TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: read key data for system api users from config (#3731)

Browse Source
This commit is contained in:
Livio Amstutz 2022-05-30 14:53:21 +02:00 committed by GitHub
parent b3f50702f8
commit 992892a8bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
internal/api/authz/token.go
View File

@ -77,7 +77,19 @@ type systemJWTStorage struct {
} }
type SystemAPIUser struct { type SystemAPIUser struct {
Path string Path string //if a path is specified, the key will be read from that path
KeyData []byte //else you can also specify the data directly in the KeyData
}
func (s *SystemAPIUser) readKey() (*rsa.PublicKey, error) {
if s.Path != "" {
var err error
s.KeyData, err = os.ReadFile(s.Path)
if err != nil {
return nil, caos_errs.ThrowInternal(err, "AUTHZ-JK31F", "Errors.NotFound")
}
}
return crypto.BytesToPublicKey(s.KeyData)
} }
func (s *systemJWTStorage) GetKeyByIDAndUserID(_ context.Context, _, userID string) (*jose.JSONWebKey, error) { func (s *systemJWTStorage) GetKeyByIDAndUserID(_ context.Context, _, userID string) (*jose.JSONWebKey, error) {
@ -91,11 +103,7 @@ func (s *systemJWTStorage) GetKeyByIDAndUserID(_ context.Context, _, userID stri
} }
defer s.mutex.Unlock() defer s.mutex.Unlock()
s.mutex.Lock() s.mutex.Lock()
keyData, err := os.ReadFile(key.Path) publicKey, err := key.readKey()
if err != nil {
return nil, caos_errs.ThrowInternal(err, "AUTHZ-JK31F", "Errors.NotFound")
}
publicKey, err := crypto.BytesToPublicKey(keyData)
if err != nil { if err != nil {
return nil, err return nil, err
} }