finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)

Browse source 
Only load SECRET_KEY and INTERNAL_TOKEN if they exist.
Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
Clar Fon 2022-10-01 13:26:33 -04:00 committed by GitHub
parent 04e97b8311
commit 3d10193be2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 52 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

2
services/auth/source/oauth2/jwtsigningkey.go
View file

@ -364,7 +364,7 @@ func loadOrCreateSymmetricKey() (interface{}, error) {
return nil, err
}
setting.CreateOrAppendToCustomConf(func(cfg *ini.File) {
setting.CreateOrAppendToCustomConf("oauth2.JWT_SECRET", func(cfg *ini.File) {
secretBase64 := base64.RawURLEncoding.EncodeToString(key)
cfg.Section("oauth2").Key("JWT_SECRET").SetValue(secretBase64)
})