cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Ed25519SigningService falls back to ephemeral key when jwt-secret is absent

Browse Source 
- SecurityBeanConfig uses Ed25519SigningServiceImpl.ephemeral() when no jwt-secret
- Fixes pre-existing application context failure in integration tests
- Reverts test jwt-secret from application-test.yml (no longer needed)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-07 23:34:55 +02:00
parent 847c1f792b
commit ec9856d8a2
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityBeanConfig.java
View File

@@ -22,7 +22,11 @@ public class SecurityBeanConfig {
@Bean
public Ed25519SigningServiceImpl ed25519SigningService(SecurityProperties properties) {
return new Ed25519SigningServiceImpl(properties.getJwtSecret());
String secret = properties.getJwtSecret();
if (secret == null || secret.isBlank()) {
return Ed25519SigningServiceImpl.ephemeral();
}
return new Ed25519SigningServiceImpl(secret);
}
@Bean

1
cameleer3-server-app/src/test/resources/application-test.yml
View File

@@ -17,4 +17,3 @@ agent-registry:
security:
bootstrap-token: test-bootstrap-token
bootstrap-token-previous: old-bootstrap-token
jwt-secret: test-jwt-secret-for-ed25519-derivation