This is an automated email from the ASF dual-hosted git repository.
benjobs pushed a commit to branch dev-2.1.4
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
The following commit(s) were added to refs/heads/dev-2.1.4 by this push:
new 05730a280 [Improve] shiro sign in improvements
05730a280 is described below
commit 05730a2802b3a68cada733bbf819d9daf895f533
Author: benjobs <[email protected]>
AuthorDate: Tue Mar 19 10:51:50 2024 +0800
[Improve] shiro sign in improvements
---
.../console/system/authentication/JWTUtil.java | 16 +++++++---------
.../console/system/authentication/ShiroRealm.java | 2 +-
.../console/system/controller/PassportController.java | 2 +-
.../system/service/impl/AccessTokenServiceImpl.java | 3 ++-
.../console/core/service/AccessTokenServiceTest.java | 2 +-
.../console/system/authentication/JWTTest.java | 1 +
6 files changed, 13 insertions(+), 13 deletions(-)
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java
index bafcf171f..5f89c0f9a 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/JWTUtil.java
@@ -21,8 +21,6 @@ import
org.apache.streampark.console.base.properties.ShiroProperties;
import org.apache.streampark.console.base.util.SpringContextUtils;
import org.apache.streampark.console.core.enums.AuthenticationType;
-import org.apache.commons.lang3.RandomStringUtils;
-
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
@@ -37,17 +35,15 @@ public class JWTUtil {
private static final long JWT_TIME_OUT =
SpringContextUtils.getBean(ShiroProperties.class).getJwtTimeOut() * 1000;
- private static final Algorithm algorithm =
- Algorithm.HMAC256(RandomStringUtils.randomAlphanumeric(256));
-
/**
* verify token
*
* @param token token
* @return is valid token
*/
- public static boolean verify(String token, String username) {
+ public static boolean verify(String token, String username, String secret) {
try {
+ Algorithm algorithm = Algorithm.HMAC256(secret);
JWTVerifier verifier = JWT.require(algorithm).withClaim("userName",
username).build();
verifier.verify(token);
return true;
@@ -92,8 +88,9 @@ public class JWTUtil {
* @param userName
* @return
*/
- public static String sign(Long userId, String userName, AuthenticationType
authType) {
- return sign(userId, userName, authType, getExpireTime());
+ public static String sign(
+ Long userId, String userName, String secret, AuthenticationType
authType) {
+ return sign(userId, userName, secret, authType, getExpireTime());
}
/**
@@ -105,8 +102,9 @@ public class JWTUtil {
* @return
*/
public static String sign(
- Long userId, String userName, AuthenticationType authType, Long
expireTime) {
+ Long userId, String userName, String secret, AuthenticationType
authType, Long expireTime) {
Date date = new Date(expireTime);
+ Algorithm algorithm = Algorithm.HMAC256(secret);
return JWT.create()
.withClaim("userId", userId)
.withClaim("userName", userName)
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
index 9c4e07639..a654d9b39 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
@@ -89,7 +89,7 @@ public class ShiroRealm extends AuthorizingRealm {
// Query user information by username
User user = userService.findByName(username);
- if (user == null || !JWTUtil.verify(credential, username)) {
+ if (user == null || !JWTUtil.verify(credential, username, user.getSalt()))
{
throw new AuthenticationException("the authorization token verification
failed.");
}
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/PassportController.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/PassportController.java
index 4a7f1ab94..ee0fc8f39 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/PassportController.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/controller/PassportController.java
@@ -93,7 +93,7 @@ public class PassportController {
}
this.userService.updateLoginTime(username);
- String sign = JWTUtil.sign(user.getUserId(), username,
AuthenticationType.SIGN);
+ String sign = JWTUtil.sign(user.getUserId(), username, user.getSalt(),
AuthenticationType.SIGN);
LocalDateTime expireTime =
LocalDateTime.now().plusSeconds(properties.getJwtTimeOut());
String ttl = DateUtils.formatFullTime(expireTime);
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java
index bcc5bd904..d2526ce80 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/service/impl/AccessTokenServiceImpl.java
@@ -60,7 +60,8 @@ public class AccessTokenServiceImpl extends
ServiceImpl<AccessTokenMapper, Acces
}
String token =
WebUtils.encryptToken(
- JWTUtil.sign(user.getUserId(), user.getUsername(),
AuthenticationType.OPENAPI));
+ JWTUtil.sign(
+ user.getUserId(), user.getUsername(), user.getSalt(),
AuthenticationType.OPENAPI));
JWTToken jwtToken = new JWTToken(token, AccessToken.DEFAULT_EXPIRE_TIME,
1);
AccessToken accessToken = new AccessToken();
diff --git
a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
index 14b278d3e..cc23b26ef 100644
---
a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
+++
b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
@@ -56,7 +56,7 @@ public class AccessTokenServiceTest extends SpringTestBase {
Assertions.assertEquals("admin", username);
User user = userService.findByName(username);
Assertions.assertNotNull(user);
- Assertions.assertTrue(JWTUtil.verify(jwtToken.getToken(), username));
+ Assertions.assertTrue(JWTUtil.verify(jwtToken.getToken(), username,
user.getSalt()));
// list
AccessToken mockToken1 = new AccessToken();
diff --git
a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java
b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java
index 4d9dcfaa4..a1df28c47 100644
---
a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java
+++
b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/system/authentication/JWTTest.java
@@ -39,6 +39,7 @@ class JWTTest extends SpringTestBase {
JWTUtil.sign(
10000L,
userName,
+ "streampark",
AuthenticationType.SIGN,
DateUtils.getTime(expireTime, DateUtils.fullFormat(),
TimeZone.getDefault()));
