From 6331ec7b7ab7dca46087c8562778c13534c211b1 Mon Sep 17 00:00:00 2001 From: Lakhan Samani Date: Sat, 29 Jan 2022 17:02:44 +0530 Subject: [PATCH] Resolves #110 --- .env.sample | 16 +--------------- server/db/models/env.go | 4 ++-- server/env/persist_env.go | 21 +++++++++++++++------ server/test/resolvers_test.go | 2 +- server/utils/crypto.go | 12 ++++++------ 5 files changed, 25 insertions(+), 30 deletions(-) diff --git a/.env.sample b/.env.sample index 6bd3a9e..c541e7b 100644 --- a/.env.sample +++ b/.env.sample @@ -1,16 +1,2 @@ -ENV=production DATABASE_URL=data.db -DATABASE_TYPE=sqlite -ADMIN_SECRET=admin -JWT_SECRET=random_string -SENDER_EMAIL=info@authorizer.dev -SMTP_USERNAME=username -SMTP_PASSWORD=password -SMTP_HOST=smtp.mailtrap.io -SMTP_PORT=2525 -JWT_TYPE=HS256 -ROLES=user -DEFAULT_ROLES=user -PROTECTED_ROLES=admin -JWT_ROLE_CLAIM=role -CUSTOM_ACCESS_TOKEN_SCRIPT=function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;} \ No newline at end of file +DATABASE_TYPE=sqlite \ No newline at end of file diff --git a/server/db/models/env.go b/server/db/models/env.go index 24c6353..f98792c 100644 --- a/server/db/models/env.go +++ b/server/db/models/env.go @@ -4,8 +4,8 @@ package models type Env struct { Key string `json:"_key,omitempty" bson:"_key"` // for arangodb ID string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id"` - EnvData []byte `gorm:"type:text" json:"env" bson:"env"` - Hash string `gorm:"type:hash" json:"hash" bson:"hash"` + EnvData string `gorm:"type:text" json:"env" bson:"env"` + Hash string `gorm:"type:text" json:"hash" bson:"hash"` UpdatedAt int64 `gorm:"autoUpdateTime" json:"updated_at" bson:"updated_at"` CreatedAt int64 `gorm:"autoCreateTime" json:"created_at" bson:"created_at"` } diff --git a/server/env/persist_env.go b/server/env/persist_env.go index b887973..de2fc49 100644 --- a/server/env/persist_env.go +++ b/server/env/persist_env.go @@ -25,15 +25,19 @@ func PersistEnv() error { envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash) encodedHash := utils.EncryptB64(hash) - configData, err := json.Marshal(envstore.EnvInMemoryStoreObj.GetEnvStoreClone()) + encryptedConfig, err := utils.EncryptEnvData(envstore.EnvInMemoryStoreObj.GetEnvStoreClone()) if err != nil { return err } + // configData, err := json.Marshal() + // if err != nil { + // return err + // } - encryptedConfig, err := utils.EncryptAES(configData) - if err != nil { - return err - } + // encryptedConfig, err := utils.EncryptAES(configData) + // if err != nil { + // return err + // } env = models.Env{ Hash: encodedHash, @@ -51,7 +55,12 @@ func PersistEnv() error { } envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey) - decryptedConfigs, err := utils.DecryptAES(env.EnvData) + b64DecryptedConfig, err := utils.DecryptB64(env.EnvData) + if err != nil { + return err + } + + decryptedConfigs, err := utils.DecryptAES([]byte(b64DecryptedConfig)) if err != nil { return err } diff --git a/server/test/resolvers_test.go b/server/test/resolvers_test.go index 99ed69a..5bc8e86 100644 --- a/server/test/resolvers_test.go +++ b/server/test/resolvers_test.go @@ -26,7 +26,7 @@ func TestResolvers(t *testing.T) { // clean the persisted config for test to use fresh config envData, err := db.Provider.GetEnv() if err == nil { - envData.EnvData = []byte{} + envData.EnvData = "" db.Provider.UpdateEnv(envData) } env.PersistEnv() diff --git a/server/utils/crypto.go b/server/utils/crypto.go index b965a64..483d6be 100644 --- a/server/utils/crypto.go +++ b/server/utils/crypto.go @@ -90,29 +90,29 @@ func DecryptAES(ciphertext []byte) ([]byte, error) { } // EncryptEnvData is used to encrypt the env data -func EncryptEnvData(data envstore.Store) ([]byte, error) { +func EncryptEnvData(data envstore.Store) (string, error) { jsonBytes, err := json.Marshal(data) if err != nil { - return []byte{}, err + return "", err } envStoreObj := envstore.EnvInMemoryStoreObj.GetEnvStoreClone() err = json.Unmarshal(jsonBytes, &envStoreObj) if err != nil { - return []byte{}, err + return "", err } configData, err := json.Marshal(envStoreObj) if err != nil { - return []byte{}, err + return "", err } encryptedConfig, err := EncryptAES(configData) if err != nil { - return []byte{}, err + return "", err } - return encryptedConfig, nil + return EncryptB64(string(encryptedConfig)), nil } // EncryptPassword is used for encrypting password