zhuyijun/nacos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ISSUE #11887] add some tips for upgrade (#12434)

Browse Source
This commit is contained in:
Plato 2024-07-29 10:34:40 +08:00 committed by GitHub
parent 3e28b586bb
commit 927fbfd110
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
plugin-default-impl/nacos-default-auth-plugin/src/main/java/com/alibaba/nacos/plugin/auth/impl/jwt/NacosJwtParser.java
View File

@ -19,6 +19,8 @@ package com.alibaba.nacos.plugin.auth.impl.jwt;
import com.alibaba.nacos.plugin.auth.exception.AccessException; import com.alibaba.nacos.plugin.auth.exception.AccessException;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUser; import com.alibaba.nacos.plugin.auth.impl.users.NacosUser;
import com.alibaba.nacos.plugin.auth.impl.utils.Base64Decode; import com.alibaba.nacos.plugin.auth.impl.utils.Base64Decode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import java.security.Key; import java.security.Key;
@ -32,12 +34,15 @@ import java.util.concurrent.TimeUnit;
*/ */
@SuppressWarnings("PMD.UndefineMagicConstantRule") @SuppressWarnings("PMD.UndefineMagicConstantRule")
public class NacosJwtParser { public class NacosJwtParser {
private static final Logger LOG = LoggerFactory.getLogger(NacosJwtParser.class);
private final NacosSignatureAlgorithm signatureAlgorithm; private final NacosSignatureAlgorithm signatureAlgorithm;
private final Key key; private final Key key;
public NacosJwtParser(String base64edKey) { public NacosJwtParser(String base64edKey) {
this.validKey(base64edKey);
byte[] decode = Base64Decode.decode(base64edKey); byte[] decode = Base64Decode.decode(base64edKey);
int bitLength = decode.length << 3; int bitLength = decode.length << 3;
if (bitLength < 256) { if (bitLength < 256) {
@ -58,6 +63,14 @@ public class NacosJwtParser {
} }
this.key = new SecretKeySpec(decode, signatureAlgorithm.getJcaName()); this.key = new SecretKeySpec(decode, signatureAlgorithm.getJcaName());
} }
private void validKey(String base64edKey) {
int length = base64edKey.toCharArray().length;
if (length % 4 != 0) {
LOG.warn("The secret Key currently in use is not a standard Base64 encoding"
+ " and will no longer be supported in future versions;");
}
}
private String sign(NacosJwtPayload payload) { private String sign(NacosJwtPayload payload) {
return signatureAlgorithm.sign(payload, key); return signatureAlgorithm.sign(payload, key);