Refactor JWT secret generating & decoding code (#29172)

Old code is not consistent for generating & decoding the JWT secrets. Now, the callers only need to use 2 consistent functions: NewJwtSecretWithBase64 and DecodeJwtSecretBase64 And remove a non-common function Base64FixedDecode from util.go
2025-07-15 23:17:19 +00:00 · 2024-02-16 23:18:30 +08:00
parent 7132a0ba75
commit 45c15387b2
9 changed files with 57 additions and 46 deletions
--- a/modules/setting/oauth2.go
+++ b/modules/setting/oauth2.go
@@ -4,13 +4,11 @@
 package setting

 import (
-	"encoding/base64"
 	"math"
 	"path/filepath"

 	"code.gitea.io/gitea/modules/generate"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/util"
 )

 // OAuth2UsernameType is enum describing the way gitea 'name' should be generated from oauth2 data
@@ -137,13 +135,12 @@ func loadOAuth2From(rootCfg ConfigProvider) {
 	}

 	if InstallLock {
-		if _, err := util.Base64FixedDecode(base64.RawURLEncoding, []byte(OAuth2.JWTSecretBase64), 32); err != nil {
-			key, err := generate.NewJwtSecret()
+		if _, err := generate.DecodeJwtSecretBase64(OAuth2.JWTSecretBase64); err != nil {
+			_, OAuth2.JWTSecretBase64, err = generate.NewJwtSecretWithBase64()
 			if err != nil {
 				log.Fatal("error generating JWT secret: %v", err)
 			}

-			OAuth2.JWTSecretBase64 = base64.RawURLEncoding.EncodeToString(key)
 			saveCfg, err := rootCfg.PrepareSaving()
 			if err != nil {
 				log.Fatal("save oauth2.JWT_SECRET failed: %v", err)