mirror of
https://github.com/go-gitea/gitea
synced 2024-09-26 19:19:00 +02:00
Encrypt OAuth2 ClientSecret
This commit is contained in:
parent
708e87e17d
commit
fa36d3d45f
1 changed files with 24 additions and 2 deletions
|
@ -6,6 +6,8 @@ package oauth2
|
|||
import (
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/json"
|
||||
"code.gitea.io/gitea/modules/secret"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
)
|
||||
|
||||
// Source holds configuration for the OAuth2 login source.
|
||||
|
@ -13,6 +15,7 @@ type Source struct {
|
|||
Provider string
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
ClientSecretEncrypt string // Encrypted Client Secret
|
||||
OpenIDConnectAutoDiscoveryURL string
|
||||
CustomURLMapping *CustomURLMapping
|
||||
IconURL string
|
||||
|
@ -33,11 +36,30 @@ type Source struct {
|
|||
|
||||
// FromDB fills up an OAuth2Config from serialized format.
|
||||
func (source *Source) FromDB(bs []byte) error {
|
||||
return json.UnmarshalHandleDoubleEncode(bs, &source)
|
||||
err := json.UnmarshalHandleDoubleEncode(bs, &source)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if source.ClientSecretEncrypt != "" {
|
||||
source.ClientSecret, err = secret.DecryptSecret(setting.SecretKey, source.ClientSecretEncrypt)
|
||||
source.ClientSecretEncrypt = ""
|
||||
}
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
// ToDB exports an SMTPConfig to a serialized format.
|
||||
// ToDB exports an OAuth2Config to a serialized format.
|
||||
func (source *Source) ToDB() ([]byte, error) {
|
||||
var err error
|
||||
|
||||
source.ClientSecretEncrypt, err = secret.EncryptSecret(setting.SecretKey, source.ClientSecret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
source.ClientSecret = ""
|
||||
|
||||
return json.Marshal(source)
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue