nune/gitea
nune/gitea
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Always load or generate oauth2 jwt secret (#30942)

Browse source 
Fix #30923
This commit is contained in:
wxiaoguang 2024-05-14 22:21:38 +08:00 committed by GitHub
parent f4f4e18b14
commit effb405cae
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 44 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

28
modules/setting/oauth2_test.go
View file

@ -4,6 +4,7 @@
package setting
import (
"os"
"testing"
"code.gitea.io/gitea/modules/generate"
@ -14,7 +15,7 @@ import (
func TestGetGeneralSigningSecret(t *testing.T) {
// when there is no general signing secret, it should be generated, and keep the same value
assert.Nil(t, generalSigningSecret.Load())
generalSigningSecret.Store(nil)
s1 := GetGeneralTokenSigningSecret()
assert.NotNil(t, s1)
s2 := GetGeneralTokenSigningSecret()
@ -33,6 +34,31 @@ JWT_SECRET = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
assert.EqualValues(t, expected, actual)
}
func TestGetGeneralSigningSecretSave(t *testing.T) {
defer test.MockVariableValue(&InstallLock, true)()
old := GetGeneralTokenSigningSecret()
assert.Len(t, old, 32)
tmpFile := t.TempDir() + "/app.ini"
_ = os.WriteFile(tmpFile, nil, 0o644)
cfg, _ := NewConfigProviderFromFile(tmpFile)
loadOAuth2From(cfg)
generated := GetGeneralTokenSigningSecret()
assert.Len(t, generated, 32)
assert.NotEqual(t, old, generated)
generalSigningSecret.Store(nil)
cfg, _ = NewConfigProviderFromFile(tmpFile)
loadOAuth2From(cfg)
again := GetGeneralTokenSigningSecret()
assert.Equal(t, generated, again)
iniContent, err := os.ReadFile(tmpFile)
assert.NoError(t, err)
assert.Contains(t, string(iniContent), "JWT_SECRET = ")
}
func TestOauth2DefaultApplications(t *testing.T) {
cfg, _ := NewConfigProviderFromData(``)
loadOAuth2From(cfg)