(incubator-streampark) branch dev-2.1.5 updated: [Improve] JWT verify bug fixed.

Sun, 04 Aug 2024 02:39:07 -0700 

This is an automated email from the ASF dual-hosted git repository.

benjobs pushed a commit to branch dev-2.1.5
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git


The following commit(s) were added to refs/heads/dev-2.1.5 by this push:
     new 4d654562c [Improve] JWT verify bug fixed.
4d654562c is described below

commit 4d654562ce0cfeb0acb0f7bbc26a1b65891f458e
Author: benjobs <[email protected]>
AuthorDate: Sun Aug 4 17:38:47 2024 +0800

    [Improve] JWT verify bug fixed.
---
 .../org/apache/streampark/console/system/authentication/ShiroRealm.java | 2 +-
 .../apache/streampark/console/core/service/AccessTokenServiceTest.java  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
 
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
index d3c71ca9a..29d009528 100644
--- 
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
+++ 
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/system/authentication/ShiroRealm.java
@@ -126,7 +126,7 @@ public class ShiroRealm extends AuthorizingRealm {
 
     // Query user information by username
     User user = userService.findByName(username);
-    if (user == null || !JWTUtil.verify(credential, username, user.getSalt())) 
{
+    if (user == null || !JWTUtil.verify(credential, username, 
user.getPassword())) {
       throw new AuthenticationException("the authorization token verification 
failed.");
     }
 
diff --git 
a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
 
b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
index f9cb3411e..d4a544a24 100644
--- 
a/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
+++ 
b/streampark-console/streampark-console-service/src/test/java/org/apache/streampark/console/core/service/AccessTokenServiceTest.java
@@ -56,7 +56,7 @@ public class AccessTokenServiceTest extends SpringTestBase {
     Assertions.assertEquals("admin", username);
     User user = userService.findByName(username);
     Assertions.assertNotNull(user);
-    Assertions.assertTrue(JWTUtil.verify(jwtToken.getToken(), username, 
user.getSalt()));
+    Assertions.assertTrue(JWTUtil.verify(jwtToken.getToken(), username, 
user.getPassword()));
 
     // list
     AccessToken mockToken1 = new AccessToken();

Reply via email to