TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-10-09 11:12:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: read key data for system api users from config (#3731)

Browse Source
This commit is contained in:
Livio Amstutz
2022-05-30 14:53:21 +02:00
committed by GitHub
parent b3f50702f8
commit 992892a8bb
1 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
internal/api/authz/token.go
View File

@@ -77,7 +77,19 @@ type systemJWTStorage struct {
} }
type SystemAPIUser struct { type SystemAPIUser struct {
Path string Path string //if a path is specified, the key will be read from that path
KeyData []byte //else you can also specify the data directly in the KeyData
}
func (s *SystemAPIUser) readKey() (*rsa.PublicKey, error) {
if s.Path != "" {
var err error
s.KeyData, err = os.ReadFile(s.Path)
if err != nil {
return nil, caos_errs.ThrowInternal(err, "AUTHZ-JK31F", "Errors.NotFound")
}
}
return crypto.BytesToPublicKey(s.KeyData)
} }
func (s *systemJWTStorage) GetKeyByIDAndUserID(_ context.Context, _, userID string) (*jose.JSONWebKey, error) { func (s *systemJWTStorage) GetKeyByIDAndUserID(_ context.Context, _, userID string) (*jose.JSONWebKey, error) {
@@ -91,11 +103,7 @@ func (s *systemJWTStorage) GetKeyByIDAndUserID(_ context.Context, _, userID stri
} }
defer s.mutex.Unlock() defer s.mutex.Unlock()
s.mutex.Lock() s.mutex.Lock()
keyData, err := os.ReadFile(key.Path) publicKey, err := key.readKey()
if err != nil {
return nil, caos_errs.ThrowInternal(err, "AUTHZ-JK31F", "Errors.NotFound")
}
publicKey, err := crypto.BytesToPublicKey(keyData)
if err != nil { if err != nil {
return nil, err return nil, err
} }