Mirrors/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2024-09-01 14:56:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

include second part of patch. If users have oauth enabled, without this it is possible to have suprious jwt/ directories all over the place

Browse Source
This commit is contained in:
techknowlogick 2024-07-01 14:23:23 -04:00
parent b1d548b9f0
commit 78ee3137d1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
services/auth/source/oauth2/jwtsigningkey.go
View File

@ -336,6 +336,10 @@ func InitSigningKey() error {
// loadOrCreateAsymmetricKey checks if the configured private key exists. // loadOrCreateAsymmetricKey checks if the configured private key exists.
// If it does not exist a new random key gets generated and saved on the configured path. // If it does not exist a new random key gets generated and saved on the configured path.
func loadOrCreateAsymmetricKey() (any, error) { func loadOrCreateAsymmetricKey() (any, error) {
if !filepath.IsAbs(setting.OAuth2.JWTSigningPrivateKeyFile) {
setting.OAuth2.JWTSigningPrivateKeyFile = filepath.Join(setting.AppDataPath, setting.OAuth2.JWTSigningPrivateKeyFile)
}
keyPath := setting.OAuth2.JWTSigningPrivateKeyFile keyPath := setting.OAuth2.JWTSigningPrivateKeyFile
isExist, err := util.IsExist(keyPath) isExist, err := util.IsExist(keyPath)