(incubator-hugegraph) branch master updated: fix(server): random generate default value (#2568)

Sun, 14 Jul 2024 02:05:49 -0700 

This is an automated email from the ASF dual-hosted git repository.

vgalaxies pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph.git


The following commit(s) were added to refs/heads/master by this push:
     new 03b40a524 fix(server): random generate default value (#2568)
03b40a524 is described below

commit 03b40a52446218c83e98cb43020e0593a744a246
Author: HaoJin Yang <[email protected]>
AuthorDate: Sun Jul 14 17:05:35 2024 +0800

    fix(server): random generate default value (#2568)
    
    Co-authored-by: imbajin <[email protected]>
---
 .../java/org/apache/hugegraph/auth/StandardAuthManager.java |  1 +
 .../main/java/org/apache/hugegraph/config/AuthOptions.java  | 13 ++++++++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git 
a/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/StandardAuthManager.java
 
b/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/StandardAuthManager.java
index 6f84cbf29..103c58afc 100644
--- 
a/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/StandardAuthManager.java
+++ 
b/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/auth/StandardAuthManager.java
@@ -107,6 +107,7 @@ public class StandardAuthManager implements AuthManager {
                                                 HugeAccess::fromEdge);
 
         this.tokenGenerator = new TokenGenerator(config);
+        LOG.info("Randomly generate a JWT secret key now");
 
         this.ipWhiteList = new HashSet<>();
 
diff --git 
a/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/config/AuthOptions.java
 
b/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/config/AuthOptions.java
index af0493461..c996082da 100644
--- 
a/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/config/AuthOptions.java
+++ 
b/hugegraph-server/hugegraph-core/src/main/java/org/apache/hugegraph/config/AuthOptions.java
@@ -21,6 +21,9 @@ import static 
org.apache.hugegraph.config.OptionChecker.disallowEmpty;
 import static org.apache.hugegraph.config.OptionChecker.rangeDouble;
 import static org.apache.hugegraph.config.OptionChecker.rangeInt;
 
+import java.security.SecureRandom;
+import java.util.Base64;
+
 public class AuthOptions extends OptionHolder {
 
     private AuthOptions() {
@@ -90,7 +93,7 @@ public class AuthOptions extends OptionHolder {
                     "auth.token_secret",
                     "Secret key of HS256 algorithm.",
                     disallowEmpty(),
-                    "FXQXbJtbCLxODc6tGci732pkH1cyf8Qg"
+                    generateRandomBase64Key()
             );
 
     public static final ConfigOption<Double> AUTH_AUDIT_LOG_RATE =
@@ -126,4 +129,12 @@ public class AuthOptions extends OptionHolder {
                     rangeInt(0L, Long.MAX_VALUE),
                     (3600 * 24L)
             );
+
+    private static String generateRandomBase64Key() {
+        SecureRandom random = new SecureRandom();
+        // 32 bytes for HMAC-SHA256
+        byte[] bytes = new byte[32];
+        random.nextBytes(bytes);
+        return Base64.getEncoder().encodeToString(bytes);
+    }
 }

Reply via email to