feature: implementation of DefaultAuthSigner (apache#4480)

funky-eyes · Mar 19, 2022 · 99fc37d · 99fc37d
1 parent e365ea4
commit 99fc37d
Show file tree

Hide file tree

Showing 5 changed files with 77 additions and 6 deletions.
diff --git a/changes/1.5.0.md b/changes/1.5.0.md
@@ -46,7 +46,7 @@ Seata 是一款开源的分布式事务解决方案，提供高性能和简单
   - [[#4332](https://github.com/seata/seata/pull/4332)] 实现配置中心上传配置交互脚本(apollo,consul,zk)
   - [[#4320](https://github.com/seata/seata/pull/4320)] 实现控制台db模式全局事务、锁查询接口
   - [[#4435](https://github.com/seata/seata/pull/4435)] 控制台前端页面实现
-
+  - [[#4480](https://github.com/seata/seata/pull/4480)] 实现DefaultAuthSigner的默认签名加密方法
 
 ### bugfix：
   - [[#3497](https://github.com/seata/seata/pull/3497)] 修复TCC模式并发量较大时线程池导致的超时问题
@@ -259,7 +259,7 @@ Seata 是一款开源的分布式事务解决方案，提供高性能和简单
   - [wangyuewen](https://github.com/2858917634)
   - [Bughue](https://github.com/Bughue)
   - [liuqiufeng](https://github.com/liuqiufeng)
-
+  - [onlinechild](https://github.com/onlinechild)
 
 同时，我们收到了社区反馈的很多有价值的issue和建议，非常感谢大家。
 

diff --git a/changes/en-us/1.5.0.md b/changes/en-us/1.5.0.md
@@ -46,6 +46,7 @@
   - [[#4332](https://github.com/seata/seata/pull/4332)] Realize configuration center upload configuration interactive script (apollo,consul,zk)
   - [[#4320](https://github.com/seata/seata/pull/4320)] realize the interface of console: get global session and global lock in the db mode
   - [[#4435](https://github.com/seata/seata/pull/4435)] console front-end page implementation
+  - [[#4480](https://github.com/seata/seata/pull/4480)] implementation of DefaultAuthSigner
 
   ### bugfix：
   - [[#3497](https://github.com/seata/seata/pull/3497)] fix tcc phase two response timeout exception
@@ -262,6 +263,7 @@
   - [wangyuewen](https://github.com/2858917634)
   - [Bughue](https://github.com/Bughue)
   - [liuqiufeng](https://github.com/liuqiufeng)
+  - [onlinechild](https://github.com/onlinechild)
 
 
 

diff --git a/core/src/main/java/io/seata/core/auth/DefaultAuthSigner.java b/core/src/main/java/io/seata/core/auth/DefaultAuthSigner.java
@@ -16,6 +16,7 @@
 package io.seata.core.auth;
 
 import io.seata.common.loader.LoadLevel;
+import io.seata.common.util.StringUtils;
 
 /**
  * @author slievrly
@@ -24,6 +25,9 @@
 public class DefaultAuthSigner implements AuthSigner {
     @Override
     public String sign(String data, String key) {
+        if (StringUtils.isNotBlank(key) && StringUtils.isNotBlank(data)) {
+            return RamSignAdapter.getRamSign(data, key);
+        }
         return data;
     }
 }
diff --git a/core/src/main/java/io/seata/core/auth/RamSignAdapter.java b/core/src/main/java/io/seata/core/auth/RamSignAdapter.java
@@ -0,0 +1,60 @@
+/*
+ *  Copyright 1999-2019 Seata.io Group.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package io.seata.core.auth;
+
+import io.seata.common.util.ConfigTools;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * adapt ram sign interface
+ *
+ * @author onlinechild
+ */
+public class RamSignAdapter {
+
+    public static final String SHA_ENCRYPT = "HmacSHA1";
+
+    /**
+     * get ram sign
+     * Sign with hmac SHA1 encrtpt
+     *
+     * @param encryptText encrypt text
+     * @param encryptKey  encrypt key
+     * @return base64 string
+     */
+    public static String getRamSign(String encryptText, String encryptKey) {
+        try {
+            byte[] data = encryptKey.getBytes(StandardCharsets.UTF_8);
+            // Construct a key according to the given byte array, and the second parameter specifies the name of a key algorithm
+            SecretKey secretKey = new SecretKeySpec(data, SHA_ENCRYPT);
+            // Generate a Mac object specifying Mac algorithm
+            Mac mac = Mac.getInstance(SHA_ENCRYPT);
+            // Initialize the Mac object with the given key
+            mac.init(secretKey);
+            byte[] text = encryptText.getBytes(StandardCharsets.UTF_8);
+            byte[] textFinal = mac.doFinal(text);
+            // Complete Mac operation, base64 encoding, convert byte array to string
+            return ConfigTools.byte2Base64(textFinal);
+        } catch (Exception e) {
+            throw new RuntimeException("get ram sign with hmacSHA1Encrypt fail", e);
+        }
+    }
+
+}
diff --git a/core/src/main/java/io/seata/core/rpc/netty/NettyClientChannelManager.java b/core/src/main/java/io/seata/core/rpc/netty/NettyClientChannelManager.java
@@ -26,6 +26,7 @@
 import java.util.function.Function;
 import java.util.stream.Collectors;
 
+import io.seata.core.protocol.RegisterTMRequest;
 import org.apache.commons.pool.impl.GenericKeyedObjectPool;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -233,10 +234,14 @@ private Channel doConnect(String serverAddress) {
         Channel channelFromPool;
         try {
             NettyPoolKey currentPoolKey = poolKeyFunction.apply(serverAddress);
-            NettyPoolKey previousPoolKey = poolKeyMap.putIfAbsent(serverAddress, currentPoolKey);
-            if (previousPoolKey != null && previousPoolKey.getMessage() instanceof RegisterRMRequest) {
-                RegisterRMRequest registerRMRequest = (RegisterRMRequest) currentPoolKey.getMessage();
-                ((RegisterRMRequest) previousPoolKey.getMessage()).setResourceIds(registerRMRequest.getResourceIds());
+            if (currentPoolKey.getMessage() instanceof RegisterTMRequest) {
+                poolKeyMap.put(serverAddress, currentPoolKey);
+            } else {
+                NettyPoolKey previousPoolKey = poolKeyMap.putIfAbsent(serverAddress, currentPoolKey);
+                if (previousPoolKey != null && previousPoolKey.getMessage() instanceof RegisterRMRequest) {
+                    RegisterRMRequest registerRMRequest = (RegisterRMRequest) currentPoolKey.getMessage();
+                    ((RegisterRMRequest) previousPoolKey.getMessage()).setResourceIds(registerRMRequest.getResourceIds());
+                }
             }
             channelFromPool = nettyClientKeyPool.borrowObject(poolKeyMap.get(serverAddress));
             channels.put(serverAddress, channelFromPool);