gitea/modules/generate/generate.go

// Copyright 2016 The Gogs Authors. All rights reserved.
// Copyright 2016 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package generate

import (
	"crypto/rand"
	"encoding/base64"
	"io"
	"time"

	"code.gitea.io/gitea/modules/util"
	"github.com/dgrijalva/jwt-go"
)

// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.
func NewInternalToken() (string, error) {
	secretBytes := make([]byte, 32)
	_, err := io.ReadFull(rand.Reader, secretBytes)
	if err != nil {
		return "", err
	}

	secretKey := base64.RawURLEncoding.EncodeToString(secretBytes)

	now := time.Now()

	var internalToken string
	internalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
		"nbf": now.Unix(),
	}).SignedString([]byte(secretKey))
	if err != nil {
		return "", err
	}

	return internalToken, nil
}

// NewJwtSecret generate a new value intended to be used by LFS_JWT_SECRET.
func NewJwtSecret() (string, error) {
	JWTSecretBytes := make([]byte, 32)
	_, err := io.ReadFull(rand.Reader, JWTSecretBytes)
	if err != nil {
		return "", err
	}
	return base64.RawURLEncoding.EncodeToString(JWTSecretBytes), nil
}

// NewSecretKey generate a new value intended to be used by SECRET_KEY.
func NewSecretKey() (string, error) {
	secretKey, err := util.RandomString(64)
	if err != nil {
		return "", err
	}

	return secretKey, nil
}
Implements generator cli for secrets (#3531) Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com> 2018-02-18 13:14:37 -05:00			`// Copyright 2016 The Gogs Authors. All rights reserved.`
			`// Copyright 2016 The Gitea Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

			`package generate`

			`import (`
			`"crypto/rand"`
			`"encoding/base64"`
			`"io"`
			`"time"`

Use single shared random string generation function (#15741) * Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com> 2021-05-10 02:45:17 -04:00			`"code.gitea.io/gitea/modules/util"`
Implements generator cli for secrets (#3531) Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com> 2018-02-18 13:14:37 -05:00			`"github.com/dgrijalva/jwt-go"`
			`)`

			`// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.`
			`func NewInternalToken() (string, error) {`
			`secretBytes := make([]byte, 32)`
			`_, err := io.ReadFull(rand.Reader, secretBytes)`
			`if err != nil {`
			`return "", err`
			`}`

			`secretKey := base64.RawURLEncoding.EncodeToString(secretBytes)`

			`now := time.Now()`

			`var internalToken string`
			`internalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{`
			`"nbf": now.Unix(),`
			`}).SignedString([]byte(secretKey))`
			`if err != nil {`
			`return "", err`
			`}`

			`return internalToken, nil`
			`}`

Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00			`// NewJwtSecret generate a new value intended to be used by LFS_JWT_SECRET.`
			`func NewJwtSecret() (string, error) {`
Implements generator cli for secrets (#3531) Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com> 2018-02-18 13:14:37 -05:00			`JWTSecretBytes := make([]byte, 32)`
			`_, err := io.ReadFull(rand.Reader, JWTSecretBytes)`
			`if err != nil {`
			`return "", err`
			`}`
Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00			`return base64.RawURLEncoding.EncodeToString(JWTSecretBytes), nil`
Implements generator cli for secrets (#3531) Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com> 2018-02-18 13:14:37 -05:00			`}`

			`// NewSecretKey generate a new value intended to be used by SECRET_KEY.`
			`func NewSecretKey() (string, error) {`
Use single shared random string generation function (#15741) * Use single shared random string generation function - Replace 3 functions that do the same with 1 shared one - Use crypto/rand over math/rand for a stronger RNG - Output only alphanumerical for URL compatibilty Fixes: #15536 * use const string method * Update modules/avatar/avatar.go Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: a1012112796 <1012112796@qq.com> 2021-05-10 02:45:17 -04:00			`secretKey, err := util.RandomString(64)`
Implements generator cli for secrets (#3531) Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com> 2018-02-18 13:14:37 -05:00			`if err != nil {`
			`return "", err`
			`}`

			`return secretKey, nil`
			`}`