mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-27 18:19:17 +00:00
62d3e5255f
Port of https://github.com/go-gitea/gitea/pull/29205 Use a clearly defined "signing secret" for token signing. (cherry picked from commit 8be198cdef0a486f417663b1fd6878458d7e5d92)
35 lines
1,006 B
Go
35 lines
1,006 B
Go
// Copyright 2024 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package setting
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"code.gitea.io/gitea/modules/generate"
|
|
"code.gitea.io/gitea/modules/test"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGetGeneralSigningSecret(t *testing.T) {
|
|
// when there is no general signing secret, it should be generated, and keep the same value
|
|
assert.Nil(t, generalSigningSecret.Load())
|
|
s1 := GetGeneralTokenSigningSecret()
|
|
assert.NotNil(t, s1)
|
|
s2 := GetGeneralTokenSigningSecret()
|
|
assert.Equal(t, s1, s2)
|
|
|
|
// the config value should always override any pre-generated value
|
|
cfg, _ := NewConfigProviderFromData(`
|
|
[oauth2]
|
|
JWT_SECRET = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
|
|
`)
|
|
defer test.MockVariableValue(&InstallLock, true)()
|
|
loadOAuth2From(cfg)
|
|
actual := GetGeneralTokenSigningSecret()
|
|
expected, _ := generate.DecodeJwtSecret("BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB")
|
|
assert.Len(t, actual, 32)
|
|
assert.EqualValues(t, expected, actual)
|
|
}
|