Skip to content

Commit

Permalink
[ISSUE alibaba#11887] add some tips for upgrade (alibaba#12434)
Browse files Browse the repository at this point in the history
  • Loading branch information
cold-l authored Jul 29, 2024
1 parent 3e28b58 commit 927fbfd
Showing 1 changed file with 13 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@
import com.alibaba.nacos.plugin.auth.exception.AccessException;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUser;
import com.alibaba.nacos.plugin.auth.impl.utils.Base64Decode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
Expand All @@ -32,12 +34,15 @@
*/
@SuppressWarnings("PMD.UndefineMagicConstantRule")
public class NacosJwtParser {

private static final Logger LOG = LoggerFactory.getLogger(NacosJwtParser.class);

private final NacosSignatureAlgorithm signatureAlgorithm;

private final Key key;

public NacosJwtParser(String base64edKey) {
this.validKey(base64edKey);
byte[] decode = Base64Decode.decode(base64edKey);
int bitLength = decode.length << 3;
if (bitLength < 256) {
Expand All @@ -58,6 +63,14 @@ public NacosJwtParser(String base64edKey) {
}
this.key = new SecretKeySpec(decode, signatureAlgorithm.getJcaName());
}

private void validKey(String base64edKey) {
int length = base64edKey.toCharArray().length;
if (length % 4 != 0) {
LOG.warn("The secret Key currently in use is not a standard Base64 encoding"
+ " and will no longer be supported in future versions;");
}
}

private String sign(NacosJwtPayload payload) {
return signatureAlgorithm.sign(payload, key);
Expand Down

0 comments on commit 927fbfd

Please sign in to comment.