jwt seacret as plain text

Author: deedee

src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java

@@ -295,7 +295,7 @@ public String intercept(ActionInvocation invocation) throws Exception {
         JWTToken jwtToken = null;
         try {
             jwtToken = new JWTToken(jwtCookie.getValue(),DirectProperties.JWT_V3_SECRET,
-                    DirectProperties.JWT_VALID_ISSUERS, authorizationURL, new JWTToken.Base64SecretEncoder());
+                    DirectProperties.JWT_VALID_ISSUERS, authorizationURL, new JWTToken.SecretEncoder());
             jwtToken.verify();
         } catch (TokenExpiredException e) {
             logger.error("Token is expired. Try to refresh");

src/java/main/com/topcoder/direct/services/view/util/jwt/DirectJWTSigner.java

@@ -38,7 +38,7 @@ public class DirectJWTSigner {
     /**
      * Secret encoder
      */
-    private JWTToken.SecretEncoder secretEncoder = new JWTToken.Base64SecretEncoder();
+    private JWTToken.SecretEncoder secretEncoder = new JWTToken.SecretEncoder();
 
     /**
      * Create the JWT signer

src/java/main/com/topcoder/direct/services/view/util/jwt/JWTToken.java

@@ -81,7 +81,7 @@ public class JWTToken {
 
     private String algorithmName = "HS256";
 
-    protected SecretEncoder encoder = new Base64SecretEncoder();
+    protected SecretEncoder encoder = new SecretEncoder();
 
     private boolean valid = false;