Skip to content

Commit

Permalink
Gen seahub and notif jwt token
Browse files Browse the repository at this point in the history
  • Loading branch information
杨赫然 committed Sep 18, 2024
1 parent 678e0dc commit 472d3fa
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 26 deletions.
8 changes: 4 additions & 4 deletions fileserver/fileop.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,7 @@ type UserInfo struct {
}

func checkFileAccess(repoID, token, cookie, filePath, op string) (string, *appError) {
tokenString, err := utils.GenJWTToken("", "", true)
tokenString, err := utils.GenSeahubJWTToken()
if err != nil {
err := fmt.Errorf("failed to sign jwt token: %v", err)
return "", &appError{err, "", http.StatusInternalServerError}
Expand Down Expand Up @@ -2089,7 +2089,7 @@ func notifRepoUpdate(repoID string, commitID string) error {
}

url := fmt.Sprintf("http://%s/events", option.NotificationURL)
token, err := utils.GenJWTToken(repoID, "", false)
token, err := utils.GenNotifJWTToken(repoID, "")
if err != nil {
log.Printf("failed to generate jwt token: %v", err)
return err
Expand Down Expand Up @@ -3623,7 +3623,7 @@ type ShareLinkInfo struct {
}

func queryShareLinkInfo(token, cookie, opType string) (*ShareLinkInfo, *appError) {
tokenString, err := utils.GenJWTToken("", "", true)
tokenString, err := utils.GenSeahubJWTToken()
if err != nil {
err := fmt.Errorf("failed to sign jwt token: %v", err)
return nil, &appError{err, "", http.StatusInternalServerError}
Expand Down Expand Up @@ -3656,7 +3656,7 @@ func queryShareLinkInfo(token, cookie, opType string) (*ShareLinkInfo, *appError
}

func accessLinkCB(rsp http.ResponseWriter, r *http.Request) *appError {
if option.PrivateKey == "" {
if option.JWTPrivateKey == "" {
err := fmt.Errorf("no seahub private key is configured")
return &appError{err, "", http.StatusNotFound}
}
Expand Down
4 changes: 2 additions & 2 deletions fileserver/merge.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -381,7 +381,7 @@ func getNickNameByModifier(emailToNickname map[string]string, modifier string) s
if ok {
return nickname
}
if option.PrivateKey != "" {
if option.JWTPrivateKey != "" {
nickname = postGetNickName(modifier)
}

Expand All @@ -395,7 +395,7 @@ func getNickNameByModifier(emailToNickname map[string]string, modifier string) s
}

func postGetNickName(modifier string) string {
tokenString, err := utils.GenJWTToken("", "", true)
tokenString, err := utils.GenSeahubJWTToken()
if err != nil {
return ""
}
Expand Down
8 changes: 4 additions & 4 deletions fileserver/option/option.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,8 @@ var (
DBOpTimeout time.Duration

// seahub
SeahubURL string
PrivateKey string
SeahubURL string
JWTPrivateKey string
)

func initDefaultOptions() {
Expand Down Expand Up @@ -263,8 +263,8 @@ func parseQuota(quotaStr string) int64 {
}

func LoadSeahubConfig() error {
PrivateKey = os.Getenv("JWT_PRIVATE_KEY")
if PrivateKey == "" {
JWTPrivateKey = os.Getenv("JWT_PRIVATE_KEY")
if JWTPrivateKey == "" {
return fmt.Errorf("failed to read JWT_PRIVATE_KEY")
}

Expand Down
2 changes: 1 addition & 1 deletion fileserver/sync_api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -738,7 +738,7 @@ func getJWTTokenCB(rsp http.ResponseWriter, r *http.Request) *appError {
return appErr
}

tokenString, err := utils.GenJWTToken(repoID, user, false)
tokenString, err := utils.GenNotifJWTToken(repoID, user)
if err != nil {
return &appError{err, "", http.StatusInternalServerError}
}
Expand Down
49 changes: 34 additions & 15 deletions fileserver/utils/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,33 +28,52 @@ func IsObjectIDValid(objID string) bool {
return true
}

type SeahubClaims struct {
Exp int64 `json:"exp"`
IsInternal bool `json:"is_internal"`
jwt.RegisteredClaims
}

func (*SeahubClaims) Valid() error {
return nil
}

func GenSeahubJWTToken() (string, error) {
claims := new(SeahubClaims)
claims.Exp = time.Now().Add(time.Second * 300).Unix()
claims.IsInternal = true

token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
tokenString, err := token.SignedString([]byte(option.JWTPrivateKey))
if err != nil {
err := fmt.Errorf("failed to gen seahub jwt token: %w", err)
return "", err
}

return tokenString, nil
}

type MyClaims struct {
Exp int64 `json:"exp"`
RepoID string `json:"repo_id,omitempty"`
UserName string `json:"username,omitempty"`
IsInternal bool `json:"is_internal,omitempty"`
Exp int64 `json:"exp"`
RepoID string `json:"repo_id"`
UserName string `json:"username"`
jwt.RegisteredClaims
}

func (*MyClaims) Valid() error {
return nil
}

func GenJWTToken(repoID, user string, isInternal bool) (string, error) {
func GenNotifJWTToken(repoID, user string) (string, error) {
claims := new(MyClaims)
if isInternal {
claims.Exp = time.Now().Add(time.Second * 300).Unix()
claims.IsInternal = true
} else {
claims.Exp = time.Now().Add(time.Hour * 72).Unix()
claims.RepoID = repoID
claims.UserName = user
}
claims.Exp = time.Now().Add(time.Hour * 72).Unix()
claims.RepoID = repoID
claims.UserName = user

token := jwt.NewWithClaims(jwt.GetSigningMethod("HS256"), claims)
tokenString, err := token.SignedString([]byte(option.PrivateKey))
tokenString, err := token.SignedString([]byte(option.JWTPrivateKey))
if err != nil {
err := fmt.Errorf("failed to gen jwt token for repo %s", repoID)
err := fmt.Errorf("failed to gen jwt token for repo %s: %w", repoID, err)
return "", err
}

Expand Down

0 comments on commit 472d3fa

Please sign in to comment.