support config your custom jwt secret need (#167)

dromara · Oct 23, 2022 · 12987a7 · 12987a7
1 parent 4e54fb2
commit 12987a7
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/core/src/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java b/core/src/main/java/com/usthe/sureness/util/JsonWebTokenUtil.java
@@ -1,5 +1,6 @@
 package com.usthe.sureness.util;
 
+import com.usthe.sureness.processor.exception.ExtSurenessException;
 import io.jsonwebtoken.*;
 import io.jsonwebtoken.security.*;
 import io.jsonwebtoken.security.SignatureException;
@@ -37,6 +38,8 @@ public class JsonWebTokenUtil {
     /** Encryption and decryption signature **/
     private static Key secretKey;
 
+    private static boolean isUsedDefault = true;
+
     static {
         byte[] secretKeyBytes = DatatypeConverter.parseBase64Binary(DEFAULT_SECRET_KEY);
         secretKey = Keys.hmacShaKeyFor(secretKeyBytes);
@@ -200,6 +203,9 @@ public static String issueJwt(String subject, Long period, Map<String, Object> c
     public static String issueJwtAll(String id, String subject, String issuer, Long period,
                                      String audience, String payload, Long notBefore,
                                      Map<String, Object> headerMap, Map<String, Object> customClaimMap){
+        if (isUsedDefault) {
+            throw new ExtSurenessException("Please config your custom jwt secret. JsonWebTokenUtil.setDefaultSecretKey | sureness.jwt.secret");
+        }
         long currentTimeMillis = System.currentTimeMillis();
         JwtBuilder jwtBuilder = Jwts.builder();
         if (id != null) {
@@ -295,5 +301,6 @@ public static Claims parseJwt(String jwt) throws ExpiredJwtException, Unsupporte
     public static void setDefaultSecretKey(String secretNowKeyValue) {
         byte[] secretKeyBytes = DatatypeConverter.parseBase64Binary(secretNowKeyValue);
         secretKey = Keys.hmacShaKeyFor(secretKeyBytes);
+        isUsedDefault = false;
     }
 }