardview is 40 user must enter 1-40) I want to search the cardview by its ID. Thank you and I hope u got it, If u have any questions let me know [1]: https://i.stack.imgur.com/grK8P.jpg

  My xml format look like this. As you see in the blow since the cardviews are huge in number it is not cool to scroll all the way down that is why i need Goto item in the bottom nav to search it by its ID when the user click number in the EditTextPreference as u see in the screenshot. i.e The screenshot is not from my app

  <LinearLayout>
   <LinearLayout>
    <androidx.cardview.widget.CardView>
      <RealtiveLayout>
         <Textview/>
      <RealtiveLayout>
   </androidx.cardview.widget.CardView>
   </LinearLayout>
  
   <LinearLayout>
    <androidx.cardview.widget.CardView>
      <RealtiveLayout>
         <Textview/>
      <RealtiveLayout>
   </androidx.cardview.widget.CardView>
   </LinearLayout>
  
  <LinearLayout>
    <androidx.cardview.widget.CardView>
      <RealtiveLayout>
         <Textview/>
      <RealtiveLayout>
   </androidx.cardview.widget.CardView>
   </LinearLayout>
  
    <LinearLayout>
    <androidx.cardview.widget.CardView>
      <RealtiveLayout>
         <Textview/>
      <RealtiveLayout>
   </androidx.cardview.widget.CardView>
   </LinearLayout>
   
    ..
    ..
  
    ..
    ..
    many more..
  
• How to get remaining time of the day in java?

  I would like to calculate the time remaining for next day 00:00:00 from the current date time.

  For e.g. time difference between 2022-05-07T05:49:41.883807900Z and 2022-05-08T00:00:00Z

  Expected answer: 18:10:19 or 65419 (in seconds).

  How can I achieve this with efficiently using java 8?
• Hibernate handles id assigning instead of database

  I have an auto-increment PK in a table and I want hibernate to handle id assigning instead of database. As my understanding the @GeneratedValue(strategy = GenerationType.IDENTITY) lets the database generate a new value with each insertion operation. So do we have any different solution to handle it?
• How can I delete a row by its SKU instead of its ID?

  I try to delete the row using the sku of the product. I'm using spring boot and angular. I got an error when I added the sku on my button like this one (click)="onDeleteProductBySku(deleteClick?.sku)" it said that the Property 'sku' does not exist on type '(product: Product) => void'.. On my command prompt, I got this error. How can I solve this problem?

  Error: product/product.component.html:50:109 - error TS2339: Property 'sku' does not exist on type '(product: Product) => void'.
  
  50 <button class="btn btn-outline-danger btn-sm me-2" (click)="onDeleteProductBySku(deleteClick?.sku)">Delete</button>
                                                                                                                                    
  product/product.component.ts:12:16
      12   templateUrl: './product.component.html',
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~
  Error occurs in the template of component ProductComponent.
  

  ProductsController.java --> This is working on the postman.

  //Delete a product record using sku
  //http://localhost:8080/products/deletebysku?sku=12345678
  
  @DeleteMapping("/products/deletebysku")
  @ResponseBody
  private void deleteProductBySku(@RequestParam String sku){
      productsService.deleteProductBySku(sku);
  }
  

  product.component.ts

   public deleteProduct!: Product;
  
   public onDeleteProductBySku(sku: string): void {
      this.productServive.deleteProductBySku(sku).subscribe(
        (response: void) => {
          this.messageShow();
          console.log(response);
          this.getAllProduct();
        },
        (error: HttpErrorResponse) => {
          this.errorMessage(error.message);
        }
      );
   }
  
   public deleteClick(product: Product) {
     this.deleteProduct = product;
     console.log("delete by sku");
   }
  

  product.service.ts

  public deleteProductBySku(sku: string): Observable<void> {
    return this.http.delete<void>(`${this.apiServerUrl}/products/deletebysku?sku=${sku}`);
  }
  

  product.component.html

  <button class="btn btn-outline-danger btn-sm me-2" (click)="onDeleteProductBySku(deleteClick?.sku)">Delete</button>
  
• Multithreading using springboot

  I’m new to multithreading and I want to know how to approach it for my code, currently files are getting generated and processed into fielder using single thread hence unable to handle bulk file generation abs this needs to be handled using multithreading . How do I approach this ? Using java 11 and xml format springboot approach .
• Sec authorize in javascript

  I use spring boot, spring security and thymeleaf

  in html we can do

  <block sec:authorize="isAuthenticated()">
  

  Is it possible to do same thing in js part

  <script type="text/javascript" th:inline="javascript">
  </script>
  

  It seem we can use this way

  /*[# sec:authorize="hasRole('ROLE_ADMIN')"]*/
  document.writeln("You are admin.");
  /*[/]*/
  

  How to do it with this format?

  [[${user.email}]];
  
• In java spring, how to best "change secret in production"?

  I am currently creating a Java Spring application that works with the spring security JWT. Everywhere I look and read about the "secret string", it says should be changed in production. Like this line in my application.properties: security.jwt.secret="this-is-a-512-bit-key-used-for-signing-jwt-tokens-that-should-be-changed-production"

  As well as in stackoverflow question that are sort-of related like this one here: How to include jwt secret in application.yaml for Java Spring.

  My question is, what should that string become in production? Am I supposed to generate this somewhere in a SecurityConfig class? Or should I generate a 512 bit string and just paste that in the application.properties file?

  Thanks in advance.
• Tomcat static content path security with Spring

  I'm trying to setup static content serving on my Tomcat 9 server So I specified it inside server.xml

  <Host name="${serverhost}" appBase="webapps" unpackWARs="true" autoDeploy="false" deployOnStartup="false">
     ....
     <Context path="/staticfiles" docBase="${staticfiles.folder}" reloadable="false"/>
     ....
     <Context path="" docBase="application" reloadable="false">
      ....
  

  On top of that I set up spring sercurity filter for /staticfiles path::

  <security:http use-expressions="true" entry-point-ref="authenticationEntryPoint" access-decision-manager-ref="accessDecisionManager" disable-url-rewriting="true"
                 pattern="/staticfiles/**"
                 create-session="never" security-context-repository-ref="oAuth2EapiCompositeSecurityContextRepository">
      <security:csrf disabled="true"/>
      <security:headers disabled="true"/>
      <security:http-basic/>
      <security:form-login authentication-failure-handler-ref="authFailureHandler" authentication-success-handler-ref="authSuccessHandler"
                           username-parameter="j_username"
                           password-parameter="j_password"
                           login-processing-url="/j_spring_security_check"/>
      <security:anonymous enabled="false"/>
      <security:intercept-url pattern="/staticfiles/**" access="permitAll"/>
      <security:intercept-url pattern="/**" access="denyAll"/>
      <security:custom-filter ref="fileTransferResourceServerFilter" before="PRE_AUTH_FILTER"/>
  </security:http> 
  

  web.xml mapping

   <filter-name>springSecurityFilterChain</filter-name>
   <url-pattern>/staticfiles/*</url-pattern>
  

  It allows to access all the static files without any authentication still

  GET apphost.com/statifiles/333/test.jpg doesn't ask for authentication, so seems like Spring Security filter chain doesnt match this path somehow, but all the other application endpoints are secured (with corresponding security patterns)

  So seems like Tomcat somehow use it's own filter to serve static content, I tried to put

   <Context path="/staticfiles" docBase="${staticfiles.folder}" reloadable="false"/>
  

  inside

   <Context path="" docBase="application" reloadable="false">
  

  which actually makes it work so Spring protecting this path with basic auth but after sucessfull login it responds with 404 all the time, seems like Spring doesn't fallback to Tomcat static content servlet after Spring Security filters
• invalid expiresIn option for string payload

  I am trying to set the expiresIn function in my javascript app. I keep getting this error. Can anyone see what I am doing wrong?

    app.post('/login', async(req, res) => {
              const user = req.body.email;
              const accessToken = jwt.sign(user, process.env.ACCESS_TOKEN_PRIVATE, {
                  expiresIn: '1d'
              });
              res.send({ accessToken });
  
          })
  

  The issue seems to be simple but I don't know how to fix it, what am I doing wrong?
• Unauthorized Error when I want to delete article with authentification (jwt)

  I've created a route called login and another one function(middleware), if the authentication is good, this can be redirected to the delete route but unfortunately, my jwt token is not recognizable.

  I want to know why, the problem must be in this part of api :

  Api

  
    function parseArticle (req, res, next) {
  
  
  
  let token = req.headers['x-access-token'] || req.headers['authorization'];
  if (!!token && token.startsWith('Bearer ')) {
    token = token.slice(7, token.length);
  }
  
  if (token) {
    jwt.verify(token, 'RANDOM_TOKEN_SECRET', (err, decoded) => {
      if (err) {
        return res.status(401).json('token_not_valid');
      } else {
        req.decoded = decoded;
  
        const expiresIn = 24 * 60 * 60;
        const newToken  = jwt.sign({
              user : decoded.user
            },
            'RANDOM_TOKEN_SECRET',
            {
              expiresIn: expiresIn
            });
  
  
        next();
      }
    });
  } else {
    return res.status(401).json('token_required');
  }
  
  
  
  }
  
  router.route('/article/:articleId')
  
  .get(parseArticle, (req, res) => {
    
    db.query("SELECT *  FROM articles WHERE id_article = (?)", [req.articleId], function (err,result) { if (err) throw err;
      console.log(result);
      res.json(result)
    })
  
  })
  
  
  .put(parseArticle, (req, res) => {
    const name = req.body.name
    const description = req.body.description
    const image = req.body.image
    const price = parseInt(req.body.price)
  
    req.article.name = name
    req.article.description = description
    req.article.image = image
    req.article.price = price
    res.send()
  })
  
  .delete(parseArticle, (req, res) => {
  
    db.query("DELETE FROM articles WHERE id_article = (?)", [req.articleId], function (err,result) { if (err) throw err;
      console.log(result);})
  
  res.json({message: "Propre"})})
  
  router.post('/login', (req, res) => {
  function runQuery(sqlQuery, args){
    return new Promise(function (resolve, reject) {
      db.query(sqlQuery, args, function(error, results, fields) {
        if (error) reject(error);
        else resolve(results);
      });
    });
  }
  
  runQuery("SELECT * from users where email = ? ", [req.body.email]).then(user => {
    if (user.length === 0) {
      return res.status(401).json({ error: 'Utilisateur non trouvé !',
        success : 0});
    }
    bcrypt.compare(req.body.password, user[0].password)
        .then(valid => {
          if (!valid) {
            return res.status(401).json({ error: 'Mot de passe incorrect !',
              success : 0});
          }
  
  
          const userId = user[0].id_user;
          const token = jwt.sign({ userId: user[0].id_user },
              'RANDOM_TOKEN_SECRET',
              { expiresIn: '24h' });
          res.header("Authorization","Bearer " + token)
  
          return res.status(200).json({success : 1})
        })
  
        .catch(error => res.status(500).json({ error }));
  
  })
      .catch(error => res.status(500).json({ error }));
  });
  

  Login.vue

  <template>
  
  <form @submit.prevent="checkData">
    <input type="text" name="email" v-model="login.email" placeholder="Entrez votre adresse-mail"/>
    <input type="text" name="password" v-model="login.password" placeholder="Entrez votre mot de passe"/>
    <button type="submit"> Connexion </button>
  </form>
  
  </template>
  
  <script>
  
  module.exports = {
    name: "Login",
  
    data () {
      return {
        login : {
          email: "",
          password: "",
        },
      }
    },
  
    methods : {
       async checkData() {
         let user = {email : this.login.email, password : this.login.password}
  
        try {
          const response = await axios.post('/api/login', user)
          console.log(response.data.success)
          if(response.data.success === 1){
            await this.$router.push({name: 'home'})
          }
          if(response.data.success === 0){
            this.error = "Connexion Échouée"
          }
  
        }
        catch(err) {console.error("network error",err)}
      }
    }
  }
  
  
  </script>
  
  <style scoped>
  button {
    padding: 10px;
  }
  </style>
  

  Thanks for you help,

  Have a nice week-end
• Docker Registry Authentication/Authorization - signed by untrusted key with ID

  Honestly, it this point im begging for help

  So im trying to add protection for my docker registry ( i do not wanna use htpassword ) which is run like this:

  docker compose file

  version: '3'
  
  services:
    registry:
      restart: always
      image: registry:2
      ports:
      - "5000:5000"
      environment:
        REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
        REGISTRY_HTTP_ADDR: 127.0.0.1:5000
        REGISTRY_AUTH: token
        REGISTRY_AUTH_TOKEN_REALM: http://api.thechemicalworkshop.com/api/authorize_docker
        REGISTRY_AUTH_TOKEN_ISSUER: "The Chemical Workshop"
        REGISTRY_AUTH_TOKEN_SERVICE: "dockerhub.thechemicalworkshop.com"
        REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: /ssl/cert.dockerhub.crt
      volumes:
        - ./data:/data
        - ./ssl:/ssl
      network_mode: host
  

  how it should work is that REGISTRY_AUTH_TOKEN_REALM handles the protection i tired self signed cetfiticates in REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE but same result (more below)

  im using nginx as reverse proxy and ssl (should be self explanatory) (and the reason why i host it on localhost)

  server {
      client_max_body_size 2000m;
      proxy_pass_request_headers      on;
      server_name dockerhub.thechemicalworkshop.com;
  
      location / {
  
  
      # Do not allow connections from docker 1.5 and earlier
      # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
      if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
        return 404;
      }
  
      proxy_pass                          http://127.0.0.1:5000;
      proxy_set_header  Host              $http_host;   # required for docker client's sake
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
      proxy_read_timeout                  900;
      proxy_pass_request_headers      on;
      }
  
  
  listen [::]:443 ssl; # managed by Certbot
      listen 443 ssl; # managed by Certbot
      ssl_certificate /etc/letsencrypt/live/dockerhub.thechemicalworkshop.com/fullchain.pem; # managed by Certbot
      ssl_certificate_key /etc/letsencrypt/live/dockerhub.thechemicalworkshop.com/privkey.pem; # managed by Certbot
      include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
      ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
  

  anyways every time i access the registry on server_name it should call REGISTRY_AUTH_TOKEN_REALM to accept/deny

  the REGISTRY_AUTH_TOKEN_REALM on stuff is an API in python (quart) with following script:

  raw_token = 'eyJ0eXAiOiJKV1Q'
  
      if matti_check(request.headers["X-Real-Ip"]):
          payload = {"expires_in": 360000,"issued_at": "2022-04-30T15:33:00Z"}
  
          payload['token'] = raw_token
  
          response = await make_response(payload)
  
          return response
      else:
          print(request.headers)
          return "ERROR", 500
  

  token shortened due to space

  ignore matti_check() it works fine basically im returning a token alongside some other stuff

  to generate the token im using following script:

  encoded = jwt.encode(\
      {\
          "iss": "The Chemical Workshop", \
          "aud": "dockerhub.thechemicalworkshop.com",\
          "exp": 1687927320000\
          }, \
          private_key, algorithm="RS256", headers={"kid": "MY4D:MNRW:GY2T:IZBS:HAZT:QZRS:MQ4G:IMBX:GA4D:AYJY:GBST:AMJX"})
  print(encoded)
  

  the kid header gets generated by me like this:

  1. first I convert the cerificate using openssl x509 -in cert.dockerhub.crt -noout -outform der -pubkey
  2. I take the key and I sha256 it, for testing I use https://emn178.github.io/online-tools/sha256.html
  3. in the third step I take the first 30 characters and base32 encode it, again using https://emn178.github.io/online-tools/base32_encode.html for testing
  4. then I whack : between every 4 characters

  Docker documentation says i should do this to get kid:

  1. Take the DER encoded public key which the JWT token was signed against.

  2. Create a SHA256 hash out of it and truncate to 240bits.

  3. Split the result into 12 base32 encoded groups with : as delimiter.

  so I think my approach is correct?

  well, it does not work :/

  I just get an error docker-registry-registry-1 | time="2022-04-30T17:10:56.438672709Z" level=info msg="token signed by untrusted key with ID: "MY4T:KNRU:GJSW:ENRU:GFRW:CYZW:GNRW:CMLC:GVTG:KM3D:MRSW:CZTD""

  Could someone ( i dont know go ) look into portus/docker registry source how they generate a working key?

  here is what i tried:

  • asking on docker forum <-- more info
  • asking on lowendtalk
  • asking on like 8 discords
  • trying self signed keys, as well as certbot keys
  • create github issue/ask questions (no anwsers/solutions)
  • ask some random dude from this project on twitter (no anwser)
  • googling, trying to read go code (no luck/anwsers)
  • trying different keys (same result)
  • creating a "bounty" (5$ if you ask, im broke) on fiverr (no capable people or way way overbudget)

  Can you guys fix this or give me some lead on how to fix this? my "project" would be opensource as i dont see an implementation in python