devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: resetting the keys

Browse Source
This commit is contained in:
Lakhan Samani 2022-03-24 22:19:30 +05:30
parent f969495178
commit b1b43a41ca
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/resolvers/update_env.go
View File

@ -53,11 +53,19 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
} }
if isJWTUpdated { if isJWTUpdated {
// use to reset when type is changed from rsa, edsa -> hmac or vice a versa
defaultSecret := ""
defaultPublicKey := ""
defaultPrivateKey := ""
// check if jwt secret is provided // check if jwt secret is provided
if crypto.IsHMACA(algo) { if crypto.IsHMACA(algo) {
if params.JwtSecret == nil { if params.JwtSecret == nil {
return res, fmt.Errorf("jwt secret is required for HMAC algorithm") return res, fmt.Errorf("jwt secret is required for HMAC algorithm")
} }
// reset public key and private key
params.JwtPrivateKey = &defaultPrivateKey
params.JwtPublicKey = &defaultPublicKey
} }
if crypto.IsRSA(algo) { if crypto.IsRSA(algo) {
@ -65,6 +73,8 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
return res, fmt.Errorf("jwt private and public key is required for RSA (PKCS1) / ECDSA algorithm") return res, fmt.Errorf("jwt private and public key is required for RSA (PKCS1) / ECDSA algorithm")
} }
// reset the jwt secret
params.JwtSecret = &defaultSecret
_, err = crypto.ParseRsaPrivateKeyFromPemStr(*params.JwtPrivateKey) _, err = crypto.ParseRsaPrivateKeyFromPemStr(*params.JwtPrivateKey)
if err != nil { if err != nil {
return res, err return res, err
@ -81,6 +91,8 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
return res, fmt.Errorf("jwt private and public key is required for RSA (PKCS1) / ECDSA algorithm") return res, fmt.Errorf("jwt private and public key is required for RSA (PKCS1) / ECDSA algorithm")
} }
// reset the jwt secret
params.JwtSecret = &defaultSecret
_, err = crypto.ParseEcdsaPrivateKeyFromPemStr(*params.JwtPrivateKey) _, err = crypto.ParseEcdsaPrivateKeyFromPemStr(*params.JwtPrivateKey)
if err != nil { if err != nil {
return res, err return res, err