JWT Auth into V2 (#4187)

Merging JWT feature from main into V2 ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com> Co-authored-by: Ludy <Ludy87@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: EthanHealy01 <80844253+EthanHealy01@users.noreply.github.com> Co-authored-by: Ethan <ethan@MacBook-Pro.local> Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> Co-authored-by: albanobattistella <34811668+albanobattistella@users.noreply.github.com>
2026-02-17 13:52:14 +01:00 · 2025-08-15 14:13:45 +01:00
parent 7e60eb40b4
commit 1468df3e21
115 changed files with 2993 additions and 253 deletions
--- a/app/common/src/main/java/stirling/software/common/configuration/AppConfig.java
+++ b/app/common/src/main/java/stirling/software/common/configuration/AppConfig.java
@@ -8,6 +8,7 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Properties;
 import java.util.function.Predicate;
+import java.util.stream.Stream;

 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
@@ -48,6 +49,14 @@ public class AppConfig {
    @Value("${server.port:8080}")
    private String serverPort;

+    @Value("${v2}")
+    public boolean v2Enabled;
+
+    @Bean
+    public boolean v2Enabled() {
+        return v2Enabled;
+    }
+
    /* Commented out Thymeleaf template engine bean - to be removed when frontend migration is complete
    @Bean
    @ConditionalOnProperty(name = "system.customHTMLFiles", havingValue = "true")
@@ -119,7 +128,7 @@ public class AppConfig {
    public boolean rateLimit() {
        String rateLimit = System.getProperty("rateLimit");
        if (rateLimit == null) rateLimit = System.getenv("rateLimit");
-        return (rateLimit != null) ? Boolean.valueOf(rateLimit) : false;
+        return Boolean.parseBoolean(rateLimit);
    }

    @Bean(name = "RunningInDocker")
@@ -139,8 +148,8 @@ public class AppConfig {
        if (!Files.exists(mountInfo)) {
            return true;
        }
-        try {
-            return Files.lines(mountInfo).anyMatch(line -> line.contains(" /configs "));
+        try (Stream<String> lines = Files.lines(mountInfo)) {
+            return lines.anyMatch(line -> line.contains(" /configs "));
        } catch (IOException e) {
            return false;
        }
--- a/app/common/src/main/java/stirling/software/common/configuration/InstallationPathConfig.java
+++ b/app/common/src/main/java/stirling/software/common/configuration/InstallationPathConfig.java
@@ -25,6 +25,7 @@ public class InstallationPathConfig {
    private static final String STATIC_PATH;
    private static final String TEMPLATES_PATH;
    private static final String SIGNATURES_PATH;
+    private static final String PRIVATE_KEY_PATH;

    static {
        BASE_PATH = initializeBasePath();
@@ -45,6 +46,7 @@ public class InstallationPathConfig {
        STATIC_PATH = CUSTOM_FILES_PATH + "static" + File.separator;
        TEMPLATES_PATH = CUSTOM_FILES_PATH + "templates" + File.separator;
        SIGNATURES_PATH = CUSTOM_FILES_PATH + "signatures" + File.separator;
+        PRIVATE_KEY_PATH = CONFIG_PATH + "db" + File.separator + "keys" + File.separator;
    }

    private static String initializeBasePath() {
@@ -120,4 +122,8 @@ public class InstallationPathConfig {
    public static String getSignaturesPath() {
        return SIGNATURES_PATH;
    }
+
+    public static String getPrivateKeyPath() {
+        return PRIVATE_KEY_PATH;
+    }
 }
--- a/app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java
+++ b/app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java
@@ -119,6 +119,7 @@ public class ApplicationProperties {
        private long loginResetTimeMinutes;
        private String loginMethod = "all";
        private String customGlobalAPIKey;
+        private Jwt jwt = new Jwt();

        public Boolean isAltLogin() {
            return saml2.getEnabled() || oauth2.getEnabled();
@@ -298,6 +299,15 @@ public class ApplicationProperties {
                }
            }
        }
+
+        @Data
+        public static class Jwt {
+            private boolean enableKeystore = true;
+            private boolean enableKeyRotation = false;
+            private boolean enableKeyCleanup = true;
+            private int keyRetentionDays = 7;
+            private boolean secureCookie;
+        }
    }

    @Data
@@ -362,7 +372,8 @@ public class ApplicationProperties {
        public String getBaseTmpDir() {
            return baseTmpDir != null && !baseTmpDir.isEmpty()
                    ? baseTmpDir
-                    : java.lang.System.getProperty("java.io.tmpdir") + "/stirling-pdf";
+                    : java.lang.System.getProperty("java.io.tmpdir").replaceAll("/+$", "")
+                            + "/stirling-pdf";
        }

        @JsonIgnore
--- a/app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java
+++ b/app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java
@@ -14,8 +14,10 @@ public class RequestUriUtils {
                || requestURI.startsWith(contextPath + "/images/")
                || requestURI.startsWith(contextPath + "/public/")
                || requestURI.startsWith(contextPath + "/pdfjs/")
+                || requestURI.startsWith(contextPath + "/pdfjs-legacy/")
                || requestURI.startsWith(contextPath + "/login")
                || requestURI.startsWith(contextPath + "/error")
+                || requestURI.startsWith(contextPath + "/favicon")
                || requestURI.endsWith(".svg")
                || requestURI.endsWith(".png")
                || requestURI.endsWith(".ico")