OrifInformatique · KenCacciabueOrif · Jan 28, 2026 · Jan 28, 2026 · Jan 28, 2026 · Feb 4, 2026
diff --git a/docs/index.html b/docs/index.html
diff --git a/docs/process-documentation.md b/docs/process-documentation.md
@@ -16,7 +16,7 @@
     - [1.5 Main Java Modules (`main/java`)](#15-main-java-modules-mainjava)
     - [1.6 Security Module (`main/java/security`)](#16-security-module-mainjavasecurity)
     - [1.7 Auth Module (`main/java/auth`)](#17-auth-module-mainjavaauth)
-    - [1.8 Users Module (`main/java/users`)](#18-users-module-mainjavausers)
+    - [1.8 Users Module (`main/java/user`)](#18-users-module-mainjavauser)
     - [1.9 Configuration Module (`main/java/config`)](#19-configuration-module-mainjavaconfig)
     - [1.10 Error and Exception Management (`main/java/app`)](#110-error-and-exception-management-mainjavaapp)
     - [1.11 Test Structure (`test/java`)](#111-test-structure-testjava)
@@ -81,7 +81,7 @@ graph TD
 **Tools & Dependencies:**
 
 - **Java / OpenJDK:** 21
-- **Spring Boot:** 3.3.5
+- **Spring Boot:** 3.5.8
 - **Maven:** 3.9+
 - **MariaDB:** 11.4
 - **Docker Desktop:** Latest
@@ -91,9 +91,9 @@ graph TD
 - **Spring Security:** Authentication and authorization framework
 - **Spring Data JPA:** Database access and ORM
 - **Spring OAuth2 Client:** Microsoft Entra ID (Azure AD) integration
-- **Auth0 Java-JWT (4.3.0):** JWT token generation and validation
-- **MapStruct (1.5.5):** Java bean mappings and DTO conversions
-- **Lombok (1.18.36):** Reduces boilerplate code
+- **Auth0 Java-JWT (4.4.0):** JWT token generation and validation
+- **MapStruct (1.6.3):** Java bean mappings and DTO conversions
+- **Lombok (1.18.38):** Reduces boilerplate code
 - **Spring REST Docs (3.0.1):** API documentation generation
 - **Jakarta Validation:** Bean validation and custom constraints
 - **Dotenv Java:** Environment variable management
@@ -153,7 +153,7 @@ Contains test classes for unit and integration tests.
 | `app`                      | Global error and exception handling used throughout the application.                          |
 | `auth`                     | Handles authorization processes such as login and registration.                               |
 | `security`                 | Security-related classes: JWT filters, password encoding, and authentication management.      |
-| `users`                    | Manages user profiles, roles, and permissions.                                                |
+| `user`                     | Manages user profiles, roles, and permissions.                                                |
 | `AuthApplication.java` | Main Spring Boot entry point containing the `main()` method. Run the project from this class. |
 
 ---
@@ -189,7 +189,7 @@ sequenceDiagram
         alt Public endpoint
             Controller->>Client: Return HTTP response
         else Protected endpoint
-            Controller-->>Client: 403 Forbidden (Access Denied)
+            Controller-->>Client: 401 Unauthorized (Missing or invalid authentication token)
         end
     end
 ```
@@ -246,10 +246,10 @@ sequenceDiagram
             AuthController->>Client: 200 OK with UserDto + tokens
         else Password invalid
             PasswordEncoder->>UserService: false
-            UserService-->>Client: 401 Unauthorized (Invalid credentials)
+            UserService-->>Client: 401 Unauthorized (error.authorisation.invalid.credentials)
         end
     else User not found
-        UserRepository-->>Client: 401 Unauthorized (Invalid credentials)
+        UserRepository-->>Client: 401 Unauthorized (error.authorisation.invalid.credentials)
     end
 ```
 
@@ -309,7 +309,7 @@ _Sequence Diagram showing the logout flow and token invalidation._
 
 ---
 
-### 1.8 Users Module (`main/java/users`)
+### 1.8 Users Module (`main/java/user`)
 
 ```mermaid
 classDiagram
@@ -380,7 +380,7 @@ classDiagram
         +List<String> permissions = new ArrayList<>()
     }
 
-    class SignupDto {
+    class SignUpDto {
         <<DTO>>
         +String firstName
         +String lastName
@@ -393,7 +393,7 @@ classDiagram
     class UserMapper {
         <<interface / singleton>>
         +UserDto toUserDto(User user)
-        +User signUpToUser(SignupDto signupDto)
+        +User signUpToUser(SignUpDto signUpDto)
         +List<String> authoritiesToPermissions(Collection<GrantedAuthority> authorities)
     }
 
@@ -406,7 +406,7 @@ classDiagram
     RoleEnum --> "0..*" PermissionEnum : defines
     UserMapper ..> User : uses
     UserMapper ..> UserDto : creates
-    UserMapper ..> SignupDto : uses
+    UserMapper ..> SignUpDto : uses
     User ..|> UserDetails
 ```
 
@@ -445,7 +445,7 @@ sequenceDiagram
     UserService->>UserMapper: toUserDto(user)
     UserMapper-->>UserService: UserDto
     UserService-->>UserController: UserDto
-    UserController-->>Client: ResponseEntity("User promoted to manager successfully")
+    UserController-->>Client: ResponseEntity(message.user.promoted.manager)
 ```
 
 _Sequence Diagram showing an example of the user management flow._
@@ -699,7 +699,7 @@ Example claims that can be extracted from the Azure token:
 | ------ | -------------------- | ------------- | ---------------------------------------------- |
 | POST   | `/auth/login`        | No            | Authenticate user and receive JWT tokens       |
 | POST   | `/auth/register`     | No            | Register a new user account                    |
-| POST   | `/auth/refresh`      | Yes           | Refresh access token using refresh token       |
+| POST   | `/auth/refresh`      | No            | Refresh access token using refresh token       |
 | PUT    | `/auth/update-password` | Yes        | Update current user's password                 |
 | POST   | `/auth/logout`       | Yes           | Logout and invalidate refresh tokens            |
 
@@ -708,7 +708,7 @@ Example claims that can be extracted from the Azure token:
 | Method | Endpoint                       | Auth Required | Description                              |
 | ------ | ------------------------------ | ------------- | ---------------------------------------- |
 | GET    | `/oauth2/authorization/azure`  | No            | Redirect to Microsoft login page         |
-| GET    | `/oauth2/success`              | No            | Callback endpoint after Azure login      |
+| GET    | `/oauth2/success`              | Yes           | Callback endpoint after Azure login      |
 
 ### 2.3 User Management Endpoints (`/users`)
 

diff --git a/src/asciidoc/index.adoc b/src/asciidoc/index.adoc
@@ -395,7 +395,7 @@ include::auth/logout-expired-token/http-response.adoc[]
 
 It returns a 401 Unauthorized error indicating that the token has expired.
 
-=== 1.5 Set Password
+=== 1.5 Update Password
 This is an example output for the `PUT /auth/update-password` endpoint.
 
 .request
@@ -404,7 +404,7 @@ include::auth/update-password/http-request.adoc[]
 .response
 include::auth/update-password/http-response.adoc[]
 
-It sets a password for a user account using a token.
+It updates the password for the authenticated user.
 
 ==== 1.5.1 Error Response - 400 - Bad Request
 These are example outputs for the `PUT /auth/update-password` endpoint for bad request.
@@ -434,45 +434,6 @@ include::auth/update-password-missing-token/http-response.adoc[]
 
 It returns a 401 Unauthorized error indicating that full authentication is required.
 
-=== 1.6 Update Password
-This is an example output for the `PUT /auth/update-password` endpoint.
-
-.request
-include::auth/update-password/http-request.adoc[]
-
-.response
-include::auth/update-password/http-response.adoc[]
-
-It sets a new password for the authenticated user.
-
-==== 1.6.1 Error Response - 400 - Bad Request
-These are example outputs for the `PUT /auth/update-password` endpoint for bad request.
-
-===== 1.6.1.1 Missing Body
-This is an example output when the request body is missing.
-
-.request
-include::auth/update-password-missing-body/http-request.adoc[]
-
-.response
-include::auth/update-password-missing-body/http-response.adoc[]
-
-It returns a 400 Bad Request error indicating that the request body is missing.
-
-==== 1.6.2 Error Response - 401 - Unauthorised
-These are example outputs for the `PUT /auth/update-password` endpoint for unauthorized access.
-
-===== 1.6.2.1 Missing Token
-This is an example output when the request token is missing.
-
-.request
-include::auth/update-password-missing-token/http-request.adoc[]
-
-.response
-include::auth/update-password-missing-token/http-response.adoc[]
-
-It returns a 401 Unauthorized error indicating that full authentication is required.
-
 == 2 User Endpoints
 
 === 2.1 Get Authenticated User
@@ -603,7 +564,7 @@ It promotes a user to the "MANAGER" role.
 ==== 2.5.1 Error Response - 401 - Unauthorized
 These are example outputs for the `PUT /users/{userId}/promote-manager` endpoint for unauthorized access.
 
-===== 2.3.1.1 Missing Authorization Header
+===== 2.5.1.1 Missing Authorization Header
 This is an example output when the Authorization header is missing in the request.
 
 .request
@@ -614,7 +575,7 @@ include::users/promote-manager-missing-authorization/http-response.adoc[]
 
 It returns a 401 Unauthorized error indicating that full authentication is required.
 
-===== 2.3.1.2 Malformed Token
+===== 2.5.1.2 Malformed Token
 This is an example output when the token provided is malformed.
 
 .request
@@ -625,10 +586,10 @@ include::users/promote-manager-malformed-token/http-response.adoc[]
 
 It returns a 401 Unauthorized error indicating that the token is invalid.
 
-==== 2.3.2 Error Response - 403 - Forbidden
+==== 2.5.2 Error Response - 403 - Forbidden
 These are example outputs for the `PUT /users/{userId}/promote-manager` endpoint for forbidden access.
 
-===== 2.3.2.1 Non-Admin User - Promote User to Manager
+===== 2.5.2.1 Non-Admin User - Promote User to Manager
 This is an example output when a non-admin user attempts to promote a user to manager.
 
 .request
@@ -639,10 +600,10 @@ include::users/promote-manager-non-admin/http-response.adoc[]
 
 It returns a 403 Forbidden error indicating that access is denied.
 
-==== 2.3.3 Error Response - 404 - Not Found
+==== 2.5.3 Error Response - 404 - Not Found
 These are example outputs for the `PUT /users/{userId}/promote-manager` endpoint for not found errors.
 
-===== 2.3.3.1 User Not Found
+===== 2.5.3.1 User Not Found
 This is an example output when the user to be promoted is not found.    
 
 .request
@@ -653,10 +614,10 @@ include::users/promote-manager-user-not-found/http-response.adoc[]
 
 It returns a 404 Not Found error indicating that the user was not found.
 
-==== 2.3.4 Error Response - 409 - Conflict
+==== 2.5.4 Error Response - 409 - Conflict
 These are example outputs for the `PUT /users/{userId}/promote-manager` endpoint for conflict errors.
 
-===== 2.3.4.1 User Already Manager
+===== 2.5.4.1 User Already Manager
 This is an example output when the user to be promoted is already a manager.
 
 .request
@@ -667,7 +628,7 @@ include::users/promote-manager-user-already-manager/http-response.adoc[]
 
 It returns a 409 Conflict error indicating that the user is already a manager.
 
-===== 2.3.4.2 User Already Admin
+===== 2.5.4.2 User Already Admin
 This is an example output when the user to be promoted is already an admin.
 
 .request