mirror of https://github.com/vouch/vouch-proxy
44 lines
1.1 KiB
Go
44 lines
1.1 KiB
Go
/*
|
|
|
|
Copyright 2020 The Vouch Proxy Authors.
|
|
Use of this source code is governed by The MIT License (MIT) that
|
|
can be found in the LICENSE file. Software distributed under The
|
|
MIT License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
|
|
OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
*/
|
|
|
|
package cfg
|
|
|
|
import (
|
|
"io/ioutil"
|
|
|
|
securerandom "github.com/theckman/go-securerandom"
|
|
)
|
|
|
|
func getOrGenerateJWTSecret() string {
|
|
b, err := ioutil.ReadFile(secretFile)
|
|
if err == nil {
|
|
log.Info("jwt.secret read from " + secretFile)
|
|
} else {
|
|
// then generate a new secret and store it in the file
|
|
log.Debug(err)
|
|
log.Info("jwt.secret not found in " + secretFile)
|
|
log.Warn("generating random jwt.secret and storing it in " + secretFile)
|
|
|
|
// make sure to create 256 bits for the secret
|
|
// see https://github.com/vouch/vouch-proxy/issues/54
|
|
rstr, err := securerandom.Base64OfBytes(base64Bytes)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
b = []byte(rstr)
|
|
err = ioutil.WriteFile(secretFile, b, 0600)
|
|
if err != nil {
|
|
log.Error(err)
|
|
logSysInfo()
|
|
}
|
|
}
|
|
return string(b)
|
|
}
|