thelastpickle · burmanm · Sep 3, 2021 · Sep 2, 2021
diff --git a/src/server/src/main/java/io/cassandrareaper/resources/auth/ShiroJwtProvider.java b/src/server/src/main/java/io/cassandrareaper/resources/auth/ShiroJwtProvider.java
@@ -22,15 +22,16 @@
 import io.cassandrareaper.storage.PostgresStorage;
 
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.security.Key;
+import java.util.Base64;
 
 import javax.crypto.spec.SecretKeySpec;
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
-import javax.xml.bind.DatatypeConverter;
 
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
@@ -55,6 +56,7 @@ String getJwt(HttpServletRequest request) throws IOException {
   }
 
   private static Key getSigningKey(AppContext cxt) {
+    byte[] key;
     String txt = System.getenv("JWT_SECRET");
     if (null == txt) {
       if (cxt.storage instanceof CassandraStorage) {
@@ -64,7 +66,10 @@ private static Key getSigningKey(AppContext cxt) {
       } else {
         txt = AppContext.REAPER_INSTANCE_ADDRESS;
       }
+      key = txt.getBytes(StandardCharsets.UTF_8);
+    } else {
+      key = Base64.getDecoder().decode(txt);
     }
-    return new SecretKeySpec(DatatypeConverter.parseBase64Binary(txt), SIG_ALG.getJcaName());
+    return new SecretKeySpec(key, SIG_ALG.getJcaName());
   }
 }