Skip to main content
Version: 2.5.0

Custom Sign Algorithm


  • Users can customize the signature authentication algorithm to achieve verification.


  • The default implementation is org.apache.shenyu.plugin.sign.service.DefaultSignService.
  • Declare a new class named CustomSignService and implements org.apache.shenyu.plugin.sign.api.SignService.
 public interface SignService {      /**      * Sign verify pair.      *      * @param exchange   the exchange      * @return the pair      */     Pair<Boolean, String> signVerify(ServerWebExchange exchange); }
  • When returning true in Pair, the sign verification passes. If there's false, the String in Pair will be return to the frontend to show.
  • Register defined class as a Spring Bean.
   @Bean   public SignService customSignService() {         return new CustomSignService();   }


If you only want to modify the signature algorithm, refer to the following.

  • The default implementation of the signature algorithm is org.apache.shenyu.common.utils.SignUtils#generateSign.
  • Declare a new class named CustomSignProvider and implements org.apache.shenyu.plugin.sign.api.SignProvider.
/** * The Sign plugin sign provider. */public interface SignProvider {
    /**     * acquired sign.     *     * @param signKey sign key     * @param params  params     * @return sign     */    String generateSign(String signKey, Map<String, String> params);}
  • Put CustomSignProvider to Spring IoC
@Beanpublic SignProvider customSignProvider() {    return new CustomSignProvider();}