From b1d548b9f048088c54be10040017e2b32ed2d243 Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Mon, 1 Jul 2024 12:35:02 -0400 Subject: [PATCH 1/3] Don't init oauth if settings have it disabled --- services/auth/source/oauth2/init.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/services/auth/source/oauth2/init.go b/services/auth/source/oauth2/init.go index 5c2568154863c..2e3df14609f44 100644 --- a/services/auth/source/oauth2/init.go +++ b/services/auth/source/oauth2/init.go @@ -30,6 +30,11 @@ const ProviderHeaderKey = "gitea-oauth2-provider" // Init initializes the oauth source func Init(ctx context.Context) error { + // if oauth is disabled, we don't need to initialize anything + if !setting.OAuth2.Enable { + return + } + if err := InitSigningKey(); err != nil { return err } From 78ee3137d1081cec3153e98d3d5c695659c8419b Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Mon, 1 Jul 2024 14:23:23 -0400 Subject: [PATCH 2/3] include second part of patch. If users have oauth enabled, without this it is possible to have suprious jwt/ directories all over the place --- services/auth/source/oauth2/jwtsigningkey.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/services/auth/source/oauth2/jwtsigningkey.go b/services/auth/source/oauth2/jwtsigningkey.go index 070fffe60f7fb..cebe7fff48a83 100644 --- a/services/auth/source/oauth2/jwtsigningkey.go +++ b/services/auth/source/oauth2/jwtsigningkey.go @@ -336,6 +336,10 @@ func InitSigningKey() error { // loadOrCreateAsymmetricKey checks if the configured private key exists. // If it does not exist a new random key gets generated and saved on the configured path. func loadOrCreateAsymmetricKey() (any, error) { + if !filepath.IsAbs(setting.OAuth2.JWTSigningPrivateKeyFile) { + setting.OAuth2.JWTSigningPrivateKeyFile = filepath.Join(setting.AppDataPath, setting.OAuth2.JWTSigningPrivateKeyFile) + } + keyPath := setting.OAuth2.JWTSigningPrivateKeyFile isExist, err := util.IsExist(keyPath) From 028a77de0b31992ef3aa91b70a882dfd340d6384 Mon Sep 17 00:00:00 2001 From: Jason Song Date: Mon, 2 Sep 2024 14:59:30 +0800 Subject: [PATCH 3/3] Apply suggestions from code review Co-authored-by: delvh --- services/auth/source/oauth2/init.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/auth/source/oauth2/init.go b/services/auth/source/oauth2/init.go index 2e3df14609f44..cdb8af59d285f 100644 --- a/services/auth/source/oauth2/init.go +++ b/services/auth/source/oauth2/init.go @@ -31,8 +31,8 @@ const ProviderHeaderKey = "gitea-oauth2-provider" // Init initializes the oauth source func Init(ctx context.Context) error { // if oauth is disabled, we don't need to initialize anything - if !setting.OAuth2.Enable { - return + if !setting.OAuth2.Enabled { + return nil } if err := InitSigningKey(); err != nil {