From f5195f3515557aad5deb41a9e016a5de4fccea7a Mon Sep 17 00:00:00 2001 From: gkim Date: Wed, 20 Dec 2023 23:08:27 +0900 Subject: [PATCH] :ambulance: fix: Change env settings to Jasypt encryption MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 환경변수 항목 Jasypt 암호화 방식으로 수정 - 노출된 보안요소 변경 Related: #14 --- .../vote/auth/jwt/provider/JwtTokenProvider.java | 1 - src/main/resources/application.yml | 16 +++++----------- 2 files changed, 5 insertions(+), 12 deletions(-) diff --git a/src/main/java/com/ceos/vote/auth/jwt/provider/JwtTokenProvider.java b/src/main/java/com/ceos/vote/auth/jwt/provider/JwtTokenProvider.java index dc4c9b3..7a01801 100644 --- a/src/main/java/com/ceos/vote/auth/jwt/provider/JwtTokenProvider.java +++ b/src/main/java/com/ceos/vote/auth/jwt/provider/JwtTokenProvider.java @@ -21,7 +21,6 @@ @Component @Transactional(readOnly = true) @Slf4j -@PropertySource("classpath:application.yml") public class JwtTokenProvider { private static final String AUTHORITIES_KEY = "role"; diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index e8ed6c3..4f8a29c 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -3,23 +3,17 @@ spring: profiles: include: secret - jwt: - token: - secret: ${jwt.token.secret} - access-token-validity-in-seconds: ${jwt.token.access-token-validity-in-seconds} - refresh-token-validity-in-seconds: ${jwt.token.refresh-token-validity-in-seconds} - datasource: driver-class-name: com.mysql.cj.jdbc.Driver - url: ${db.url} - username: ${db.username} - password: ${db.password} + url: ENC(aaX0j72mYzWkdVKfmPSv5K3RI0oVxwToz7mqL8Y8Dv2+8iqO7YaSFVvIl+fuaZKYbxN7wd6zBE0XvbXa8fSBmufq2aRVHVRX+Y71TnkCeOY81CyS1cZX4g==) + username: ENC(qOgX3PNBqpY45OYhqZFcoQ==) + password: ENC(Zg96EiJQDju2pWAq/nC5vwapLPZL4WLQ) data: redis: - host: ${redis.host} + host: ENC(EIZI2FGl7luftV7JAzeyjQ==) port: 6379 - password: root1234 + password: ENC(bSF1EdS4uTZc49wWhYhICDcugXrrIhgV) jpa: database: mysql