From b50be4ce1a51d66a54eb3edb144f72c735171e65 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 05 九月 2023 11:58:53 +0800
Subject: [PATCH] [UPDATE] 解決弱點掃描Use of hard-coded cryptographic key問題, 須把key參數移動到設定檔

---
 pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
index 8b2d0e5..6bb5f5e 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
@@ -46,6 +46,9 @@
 
     @Autowired
     ConsultantService consultantService;
+    
+    @Autowired
+    AesUtil aesUtil;
 
     @AuditLoggingInject(type = CONSULTANT_LOGIN)
     @PostMapping("/authenticate/{imgCode}")
@@ -55,7 +58,7 @@
 			@PathVariable String imgCode) throws Exception{
     	
     	
-    	String paswword = AesUtil.aesDecode(eServiceLoginVM.getPassword());
+    	String paswword = aesUtil.aesDecode(eServiceLoginVM.getPassword());
     	if(!StringUtils.hasText(paswword)) {
     		throw new OtpLoginFailException("撖Ⅳ閫�撖仃���");
     	}

--
Gitblit v1.8.0