2 files changed, 109 insertions, 0 deletions

diff --git a/modules/generate/generate.go b/modules/generate/generate.go
new file mode 100644
index 0000000000..d0e7593013
--- /dev/null
+++ b/modules/generate/generate.go
@@ -0,0 +1,89 @@
+// Copyright 2016 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package generate
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+	"io"
+	"math/big"
+	"time"
+
+	"github.com/dgrijalva/jwt-go"
+)
+
+// GetRandomString generate random string by specify chars.
+func GetRandomString(n int) (string, error) {
+	const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+
+	buffer := make([]byte, n)
+	max := big.NewInt(int64(len(alphanum)))
+
+	for i := 0; i < n; i++ {
+		index, err := randomInt(max)
+		if err != nil {
+			return "", err
+		}
+
+		buffer[i] = alphanum[index]
+	}
+
+	return string(buffer), nil
+}
+
+// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.
+func NewInternalToken() (string, error) {
+	secretBytes := make([]byte, 32)
+	_, err := io.ReadFull(rand.Reader, secretBytes)
+	if err != nil {
+		return "", err
+	}
+
+	secretKey := base64.RawURLEncoding.EncodeToString(secretBytes)
+
+	now := time.Now()
+
+	var internalToken string
+	internalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"nbf": now.Unix(),
+	}).SignedString([]byte(secretKey))
+	if err != nil {
+		return "", err
+	}
+
+	return internalToken, nil
+}
+
+// NewLfsJwtSecret generate a new value intended to be used by LFS_JWT_SECRET.
+func NewLfsJwtSecret() (string, error) {
+	JWTSecretBytes := make([]byte, 32)
+	_, err := io.ReadFull(rand.Reader, JWTSecretBytes)
+	if err != nil {
+		return "", err
+	}
+
+	JWTSecretBase64 := base64.RawURLEncoding.EncodeToString(JWTSecretBytes)
+	return JWTSecretBase64, nil
+}
+
+// NewSecretKey generate a new value intended to be used by SECRET_KEY.
+func NewSecretKey() (string, error) {
+	secretKey, err := GetRandomString(64)
+	if err != nil {
+		return "", err
+	}
+
+	return secretKey, nil
+}
+
+func randomInt(max *big.Int) (int, error) {
+	rand, err := rand.Int(rand.Reader, max)
+	if err != nil {
+		return 0, err
+	}
+
+	return int(rand.Int64()), nil
+}
diff --git a/modules/generate/generate_test.go b/modules/generate/generate_test.go
new file mode 100644
index 0000000000..538471af49
--- /dev/null
+++ b/modules/generate/generate_test.go
@@ -0,0 +1,20 @@
+package generate
+
+import (
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMain(m *testing.M) {
+	retVal := m.Run()
+
+	os.Exit(retVal)
+}
+
+func TestGetRandomString(t *testing.T) {
+	randomString, err := GetRandomString(4)
+	assert.NoError(t, err)
+	assert.Len(t, randomString, 4)
+}