From 22a5ad3acef0bfb8353dac64d4cbe0d52f6d2a07 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期五, 01 九月 2023 10:16:41 +0800
Subject: [PATCH] [UPDATE] 解決弱點Use of hard-coded cryptographic key , 把key移到設定檔

---
 pamapi/src/main/resources/config/application-dev.yml |   42 ++++++++++++++++++++++++++++++++++++------
 1 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/pamapi/src/main/resources/config/application-dev.yml b/pamapi/src/main/resources/config/application-dev.yml
index 1f86d06..14ce3bd 100644
--- a/pamapi/src/main/resources/config/application-dev.yml
+++ b/pamapi/src/main/resources/config/application-dev.yml
@@ -32,7 +32,8 @@
       indent-output: true
   datasource:
     type: com.zaxxer.hikari.HikariDataSource
-    url: jdbc:postgresql://dev.pollex.com.tw:5433/pam
+    url: jdbc:postgresql://dev.pollex.com.tw:5433/pam_p2
+    #url: jdbc:postgresql://localhost:5432/omo?currentSchema=public
     username: pamadmin
     password: pamadmin
     hikari:
@@ -44,10 +45,16 @@
     # Remove 'faker' if you do not want the sample data to be loaded automatically
     contexts: dev, faker
   mail:
-    host: localhost
-    port: 25
-    username:
-    password:
+    host: smtp.gmail.com
+    port: 587
+    username: pollex.testing@gmail.com
+    password: ilismmmhtscppxft
+    properties:
+      mail:
+        smtp:
+          auth: true
+          starttls:
+            enable: true
   messages:
     cache-duration: PT1S # 1 second, see the ISO 8601 standard
   thymeleaf:
@@ -110,4 +117,27 @@
 # https://www.jhipster.tech/common-application-properties/
 # ===================================================================
 
-# application:
+application:
+  mock-login: true
+  otp-web-service-url: https://vtwlifeopensyssit.pru.intranet.asia:443/pcalife-otp/ws/otpWebService?wsdl
+  otp-web-service-password: es20!%Pass
+  otp-web-service-system-type: epos
+  e-service-login-url: https://eserviceuat.pcalife.com.tw/sso/chatbotValidate
+  e-service-login-func: ValidateUsrLogin
+  e-service-login-sys: epos
+  front-end-domain: 'http://localhost:3000/#'
+  sms:
+    send-notify-msg: false
+    url: https://localhost:8081/testSMS
+    source-code: ePos
+    sender: POS
+    sms-type: '0017'
+    subject: '慦�像��'
+  email:
+    send-notify-msg: false
+    url: https://localhost:8081/testEmail
+    function-id: epos
+    sender-email: noreply@pcalife.com.tw
+    method: 'POLLEX_GMAIL'
+  file-folder-path: C://pam_file
+  aes-key: PAMKEY1234567890

--
Gitblit v1.8.0