From df94ab94fb81e6f793bf5effb5350365bbf1fcbc Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Thu, 8 Jul 2021 10:20:36 +0200 Subject: [PATCH] feat: add new option JWT_SIGNING_ALGORITHM (gitea v1.15) --- defaults/main.yml | 10 ++++++---- templates/custom/conf/app.ini.j2 | 1 + 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index cc3ff7a..a609eb6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -251,11 +251,13 @@ gitea_access_token_expiration_time: 3600 gitea_refresh_token_expiration_time: 730 gitea_invalidate_refresh_tokens: False -# @bar gitea_jwt_secret:description: > -# OAuth2 authentication secret for access and refresh tokens. -# Should be replaced by your own secret. +gitea_jwt_signing_algorithm: RS256 + +# @var gitea_jwt_secret:description: > +# OAuth2 authentication secret for access and refresh tokens. Should be replaced by your own secret. +# Only works if `gitea_jwt_signing_algorithm` is set to HS256, HS384 or HS512. # @end -gitea_jwt_secret: Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU +# @var gitea_jwt_secret:example: $ "Bk0yK7Y9g_p56v86KaHqjSbxvNvu3SbKoOdOt2ZcXvU" gitea_metrics_enabled: False # @var gitea_metrics_token:description: If you want to add authorization, specify a token here. diff --git a/templates/custom/conf/app.ini.j2 b/templates/custom/conf/app.ini.j2 index 5c0d4e1..46ccacd 100644 --- a/templates/custom/conf/app.ini.j2 +++ b/templates/custom/conf/app.ini.j2 @@ -281,6 +281,7 @@ ENABLE = true ACCESS_TOKEN_EXPIRATION_TIME = {{ gitea_access_token_expiration_time }} REFRESH_TOKEN_EXPIRATION_TIME = {{ gitea_refresh_token_expiration_time }} INVALIDATE_REFRESH_TOKENS = {{ gitea_invalidate_refresh_tokens | bool | lower }} +JWT_SIGNING_ALGORITHM = {{ gitea_jwt_signing_algorithm }} JWT_SECRET = {{ gitea_jwt_secret }} {% else %} [oauth2]