From 78ee3137d1081cec3153e98d3d5c695659c8419b Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Mon, 1 Jul 2024 14:23:23 -0400 Subject: [PATCH] include second part of patch. If users have oauth enabled, without this it is possible to have suprious jwt/ directories all over the place --- services/auth/source/oauth2/jwtsigningkey.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/services/auth/source/oauth2/jwtsigningkey.go b/services/auth/source/oauth2/jwtsigningkey.go index 070fffe60f..cebe7fff48 100644 --- a/services/auth/source/oauth2/jwtsigningkey.go +++ b/services/auth/source/oauth2/jwtsigningkey.go @@ -336,6 +336,10 @@ func InitSigningKey() error { // loadOrCreateAsymmetricKey checks if the configured private key exists. // If it does not exist a new random key gets generated and saved on the configured path. func loadOrCreateAsymmetricKey() (any, error) { + if !filepath.IsAbs(setting.OAuth2.JWTSigningPrivateKeyFile) { + setting.OAuth2.JWTSigningPrivateKeyFile = filepath.Join(setting.AppDataPath, setting.OAuth2.JWTSigningPrivateKeyFile) + } + keyPath := setting.OAuth2.JWTSigningPrivateKeyFile isExist, err := util.IsExist(keyPath)