2024-02-18 20:39:04 +03:00
// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package setting
import (
2024-05-14 17:21:38 +03:00
"os"
2024-02-18 20:39:04 +03:00
"testing"
"code.gitea.io/gitea/modules/generate"
"code.gitea.io/gitea/modules/test"
"github.com/stretchr/testify/assert"
2024-07-30 22:41:10 +03:00
"github.com/stretchr/testify/require"
2024-02-18 20:39:04 +03:00
)
func TestGetGeneralSigningSecret ( t * testing . T ) {
// when there is no general signing secret, it should be generated, and keep the same value
2024-05-14 17:21:38 +03:00
generalSigningSecret . Store ( nil )
2024-02-18 20:39:04 +03:00
s1 := GetGeneralTokenSigningSecret ( )
assert . NotNil ( t , s1 )
s2 := GetGeneralTokenSigningSecret ( )
assert . Equal ( t , s1 , s2 )
// the config value should always override any pre-generated value
cfg , _ := NewConfigProviderFromData ( `
[ oauth2 ]
JWT_SECRET = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
` )
defer test . MockVariableValue ( & InstallLock , true ) ( )
loadOAuth2From ( cfg )
actual := GetGeneralTokenSigningSecret ( )
expected , _ := generate . DecodeJwtSecret ( "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB" )
assert . Len ( t , actual , 32 )
assert . EqualValues ( t , expected , actual )
}
2024-05-14 17:21:38 +03:00
func TestGetGeneralSigningSecretSave ( t * testing . T ) {
defer test . MockVariableValue ( & InstallLock , true ) ( )
old := GetGeneralTokenSigningSecret ( )
assert . Len ( t , old , 32 )
tmpFile := t . TempDir ( ) + "/app.ini"
_ = os . WriteFile ( tmpFile , nil , 0 o644 )
cfg , _ := NewConfigProviderFromFile ( tmpFile )
loadOAuth2From ( cfg )
generated := GetGeneralTokenSigningSecret ( )
assert . Len ( t , generated , 32 )
assert . NotEqual ( t , old , generated )
generalSigningSecret . Store ( nil )
cfg , _ = NewConfigProviderFromFile ( tmpFile )
loadOAuth2From ( cfg )
again := GetGeneralTokenSigningSecret ( )
assert . Equal ( t , generated , again )
iniContent , err := os . ReadFile ( tmpFile )
2024-07-30 22:41:10 +03:00
require . NoError ( t , err )
2024-05-14 17:21:38 +03:00
assert . Contains ( t , string ( iniContent ) , "JWT_SECRET = " )
}