2018-02-18 18:14:37 +00:00
// Copyright 2016 The Gogs Authors. All rights reserved.
// Copyright 2016 The Gitea Authors. All rights reserved.
2022-11-27 13:20:29 -05:00
// SPDX-License-Identifier: MIT
2018-02-18 18:14:37 +00:00
package generate
import (
"crypto/rand"
"encoding/base64"
"io"
"time"
2021-05-10 08:45:17 +02:00
"code.gitea.io/gitea/modules/util"
2021-07-24 07:00:41 -04:00
2023-07-19 04:57:10 -05:00
"github.com/golang-jwt/jwt/v5"
2018-02-18 18:14:37 +00:00
)
// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.
func NewInternalToken ( ) ( string , error ) {
secretBytes := make ( [ ] byte , 32 )
_ , err := io . ReadFull ( rand . Reader , secretBytes )
if err != nil {
return "" , err
}
secretKey := base64 . RawURLEncoding . EncodeToString ( secretBytes )
now := time . Now ( )
var internalToken string
internalToken , err = jwt . NewWithClaims ( jwt . SigningMethodHS256 , jwt . MapClaims {
"nbf" : now . Unix ( ) ,
} ) . SignedString ( [ ] byte ( secretKey ) )
if err != nil {
return "" , err
}
return internalToken , nil
}
2021-06-17 23:56:46 +02:00
// NewJwtSecret generates a new value intended to be used for JWT secrets.
func NewJwtSecret ( ) ( [ ] byte , error ) {
bytes := make ( [ ] byte , 32 )
_ , err := io . ReadFull ( rand . Reader , bytes )
if err != nil {
return nil , err
}
return bytes , nil
}
// NewJwtSecretBase64 generates a new base64 encoded value intended to be used for JWT secrets.
func NewJwtSecretBase64 ( ) ( string , error ) {
bytes , err := NewJwtSecret ( )
2018-02-18 18:14:37 +00:00
if err != nil {
return "" , err
}
2021-06-17 23:56:46 +02:00
return base64 . RawURLEncoding . EncodeToString ( bytes ) , nil
2018-02-18 18:14:37 +00:00
}
// NewSecretKey generate a new value intended to be used by SECRET_KEY.
func NewSecretKey ( ) ( string , error ) {
2022-01-26 12:10:10 +08:00
secretKey , err := util . CryptoRandomString ( 64 )
2018-02-18 18:14:37 +00:00
if err != nil {
return "" , err
}
return secretKey , nil
}
