Skip to main content
Version: 2.6.1

Custom Sign Algorithm


  • Users can customize the signature authentication algorithm to achieve verification.


  • The default implementation is org.apache.shenyu.plugin.sign.service.ComposableSignService.
    @Bean@ConditionalOnMissingBean(value = SignService.class, search = SearchStrategy.ALL)public SignService signService() {    return new ComposableSignService(new DefaultExtractor(), new DefaultSignProvider());}
  • Declare a new class named CustomSignService and implements org.apache.shenyu.plugin.plugin.sign.service.
public interface SignService {
    /**     * Gets verifyResult.     * @param exchange exchange     * @param requestBody requestBody     * @return result     */    VerifyResult signatureVerify(ServerWebExchange exchange, String requestBody);
    /**     * Gets verifyResult.     * @param exchange exchange     * @return result     */    VerifyResult signatureVerify(ServerWebExchange exchange);}

  • When returning is isSuccess() of VerifyResult, the sign verification passes. If there's false, the getReason() of VerifyResult will be return to the frontend to show.
  • Register defined class as a Spring Bean.
   @Bean   public SignService customSignService() {         return new CustomSignService();   }