2018-02-18 21:14:37 +03:00
// Copyright 2016 The Gogs Authors. All rights reserved.
// Copyright 2016 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2018-02-18 21:14:37 +03:00
package generate
import (
"crypto/rand"
"encoding/base64"
"io"
"time"
2021-05-10 09:45:17 +03:00
"code.gitea.io/gitea/modules/util"
2021-07-24 14:00:41 +03:00
2023-07-19 12:57:10 +03:00
"github.com/golang-jwt/jwt/v5"
2018-02-18 21:14:37 +03:00
)
// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.
func NewInternalToken ( ) ( string , error ) {
secretBytes := make ( [ ] byte , 32 )
_ , err := io . ReadFull ( rand . Reader , secretBytes )
if err != nil {
return "" , err
}
secretKey := base64 . RawURLEncoding . EncodeToString ( secretBytes )
now := time . Now ( )
var internalToken string
internalToken , err = jwt . NewWithClaims ( jwt . SigningMethodHS256 , jwt . MapClaims {
"nbf" : now . Unix ( ) ,
} ) . SignedString ( [ ] byte ( secretKey ) )
if err != nil {
return "" , err
}
return internalToken , nil
}
2021-06-18 00:56:46 +03:00
// NewJwtSecret generates a new value intended to be used for JWT secrets.
func NewJwtSecret ( ) ( [ ] byte , error ) {
bytes := make ( [ ] byte , 32 )
_ , err := io . ReadFull ( rand . Reader , bytes )
if err != nil {
return nil , err
}
return bytes , nil
}
// NewJwtSecretBase64 generates a new base64 encoded value intended to be used for JWT secrets.
func NewJwtSecretBase64 ( ) ( string , error ) {
bytes , err := NewJwtSecret ( )
2018-02-18 21:14:37 +03:00
if err != nil {
return "" , err
}
2021-06-18 00:56:46 +03:00
return base64 . RawURLEncoding . EncodeToString ( bytes ) , nil
2018-02-18 21:14:37 +03:00
}
// NewSecretKey generate a new value intended to be used by SECRET_KEY.
func NewSecretKey ( ) ( string , error ) {
2022-01-26 07:10:10 +03:00
secretKey , err := util . CryptoRandomString ( 64 )
2018-02-18 21:14:37 +03:00
if err != nil {
return "" , err
}
return secretKey , nil
}