37228ea080
Fix #30923
(cherry picked from commit effb405cae88474c27f5c8322a2627019af1cf64)
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Conflicts:
- modules/setting/oauth2.go
Conflicted due to different ways of logging. Since the log
message is removed anyway, resolved by removing it.
- modules/setting/oauth2_test.go
Manually copied the test added by Gitea.
- routers/install/install.go
Not a conflict per se, but adjusted to use NewJwtSecret().
(cherry picked from commit 193ac67176)
Equivalent to the Gitea v1.22 commit
(cherry picked from commit 5b7e54f72f7b85b3394d7af20b27152d26e26256)
60 lines
1.7 KiB
Go
60 lines
1.7 KiB
Go
// Copyright 2024 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package setting
|
|
|
|
import (
|
|
"os"
|
|
"testing"
|
|
|
|
"code.gitea.io/gitea/modules/generate"
|
|
"code.gitea.io/gitea/modules/test"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGetGeneralSigningSecret(t *testing.T) {
|
|
// when there is no general signing secret, it should be generated, and keep the same value
|
|
generalSigningSecret.Store(nil)
|
|
s1 := GetGeneralTokenSigningSecret()
|
|
assert.NotNil(t, s1)
|
|
s2 := GetGeneralTokenSigningSecret()
|
|
assert.Equal(t, s1, s2)
|
|
|
|
// the config value should always override any pre-generated value
|
|
cfg, _ := NewConfigProviderFromData(`
|
|
[oauth2]
|
|
JWT_SECRET = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
|
|
`)
|
|
defer test.MockVariableValue(&InstallLock, true)()
|
|
loadOAuth2From(cfg)
|
|
actual := GetGeneralTokenSigningSecret()
|
|
expected, _ := generate.DecodeJwtSecret("BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB")
|
|
assert.Len(t, actual, 32)
|
|
assert.EqualValues(t, expected, actual)
|
|
}
|
|
|
|
func TestGetGeneralSigningSecretSave(t *testing.T) {
|
|
defer test.MockVariableValue(&InstallLock, true)()
|
|
|
|
old := GetGeneralTokenSigningSecret()
|
|
assert.Len(t, old, 32)
|
|
|
|
tmpFile := t.TempDir() + "/app.ini"
|
|
_ = os.WriteFile(tmpFile, nil, 0o644)
|
|
cfg, _ := NewConfigProviderFromFile(tmpFile)
|
|
loadOAuth2From(cfg)
|
|
generated := GetGeneralTokenSigningSecret()
|
|
assert.Len(t, generated, 32)
|
|
assert.NotEqual(t, old, generated)
|
|
|
|
generalSigningSecret.Store(nil)
|
|
cfg, _ = NewConfigProviderFromFile(tmpFile)
|
|
loadOAuth2From(cfg)
|
|
again := GetGeneralTokenSigningSecret()
|
|
assert.Equal(t, generated, again)
|
|
|
|
iniContent, err := os.ReadFile(tmpFile)
|
|
assert.NoError(t, err)
|
|
assert.Contains(t, string(iniContent), "JWT_SECRET = ")
|
|
}
|