Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add InternalTokenURI to load InternalToken from an external file #5812

Merged
merged 15 commits into from
Mar 13, 2019
Merged

Add InternalTokenURI to load InternalToken from an external file #5812

Changes from 11 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
0c75b77
Add InternalTokenURI to load/save InteralToken from an external file
techknowlogick Jan 23, 2019
9df1f85
Merge branch 'master' into remote-internal-token
techknowlogick Jan 23, 2019
e6e57c0
Merge branch 'master' into remote-internal-token
techknowlogick Jan 26, 2019
20c7ac1
Merge branch 'master' into remote-internal-token
techknowlogick Feb 3, 2019
5e0f409
Merge branch 'master' into remote-internal-token
techknowlogick Feb 7, 2019
3ad00cd
Merge branch 'master' into remote-internal-token
techknowlogick Feb 11, 2019
8e9fe0e
Merge branch 'master' into remote-internal-token
techknowlogick Feb 13, 2019
cfe8054
Merge branch 'master' into remote-internal-token
techknowlogick Feb 14, 2019
4136762
Merge branch 'master' into remote-internal-token
techknowlogick Feb 19, 2019
0a412c6
Merge branch 'master' into remote-internal-token
techknowlogick Mar 1, 2019
5eafed6
Merge branch 'master' into remote-internal-token
techknowlogick Mar 2, 2019
fc737aa
update per feedback
techknowlogick Mar 13, 2019
d38a69d
Update setting.go
techknowlogick Mar 13, 2019
f666bbc
Merge branch 'master' into remote-internal-token
techknowlogick Mar 13, 2019
8bfd48f
Merge branch 'master' into remote-internal-token
techknowlogick Mar 13, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
98 changes: 73 additions & 25 deletions modules/setting/setting.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ package setting

import (
"encoding/base64"
"io"
"io/ioutil"
"net"
"net/url"
"os"
Expand Down Expand Up @@ -960,31 +962,7 @@ func NewContext() {
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
InternalToken = sec.Key("INTERNAL_TOKEN").String()
if len(InternalToken) == 0 {
InternalToken, err = generate.NewInternalToken()
if err != nil {
log.Fatal(4, "Error generate internal token: %v", err)
}

// Save secret
cfgSave := ini.Empty()
if com.IsFile(CustomConf) {
// Keeps custom settings if there is already something.
if err := cfgSave.Append(CustomConf); err != nil {
log.Error(4, "Failed to load custom conf '%s': %v", CustomConf, err)
}
}

cfgSave.Section("security").Key("INTERNAL_TOKEN").SetValue(InternalToken)

if err := os.MkdirAll(filepath.Dir(CustomConf), os.ModePerm); err != nil {
log.Fatal(4, "Failed to create '%s': %v", CustomConf, err)
}
if err := cfgSave.SaveTo(CustomConf); err != nil {
log.Fatal(4, "Error saving generated JWT Secret to custom config: %v", err)
}
}
InternalToken = loadInternalToken(sec)
IterateBufferSize = Cfg.Section("database").Key("ITERATE_BUFFER_SIZE").MustInt(50)
LogSQL = Cfg.Section("database").Key("LOG_SQL").MustBool(true)
DBConnectRetries = Cfg.Section("database").Key("DB_RETRIES").MustInt(10)
Expand Down Expand Up @@ -1221,6 +1199,76 @@ func NewContext() {
}
}

func loadInternalToken(sec *ini.Section) string {
uri := sec.Key("INTERNAL_TOKEN_URI").String()
if len(uri) == 0 {
return loadOrGenerateInternalToken(sec)
}
tempURI, err := url.Parse(uri)
if err != nil {
log.Fatal(4, "Failed to parse INTERNAL_TOKEN_URI (%s). Falling back to INTERNAL_TOKEN: %v", uri, err)
techknowlogick marked this conversation as resolved.
Show resolved Hide resolved
}
switch tempURI.Scheme {
case "file":
fp, err := os.OpenFile(tempURI.RequestURI(), os.O_RDWR, 0600)
if err != nil {
log.Fatal(4, "Failed to open InternalTokenURI (%s): %v", uri, err)
}
defer fp.Close()

buf, err := ioutil.ReadAll(fp)
if err != nil {
log.Fatal(4, "Failed to read InternalTokenURI (%s): %v", uri, err)
}
// No token in the file, generate one and store it.
if len(buf) == 0 {
token, err := generate.NewInternalToken()
if err != nil {
log.Fatal(4, "Error generate internal token: %v", err)
}
if _, err := io.WriteString(fp, token); err != nil {
log.Fatal(4, "Error writing to InternalTokenURI (%s): %v", uri, err)
}
return token
}

return string(buf)
default:
log.Fatal(4, "Unsupported URI-Scheme %q (INTERNAL_TOKEN_URL = %q)", tempURI.Scheme, uri)
}
return ""
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is here for the sake of linter failing due to not having a return, however the above switch case will either return success, or fatal error before reaching this line.

}

func loadOrGenerateInternalToken(sec *ini.Section) string {
var err error
token := sec.Key("INTERNAL_TOKEN").String()
if len(token) == 0 {
token, err = generate.NewInternalToken()
if err != nil {
log.Fatal(4, "Error generate internal token: %v", err)
}

// Save secret
cfgSave := ini.Empty()
if com.IsFile(CustomConf) {
// Keeps custom settings if there is already something.
if err := cfgSave.Append(CustomConf); err != nil {
log.Error(4, "Failed to load custom conf '%s': %v", CustomConf, err)
}
}

cfgSave.Section("security").Key("INTERNAL_TOKEN").SetValue(token)

if err := os.MkdirAll(filepath.Dir(CustomConf), os.ModePerm); err != nil {
log.Fatal(4, "Failed to create '%s': %v", CustomConf, err)
}
if err := cfgSave.SaveTo(CustomConf); err != nil {
log.Fatal(4, "Error saving generated INTERNAL_TOKEN to custom config: %v", err)
}
}
return token
}

// NewServices initializes the services
func NewServices() {
newService()
Expand Down