Import additional secrets via file uri (#25408)
This commit is contained in:
parent
478f33030e
commit
c0fc53e226
3 changed files with 5 additions and 1 deletions
|
@ -53,6 +53,8 @@ func loadLFSFrom(rootCfg ConfigProvider) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
LFS.JWTSecretBase64 = loadSecret(rootCfg.Section("lfs"), "LFS_JWT_SECRET_URI", "LFS_JWT_SECRET")
|
||||
|
||||
LFS.JWTSecretBytes = make([]byte, 32)
|
||||
n, err := base64.RawURLEncoding.Decode(LFS.JWTSecretBytes, []byte(LFS.JWTSecretBase64))
|
||||
|
||||
|
|
|
@ -116,6 +116,8 @@ func loadOAuth2From(rootCfg ConfigProvider) {
|
|||
return
|
||||
}
|
||||
|
||||
OAuth2.JWTSecretBase64 = loadSecret(rootCfg.Section("oauth2"), "JWT_SECRET_URI", "JWT_SECRET")
|
||||
|
||||
if !filepath.IsAbs(OAuth2.JWTSigningPrivateKeyFile) {
|
||||
OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile)
|
||||
}
|
||||
|
|
|
@ -76,7 +76,7 @@ func loadSecret(sec ConfigSection, uriKey, verbatimKey string) string {
|
|||
|
||||
// only file URIs are allowed
|
||||
default:
|
||||
log.Fatal("Unsupported URI-Scheme %q (INTERNAL_TOKEN_URI = %q)", tempURI.Scheme, uri)
|
||||
log.Fatal("Unsupported URI-Scheme %q (%q = %q)", tempURI.Scheme, uriKey, uri)
|
||||
return ""
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue