Aias00 opened a new pull request, #978: URL: https://github.com/apache/dubbo-go-pixiu/pull/978
## What Reject admin JWTs that use non-HMAC signing methods and allow deployments to override the default signing key with `DUBBOGO_PIXIU_JWT_SIGN_KEY`. ## Why JWT parsing previously returned the verification key without first constraining the token signing method, and deployments only had the hardcoded default signing key path. ## Testing - `go test ./admin/controller/auth` - `git diff --check` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
