Skip to content

Commit

Permalink
[ISSUE alibaba#12060] fix too large ttl when auth disabled
Browse files Browse the repository at this point in the history
fix issue alibaba#12060

1. fix too large ttl when auth disabled
2. generate a valid token when key is valid even if auth disabled
  • Loading branch information
DemonHugo authored May 12, 2024
1 parent b047a90 commit 4184147
Showing 1 changed file with 6 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -103,10 +103,13 @@ public String createToken(Authentication authentication) {
* @return token
*/
public String createToken(String userName) {
if (!authConfigs.isAuthEnabled()) {
// create a token when auth enabled or nacos.core.auth.plugin.nacos.token.secret.key is configured
if (!authConfigs.isAuthEnabled() && null == jwtParser) {
return AUTH_DISABLED_TOKEN;
} else if (authConfigs.isAuthEnabled()) {
// check nacos.core.auth.plugin.nacos.token.secret.key only if auth enabled
checkJwtParser();
}
checkJwtParser();
return jwtParser.jwtBuilder().setUserName(userName).setExpiredTime(this.tokenValidityInSeconds).compact();
}

Expand Down Expand Up @@ -147,7 +150,7 @@ public long getTokenValidityInSeconds() {
@Override
public long getTokenTtlInSeconds(String token) throws AccessException {
if (!authConfigs.isAuthEnabled()) {
return TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis()) + tokenValidityInSeconds;
return tokenValidityInSeconds;
}
return jwtParser.getExpireTimeInSeconds(token) - TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis());
}
Expand Down

0 comments on commit 4184147

Please sign in to comment.