|
|
@ -10,6 +10,7 @@ import ( |
|
|
|
|
|
|
|
|
|
|
|
"code.gitea.io/gitea/modules/generate" |
|
|
|
"code.gitea.io/gitea/modules/generate" |
|
|
|
"code.gitea.io/gitea/modules/log" |
|
|
|
"code.gitea.io/gitea/modules/log" |
|
|
|
|
|
|
|
"code.gitea.io/gitea/modules/util" |
|
|
|
) |
|
|
|
) |
|
|
|
|
|
|
|
|
|
|
|
// OAuth2UsernameType is enum describing the way gitea 'name' should be generated from oauth2 data
|
|
|
|
// OAuth2UsernameType is enum describing the way gitea 'name' should be generated from oauth2 data
|
|
|
@ -129,21 +130,19 @@ func loadOAuth2From(rootCfg ConfigProvider) { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if InstallLock { |
|
|
|
if InstallLock { |
|
|
|
key := make([]byte, 32) |
|
|
|
if _, err := util.Base64FixedDecode(base64.RawURLEncoding, []byte(OAuth2.JWTSecretBase64), 32); err != nil { |
|
|
|
n, err := base64.RawURLEncoding.Decode(key, []byte(OAuth2.JWTSecretBase64)) |
|
|
|
key, err := generate.NewJwtSecret() |
|
|
|
if err != nil || n != 32 { |
|
|
|
|
|
|
|
key, err = generate.NewJwtSecret() |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
log.Fatal("error generating JWT secret: %v", err) |
|
|
|
log.Fatal("error generating JWT secret: %v", err) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
secretBase64 := base64.RawURLEncoding.EncodeToString(key) |
|
|
|
OAuth2.JWTSecretBase64 = base64.RawURLEncoding.EncodeToString(key) |
|
|
|
saveCfg, err := rootCfg.PrepareSaving() |
|
|
|
saveCfg, err := rootCfg.PrepareSaving() |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
log.Fatal("save oauth2.JWT_SECRET failed: %v", err) |
|
|
|
log.Fatal("save oauth2.JWT_SECRET failed: %v", err) |
|
|
|
} |
|
|
|
} |
|
|
|
rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64) |
|
|
|
rootCfg.Section("oauth2").Key("JWT_SECRET").SetValue(OAuth2.JWTSecretBase64) |
|
|
|
saveCfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64) |
|
|
|
saveCfg.Section("oauth2").Key("JWT_SECRET").SetValue(OAuth2.JWTSecretBase64) |
|
|
|
if err := saveCfg.Save(); err != nil { |
|
|
|
if err := saveCfg.Save(); err != nil { |
|
|
|
log.Fatal("save oauth2.JWT_SECRET failed: %v", err) |
|
|
|
log.Fatal("save oauth2.JWT_SECRET failed: %v", err) |
|
|
|
} |
|
|
|
} |
|
|
|