From 3ac206aaba8627129c747f2bb9aacf07b4974bfd Mon Sep 17 00:00:00 2001 From: Deddy Syefria Date: Sat, 20 Jan 2018 12:54:55 +0700 Subject: [PATCH] jwt seacret as plain text --- .../services/view/interceptors/AuthenticationInterceptor.java | 2 +- .../topcoder/direct/services/view/util/jwt/DirectJWTSigner.java | 2 +- .../com/topcoder/direct/services/view/util/jwt/JWTToken.java | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java b/src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java index ef2f293b5..8b8a1b8db 100644 --- a/src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java +++ b/src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java @@ -295,7 +295,7 @@ public String intercept(ActionInvocation invocation) throws Exception { JWTToken jwtToken = null; try { jwtToken = new JWTToken(jwtCookie.getValue(),DirectProperties.JWT_V3_SECRET, - DirectProperties.JWT_VALID_ISSUERS, authorizationURL, new JWTToken.Base64SecretEncoder()); + DirectProperties.JWT_VALID_ISSUERS, authorizationURL, new JWTToken.SecretEncoder()); jwtToken.verify(); } catch (TokenExpiredException e) { logger.error("Token is expired. Try to refresh"); diff --git a/src/java/main/com/topcoder/direct/services/view/util/jwt/DirectJWTSigner.java b/src/java/main/com/topcoder/direct/services/view/util/jwt/DirectJWTSigner.java index ad274cdd9..fed42c12f 100644 --- a/src/java/main/com/topcoder/direct/services/view/util/jwt/DirectJWTSigner.java +++ b/src/java/main/com/topcoder/direct/services/view/util/jwt/DirectJWTSigner.java @@ -38,7 +38,7 @@ public class DirectJWTSigner { /** * Secret encoder */ - private JWTToken.SecretEncoder secretEncoder = new JWTToken.Base64SecretEncoder(); + private JWTToken.SecretEncoder secretEncoder = new JWTToken.SecretEncoder(); /** * Create the JWT signer diff --git a/src/java/main/com/topcoder/direct/services/view/util/jwt/JWTToken.java b/src/java/main/com/topcoder/direct/services/view/util/jwt/JWTToken.java index 99a964236..6a2efd097 100644 --- a/src/java/main/com/topcoder/direct/services/view/util/jwt/JWTToken.java +++ b/src/java/main/com/topcoder/direct/services/view/util/jwt/JWTToken.java @@ -81,7 +81,7 @@ public class JWTToken { private String algorithmName = "HS256"; - protected SecretEncoder encoder = new Base64SecretEncoder(); + protected SecretEncoder encoder = new SecretEncoder(); private boolean valid = false;