Defaulting JWT settings to false (Stirling-Tools#4416)

Defaulting the configuration settings for Stirling PDF's JWT to false to
avoid any unexpected issues

Author: DarioGii

app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java

@@ -303,11 +303,10 @@ public Provider get(String registrationId) throws UnsupportedProviderException {
 
         @Data
         public static class Jwt {
-            private boolean enableKeystore = true;
-            private boolean enableKeyRotation = false;
-            private boolean enableKeyCleanup = true;
+            private boolean enabled = true;
+            private boolean keyCleanup = true;
             private int keyRetentionDays = 7;
-            private boolean secureCookie;
+            private Boolean secureCookie;
         }
     }
 
@@ -377,16 +376,19 @@ public static class TempFileManagement {
 
         @JsonIgnore
         public String getBaseTmpDir() {
-            return baseTmpDir != null && !baseTmpDir.isEmpty()
-                    ? baseTmpDir
-                    : java.lang.System.getProperty("java.io.tmpdir") + "/stirling-pdf";
+            if (baseTmpDir != null && !baseTmpDir.isEmpty()) {
+                return baseTmpDir;
+            }
+            String tmp = java.lang.System.getProperty("java.io.tmpdir");
+            return new File(tmp, "stirling-pdf").getPath();
         }
 
         @JsonIgnore
         public String getLibreofficeDir() {
-            return libreofficeDir != null && !libreofficeDir.isEmpty()
-                    ? libreofficeDir
-                    : getBaseTmpDir() + "/libreoffice";
+            if (libreofficeDir != null && !libreofficeDir.isEmpty()) {
+                return libreofficeDir;
+            }
+            return new File(getBaseTmpDir(), "libreoffice").getPath();
         }
     }
 

app/common/src/main/java/stirling/software/common/util/PdfUtils.java

@@ -636,7 +636,7 @@ public boolean pageCount(PDDocument pdfDocument, int pageCount, String comparato
             case "equal" -> actualPageCount == pageCount;
             case "less" -> actualPageCount < pageCount;
             default ->
-                throw ExceptionUtils.createInvalidArgumentException("comparator", comparator);
+                    throw ExceptionUtils.createInvalidArgumentException("comparator", comparator);
         };
     }
 
@@ -659,15 +659,9 @@ public boolean pageSize(PDDocument pdfDocument, String expectedPageSize) throws
         return actualPageWidth == expectedPageWidth && actualPageHeight == expectedPageHeight;
     }
 
-    /**
-     * Key for storing the dimensions of a rendered image in a map.
-     */
-    private record PdfRenderSettingsKey(float mediaBoxWidth, float mediaBoxHeight, int rotation) {
-    }
+    /** Key for storing the dimensions of a rendered image in a map. */
+    private record PdfRenderSettingsKey(float mediaBoxWidth, float mediaBoxHeight, int rotation) {}
 
-    /**
-     * Value for storing the dimensions of a rendered image in a map.
-     */
-    private record PdfImageDimensionValue(int width, int height) {
-    }
+    /** Value for storing the dimensions of a rendered image in a map. */
+    private record PdfImageDimensionValue(int width, int height) {}
 }

app/common/src/test/java/stirling/software/common/model/ApplicationPropertiesLogicTest.java

@@ -14,7 +14,6 @@
 import stirling.software.common.model.ApplicationProperties.Premium;
 import stirling.software.common.model.ApplicationProperties.Security;
 import stirling.software.common.model.exception.UnsupportedProviderException;
-import stirling.software.common.util.RegexPatternUtils;
 
 class ApplicationPropertiesLogicTest {
 
@@ -39,15 +38,12 @@ void tempFileManagement_defaults_and_overrides() {
                 new ApplicationProperties.TempFileManagement();
 
         String expectedBase =
-                RegexPatternUtils.getInstance()
-                                .getTrailingSlashesPattern()
-                                .matcher(java.lang.System.getProperty("java.io.tmpdir"))
-                                .replaceAll("")
-                        + "/stirling-pdf";
-        assertEquals(expectedBase, normalize.apply(tfm.getBaseTmpDir()));
-
-        String expectedLibre = expectedBase + "/libreoffice";
-        assertEquals(expectedLibre, normalize.apply(tfm.getLibreofficeDir()));
+                Paths.get(java.lang.System.getProperty("java.io.tmpdir"), "stirling-pdf")
+                        .toString();
+        assertEquals(expectedBase, tfm.getBaseTmpDir());
+
+        String expectedLibre = Paths.get(expectedBase, "libreoffice").toString();
+        assertEquals(expectedLibre, tfm.getLibreofficeDir());
 
         tfm.setBaseTmpDir("/custom/base");
         assertEquals("/custom/base", normalize.apply(tfm.getBaseTmpDir()));

app/core/src/main/java/stirling/software/SPDF/UI/impl/LoadingWindow.java

@@ -227,7 +227,9 @@ private void checkAndRefreshExplorer() {
                                                                             if (!existingPids
                                                                                     .contains(
                                                                                             pid)) {
-                                                                                log.debug("Found new explorer.exe with PID: {}", pid);
+                                                                                log.debug(
+                                                                                        "Found new explorer.exe with PID: {}",
+                                                                                        pid);
                                                                                 ProcessBuilder
                                                                                         killProcess =
                                                                                                 new ProcessBuilder(
@@ -245,7 +247,9 @@ private void checkAndRefreshExplorer() {
                                                                                         2,
                                                                                         TimeUnit
                                                                                                 .SECONDS);
-                                                                                log.debug("Explorer process terminated: {}", pid);
+                                                                                log.debug(
+                                                                                        "Explorer process terminated: {}",
+                                                                                        pid);
                                                                             }
                                                                         }
                                                                     }

app/core/src/main/java/stirling/software/SPDF/controller/api/filters/FilterController.java

@@ -87,13 +87,15 @@ public ResponseEntity<byte[]> pageCount(@ModelAttribute PDFComparisonAndCount re
         PDDocument document = pdfDocumentFactory.load(inputFile);
         int actualPageCount = document.getNumberOfPages();
         // Perform the comparison
-        boolean valid = switch (comparator) {
-            case "Greater" -> actualPageCount > pageCount;
-            case "Equal" -> actualPageCount == pageCount;
-            case "Less" -> actualPageCount < pageCount;
-            default ->
-                throw ExceptionUtils.createInvalidArgumentException("comparator", comparator);
-        };
+        boolean valid =
+                switch (comparator) {
+                    case "Greater" -> actualPageCount > pageCount;
+                    case "Equal" -> actualPageCount == pageCount;
+                    case "Less" -> actualPageCount < pageCount;
+                    default ->
+                            throw ExceptionUtils.createInvalidArgumentException(
+                                    "comparator", comparator);
+                };
 
         if (valid) return WebResponseUtils.multiPartFileToWebResponse(inputFile);
         return null;
@@ -123,13 +125,15 @@ public ResponseEntity<byte[]> pageSize(@ModelAttribute PageSizeRequest request)
         float standardArea = standardSize.getWidth() * standardSize.getHeight();
 
         // Perform the comparison
-        boolean valid = switch (comparator) {
-            case "Greater" -> actualArea > standardArea;
-            case "Equal" -> actualArea == standardArea;
-            case "Less" -> actualArea < standardArea;
-            default ->
-                throw ExceptionUtils.createInvalidArgumentException("comparator", comparator);
-        };
+        boolean valid =
+                switch (comparator) {
+                    case "Greater" -> actualArea > standardArea;
+                    case "Equal" -> actualArea == standardArea;
+                    case "Less" -> actualArea < standardArea;
+                    default ->
+                            throw ExceptionUtils.createInvalidArgumentException(
+                                    "comparator", comparator);
+                };
 
         if (valid) return WebResponseUtils.multiPartFileToWebResponse(inputFile);
         return null;
@@ -149,13 +153,15 @@ public ResponseEntity<byte[]> fileSize(@ModelAttribute FileSizeRequest request)
         long actualFileSize = inputFile.getSize();
 
         // Perform the comparison
-        boolean valid = switch (comparator) {
-            case "Greater" -> actualFileSize > fileSize;
-            case "Equal" -> actualFileSize == fileSize;
-            case "Less" -> actualFileSize < fileSize;
-            default ->
-                throw ExceptionUtils.createInvalidArgumentException("comparator", comparator);
-        };
+        boolean valid =
+                switch (comparator) {
+                    case "Greater" -> actualFileSize > fileSize;
+                    case "Equal" -> actualFileSize == fileSize;
+                    case "Less" -> actualFileSize < fileSize;
+                    default ->
+                            throw ExceptionUtils.createInvalidArgumentException(
+                                    "comparator", comparator);
+                };
 
         if (valid) return WebResponseUtils.multiPartFileToWebResponse(inputFile);
         return null;
@@ -179,13 +185,15 @@ public ResponseEntity<byte[]> pageRotation(@ModelAttribute PageRotationRequest r
         int actualRotation = firstPage.getRotation();
 
         // Perform the comparison
-        boolean valid = switch (comparator) {
-            case "Greater" -> actualRotation > rotation;
-            case "Equal" -> actualRotation == rotation;
-            case "Less" -> actualRotation < rotation;
-            default ->
-                throw ExceptionUtils.createInvalidArgumentException("comparator", comparator);
-        };
+        boolean valid =
+                switch (comparator) {
+                    case "Greater" -> actualRotation > rotation;
+                    case "Equal" -> actualRotation == rotation;
+                    case "Less" -> actualRotation < rotation;
+                    default ->
+                            throw ExceptionUtils.createInvalidArgumentException(
+                                    "comparator", comparator);
+                };
 
         if (valid) return WebResponseUtils.multiPartFileToWebResponse(inputFile);
         return null;

app/core/src/main/java/stirling/software/SPDF/controller/api/misc/MetadataController.java

@@ -23,9 +23,9 @@
 
 import stirling.software.SPDF.model.api.misc.MetadataRequest;
 import stirling.software.common.service.CustomPDFDocumentFactory;
+import stirling.software.common.service.PdfMetadataService;
 import stirling.software.common.util.GeneralUtils;
 import stirling.software.common.util.RegexPatternUtils;
-import stirling.software.common.service.PdfMetadataService;
 import stirling.software.common.util.WebResponseUtils;
 import stirling.software.common.util.propertyeditor.StringToMapPropertyEditor;
 

app/core/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java

@@ -170,14 +170,15 @@ private void addTextWatermark(
             throws IOException {
         String resourceDir = "";
         PDFont font = new PDType1Font(Standard14Fonts.FontName.HELVETICA);
-        resourceDir = switch (alphabet) {
-            case "arabic" -> "static/fonts/NotoSansArabic-Regular.ttf";
-            case "japanese" -> "static/fonts/Meiryo.ttf";
-            case "korean" -> "static/fonts/malgun.ttf";
-            case "chinese" -> "static/fonts/SimSun.ttf";
-            case "thai" -> "static/fonts/NotoSansThai-Regular.ttf";
-            default -> "static/fonts/NotoSans-Regular.ttf";
-        };
+        resourceDir =
+                switch (alphabet) {
+                    case "arabic" -> "static/fonts/NotoSansArabic-Regular.ttf";
+                    case "japanese" -> "static/fonts/Meiryo.ttf";
+                    case "korean" -> "static/fonts/malgun.ttf";
+                    case "chinese" -> "static/fonts/SimSun.ttf";
+                    case "thai" -> "static/fonts/NotoSansThai-Regular.ttf";
+                    default -> "static/fonts/NotoSans-Regular.ttf";
+                };
 
         ClassPathResource classPathResource = new ClassPathResource(resourceDir);
         String fileExtension = resourceDir.substring(resourceDir.lastIndexOf("."));

app/core/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java

@@ -288,8 +288,8 @@ public String getFormatFromExtension(String extension) {
             case "eot" -> "embedded-opentype";
             case "svg" -> "svg";
             default ->
-                // or throw an exception if an unexpected extension is encountered
-                "";
+                    // or throw an exception if an unexpected extension is encountered
+                    "";
         };
     }
 

app/core/src/main/resources/settings.yml.template

@@ -60,11 +60,10 @@ security:
     privateKey: classpath:saml-private-key.key # Your private key. Generated from your keypair
     spCert: classpath:saml-public-cert.crt # Your signing certificate. Generated from your keypair
   jwt: # This feature is currently under development and not yet fully supported. Do not use in production.
-    persistence: true # Set to 'true' to enable JWT key store
-    enableKeyRotation: true # Set to 'true' to enable key pair rotation
-    enableKeyCleanup: true # Set to 'true' to enable key pair cleanup
+    enabled: false # Set to 'true' to enable JWT key store
+    keyCleanup: false # Set to 'true' to enable key pair cleanup
     keyRetentionDays: 7 # Number of days to retain old keys. The default is 7 days.
-    secureCookie: false # Set to 'true' to use secure cookies for JWTs
+    secureCookie: true # Set to 'true' to use secure cookies for JWTs
 
 premium:
   key: 00000000-0000-0000-0000-000000000000

app/proprietary/src/main/java/stirling/software/proprietary/security/InitialSecuritySetup.java

@@ -5,6 +5,7 @@
 import java.util.Optional;
 import java.util.UUID;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 import jakarta.annotation.PostConstruct;
@@ -26,6 +27,9 @@
 @RequiredArgsConstructor
 public class InitialSecuritySetup {
 
+    @Value("${v2:false}")
+    private boolean v2Enabled = false;
+
     private final UserService userService;
     private final TeamService teamService;
     private final ApplicationProperties applicationProperties;
@@ -43,6 +47,7 @@ public void init() {
                 }
             }
 
+            configureJWTSettings();
             assignUsersToDefaultTeamIfMissing();
             initializeInternalApiUser();
         } catch (IllegalArgumentException | SQLException | UnsupportedProviderException e) {
@@ -51,6 +56,18 @@ public void init() {
         }
     }
 
+    private void configureJWTSettings() {
+        ApplicationProperties.Security.Jwt jwtProperties =
+                applicationProperties.getSecurity().getJwt();
+
+        boolean jwtEnabled = jwtProperties.isEnabled();
+        if (!v2Enabled || !jwtEnabled) {
+            log.debug("V2 enabled: {}, JWT enabled: {} - disabling all JWT features", v2Enabled, jwtEnabled);
+
+            jwtProperties.setKeyCleanup(false);
+        }
+    }
+
     private void assignUsersToDefaultTeamIfMissing() {
         Team defaultTeam = teamService.getOrCreateDefaultTeam();
         Team internalTeam = teamService.getOrCreateInternalTeam();