hex/wstunnel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Randomize jwt secret signature

Browse source
This commit is contained in:
Σrebe - Romain GERARD 2024-08-26 20:56:22 +02:00
parent 6e37a97918
commit 1522882edc
No known key found for this signature in database
GPG key ID: 7A42B4B97E0332F4
1 changed files with 11 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/tunnel/transport/jwt.rs
View file

@ -4,18 +4,25 @@ use serde::{Deserialize, Serialize};
use std::collections::HashSet; use std::collections::HashSet;
use std::ops::Deref; use std::ops::Deref;
use std::sync::LazyLock; use std::sync::LazyLock;
use std::time::SystemTime;
use url::Host; use url::Host;
use uuid::Uuid; use uuid::Uuid;
pub static JWT_HEADER_PREFIX: &str = "authorization.bearer."; pub static JWT_HEADER_PREFIX: &str = "authorization.bearer.";
static JWT_SECRET: &[u8; 15] = b"champignonfrais"; static JWT_KEY: LazyLock<(Header, EncodingKey)> = LazyLock::new(|| {
static JWT_KEY: LazyLock<(Header, EncodingKey)> = let now = SystemTime::now()
LazyLock::new(|| (Header::new(Algorithm::HS256), EncodingKey::from_secret(JWT_SECRET))); .duration_since(SystemTime::UNIX_EPOCH)
.unwrap()
.as_nanos()
.to_ne_bytes();
(Header::new(Algorithm::HS256), EncodingKey::from_secret(&now))
});
static JWT_DECODE: LazyLock<(Validation, DecodingKey)> = LazyLock::new(|| { static JWT_DECODE: LazyLock<(Validation, DecodingKey)> = LazyLock::new(|| {
let mut validation = Validation::new(Algorithm::HS256); let mut validation = Validation::new(Algorithm::HS256);
validation.required_spec_claims = HashSet::with_capacity(0); validation.required_spec_claims = HashSet::with_capacity(0);
(validation, DecodingKey::from_secret(JWT_SECRET)) validation.insecure_disable_signature_validation();
(validation, DecodingKey::from_secret(b"champignonfrais"))
}); });
#[derive(Debug, Clone, Serialize, Deserialize)] #[derive(Debug, Clone, Serialize, Deserialize)]