diff options
| author | Codruț Constantin Gușoi <codrut.gusoi@gmail.com> | 2018-02-18 18:14:37 +0000 |
|---|---|---|
| committer | Lauris BH <lauris@nix.lv> | 2018-02-18 20:14:37 +0200 |
| commit | 96c268c0fcc22604103f67821d66fef39944e80b (patch) | |
| tree | fb5a97ff8557ae18dd22b227e52fcd811320eac3 /modules/generate | |
| parent | e59fe7c8d9eb8e49858cb2d59e8732f6058756ff (diff) | |
| download | gitea-96c268c0fcc22604103f67821d66fef39944e80b.tar.gz gitea-96c268c0fcc22604103f67821d66fef39944e80b.zip | |
Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
Diffstat (limited to 'modules/generate')
| -rw-r--r-- | modules/generate/generate.go | 89 | ||||
| -rw-r--r-- | modules/generate/generate_test.go | 20 |
2 files changed, 109 insertions, 0 deletions
diff --git a/modules/generate/generate.go b/modules/generate/generate.go new file mode 100644 index 0000000000..d0e7593013 --- /dev/null +++ b/modules/generate/generate.go @@ -0,0 +1,89 @@ +// Copyright 2016 The Gogs Authors. All rights reserved. +// Copyright 2016 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package generate + +import ( + "crypto/rand" + "encoding/base64" + "io" + "math/big" + "time" + + "github.com/dgrijalva/jwt-go" +) + +// GetRandomString generate random string by specify chars. +func GetRandomString(n int) (string, error) { + const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" + + buffer := make([]byte, n) + max := big.NewInt(int64(len(alphanum))) + + for i := 0; i < n; i++ { + index, err := randomInt(max) + if err != nil { + return "", err + } + + buffer[i] = alphanum[index] + } + + return string(buffer), nil +} + +// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN. +func NewInternalToken() (string, error) { + secretBytes := make([]byte, 32) + _, err := io.ReadFull(rand.Reader, secretBytes) + if err != nil { + return "", err + } + + secretKey := base64.RawURLEncoding.EncodeToString(secretBytes) + + now := time.Now() + + var internalToken string + internalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ + "nbf": now.Unix(), + }).SignedString([]byte(secretKey)) + if err != nil { + return "", err + } + + return internalToken, nil +} + +// NewLfsJwtSecret generate a new value intended to be used by LFS_JWT_SECRET. +func NewLfsJwtSecret() (string, error) { + JWTSecretBytes := make([]byte, 32) + _, err := io.ReadFull(rand.Reader, JWTSecretBytes) + if err != nil { + return "", err + } + + JWTSecretBase64 := base64.RawURLEncoding.EncodeToString(JWTSecretBytes) + return JWTSecretBase64, nil +} + +// NewSecretKey generate a new value intended to be used by SECRET_KEY. +func NewSecretKey() (string, error) { + secretKey, err := GetRandomString(64) + if err != nil { + return "", err + } + + return secretKey, nil +} + +func randomInt(max *big.Int) (int, error) { + rand, err := rand.Int(rand.Reader, max) + if err != nil { + return 0, err + } + + return int(rand.Int64()), nil +} diff --git a/modules/generate/generate_test.go b/modules/generate/generate_test.go new file mode 100644 index 0000000000..538471af49 --- /dev/null +++ b/modules/generate/generate_test.go @@ -0,0 +1,20 @@ +package generate + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestMain(m *testing.M) { + retVal := m.Run() + + os.Exit(retVal) +} + +func TestGetRandomString(t *testing.T) { + randomString, err := GetRandomString(4) + assert.NoError(t, err) + assert.Len(t, randomString, 4) +} |