fix RocketMQ SecretKey leakage risk (#3092)

fix RocketMQ SecretKey leakage risk.
2 years ago · 5f923b41e9
parent b68bf725f4
commit 5f923b41e9
1 changed files with 3 additions and 3 deletions
--- a/spring-cloud-alibaba-starters/spring-cloud-starter-stream-rocketmq/src/main/java/com/alibaba/cloud/stream/binder/rocketmq/utils/RocketMQUtils.java
+++ b/spring-cloud-alibaba-starters/spring-cloud-starter-stream-rocketmq/src/main/java/com/alibaba/cloud/stream/binder/rocketmq/utils/RocketMQUtils.java
@ -77,10 +77,10 @@ public final class RocketMQUtils {
 		if (null != rpcHook) {
 			SessionCredentials sessionCredentials = ((AclClientRPCHook) rpcHook)
 					.getSessionCredentials();
-			instanceName.append(sessionCredentials.getAccessKey()).append(separator)
-					.append(sessionCredentials.getSecretKey()).append(separator);
+			instanceName.append(sessionCredentials.getAccessKey()).append(separator);
 		}
-		instanceName.append(identify).append(separator).append(UtilAll.getPid());
+		instanceName.append(identify).append(separator).append(UtilAll.getPid())
+				.append(separator).append(Long.toString(System.nanoTime(), 36));
 		return instanceName.toString();
 	}