mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-16 06:46:16 +01:00
90 lines
2 KiB
Go
90 lines
2 KiB
Go
|
// Copyright 2016 The Gogs Authors. All rights reserved.
|
||
|
// Copyright 2016 The Gitea Authors. All rights reserved.
|
||
|
// Use of this source code is governed by a MIT-style
|
||
|
// license that can be found in the LICENSE file.
|
||
|
|
||
|
package generate
|
||
|
|
||
|
import (
|
||
|
"crypto/rand"
|
||
|
"encoding/base64"
|
||
|
"io"
|
||
|
"math/big"
|
||
|
"time"
|
||
|
|
||
|
"github.com/dgrijalva/jwt-go"
|
||
|
)
|
||
|
|
||
|
// GetRandomString generate random string by specify chars.
|
||
|
func GetRandomString(n int) (string, error) {
|
||
|
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
||
|
|
||
|
buffer := make([]byte, n)
|
||
|
max := big.NewInt(int64(len(alphanum)))
|
||
|
|
||
|
for i := 0; i < n; i++ {
|
||
|
index, err := randomInt(max)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
buffer[i] = alphanum[index]
|
||
|
}
|
||
|
|
||
|
return string(buffer), nil
|
||
|
}
|
||
|
|
||
|
// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.
|
||
|
func NewInternalToken() (string, error) {
|
||
|
secretBytes := make([]byte, 32)
|
||
|
_, err := io.ReadFull(rand.Reader, secretBytes)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
secretKey := base64.RawURLEncoding.EncodeToString(secretBytes)
|
||
|
|
||
|
now := time.Now()
|
||
|
|
||
|
var internalToken string
|
||
|
internalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
||
|
"nbf": now.Unix(),
|
||
|
}).SignedString([]byte(secretKey))
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
return internalToken, nil
|
||
|
}
|
||
|
|
||
|
// NewLfsJwtSecret generate a new value intended to be used by LFS_JWT_SECRET.
|
||
|
func NewLfsJwtSecret() (string, error) {
|
||
|
JWTSecretBytes := make([]byte, 32)
|
||
|
_, err := io.ReadFull(rand.Reader, JWTSecretBytes)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
JWTSecretBase64 := base64.RawURLEncoding.EncodeToString(JWTSecretBytes)
|
||
|
return JWTSecretBase64, nil
|
||
|
}
|
||
|
|
||
|
// NewSecretKey generate a new value intended to be used by SECRET_KEY.
|
||
|
func NewSecretKey() (string, error) {
|
||
|
secretKey, err := GetRandomString(64)
|
||
|
if err != nil {
|
||
|
return "", err
|
||
|
}
|
||
|
|
||
|
return secretKey, nil
|
||
|
}
|
||
|
|
||
|
func randomInt(max *big.Int) (int, error) {
|
||
|
rand, err := rand.Int(rand.Reader, max)
|
||
|
if err != nil {
|
||
|
return 0, err
|
||
|
}
|
||
|
|
||
|
return int(rand.Int64()), nil
|
||
|
}
|