From 104cf68ad6a55cf945c18abe8f9b440ea088c74a Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Mon, 29 Jun 2020 12:00:32 +0300
Subject: Downgrade springfox, update other deps

---
 build.gradle                                  | 14 +++++++-------
 package.json                                  |  2 +-
 src/main/java/com/juick/SignatureManager.java |  2 +-
 yarn.lock                                     |  8 ++++----
 4 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/build.gradle b/build.gradle
index 929bcb13..2e1c6be2 100644
--- a/build.gradle
+++ b/build.gradle
@@ -123,7 +123,7 @@ dependencies {
     compile ('org.springframework.boot:spring-boot-devtools')
     runtime ("org.springframework.boot:spring-boot-properties-migrator")
 
-    compile 'org.flywaydb:flyway-core:6.4.4'
+    compile 'org.flywaydb:flyway-core:6.5.0'
     compile 'com.github.ben-manes.caffeine:caffeine:2.8.4'
 
     compile "javax.inject:javax.inject:1"
@@ -146,7 +146,7 @@ dependencies {
     compile "javax.xml.bind:jaxb-api:2.3.1"
     runtime 'org.glassfish.jaxb:jaxb-runtime:2.3.3'
 
-    compileOnly 'io.springfox:springfox-core:2.10.0'
+    compileOnly 'io.springfox:springfox-core:2.9.2'
 
     compile 'org.apache.commons:commons-email:1.5'
     compile 'com.github.scribejava:scribejava-apis:6.9.0'
@@ -157,10 +157,10 @@ dependencies {
     compile 'rocks.xmpp:xmpp-core-client:0.8.2'
     compile 'rocks.xmpp:xmpp-extensions-client:0.8.2'
 
-    compile 'com.rometools:rome:1.13.1'
-    compile 'com.rometools:rome-modules:1.13.1'
+    compile 'com.rometools:rome:1.14.1'
+    compile 'com.rometools:rome-modules:1.14.1'
 
-    runtime 'org.mariadb.jdbc:mariadb-java-client:2.6.0'
+    runtime 'org.mariadb.jdbc:mariadb-java-client:2.6.1'
     runtime 'net.java.dev.jna:jna:5.5.0'
     runtime 'net.java.dev.jna:jna-platform:5.5.0'
     runtime 'com.h2database:h2:1.4.200'
@@ -168,7 +168,7 @@ dependencies {
     compile 'io.pebbletemplates:pebble-spring5:3.1.3'
     compile 'com.atlassian.commonmark:commonmark:0.15.1'
     compile 'com.atlassian.commonmark:commonmark-ext-autolink:0.15.1'
-    compile 'org.tomitribe:tomitribe-http-signatures:1.4'
+    compile 'org.tomitribe:tomitribe-http-signatures:1.5'
     compile 'com.google.api-client:google-api-client:1.30.9'
     compile "com.kotcrab.remark:remark:1.2.0"
 
@@ -182,7 +182,7 @@ dependencies {
     testCompile('org.springframework.security:spring-security-test')
     testCompile("ch.vorburger.mariaDB4j:mariaDB4j:2.4.0")
 
-    testCompile 'io.springfox:springfox-swagger2:2.10.0'
+    testCompile 'io.springfox:springfox-swagger2:2.9.2'
     testCompile 'org.bouncycastle:bcpkix-jdk15on:1.65'
 }
 
diff --git a/package.json b/package.json
index 44add995..6e35f6bc 100644
--- a/package.json
+++ b/package.json
@@ -28,7 +28,7 @@
     "babel-loader": "^8.1.0",
     "core-js": "^3.6.5",
     "css-loader": "^3.6.0",
-    "eslint": "7.3.0",
+    "eslint": "7.3.1",
     "eslint-loader": "4.0.2",
     "eslint-plugin-only-ascii": "0.0.0",
     "file-loader": "^6.0.0",
diff --git a/src/main/java/com/juick/SignatureManager.java b/src/main/java/com/juick/SignatureManager.java
index 037f9e30..0d7b17a6 100644
--- a/src/main/java/com/juick/SignatureManager.java
+++ b/src/main/java/com/juick/SignatureManager.java
@@ -104,7 +104,7 @@ public class SignatureManager {
     public User verifySignature(String method, String path, Map<String, String> headers) {
         String signatureString = headers.get("signature");
         logger.info("Signature: {}", signatureString);
-        Signature signature = Signature.fromString(signatureString, null);
+        Signature signature = Signature.fromString(signatureString, Algorithm.get("rsa-sha256"));
         Optional<Context> context = getContext(UriComponentsBuilder.fromUriString(signature.getKeyId())
                 .fragment(null).build().toUri());
         if (context.isPresent() && context.get() instanceof Person) {
diff --git a/yarn.lock b/yarn.lock
index e91fa9e0..c0041576 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2728,10 +2728,10 @@ eslint-visitor-keys@^1.2.0:
   resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-1.2.0.tgz#74415ac884874495f78ec2a97349525344c981fa"
   integrity sha512-WFb4ihckKil6hu3Dp798xdzSfddwKKU3+nGniKF6HfeW6OLd2OUDEPP7TcHtB5+QXOKg2s6B2DaMPE1Nn/kxKQ==
 
-eslint@7.3.0:
-  version "7.3.0"
-  resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.3.0.tgz#f9f1fc3dc1227985d0db88769f2bbac7b4b875d7"
-  integrity sha512-dJMVXwfU5PT1cj2Nv2VPPrKahKTGdX+5Dh0Q3YuKt+Y2UhdL2YbzsVaBMyG9HC0tBismlv/r1+eZqs6SMIV38Q==
+eslint@7.3.1:
+  version "7.3.1"
+  resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.3.1.tgz#76392bd7e44468d046149ba128d1566c59acbe19"
+  integrity sha512-cQC/xj9bhWUcyi/RuMbRtC3I0eW8MH0jhRELSvpKYkWep3C6YZ2OkvcvJVUeO6gcunABmzptbXBuDoXsjHmfTA==
   dependencies:
     "@babel/code-frame" "^7.0.0"
     ajv "^6.10.0"
-- 
cgit v1.2.3