mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-04-29 03:33:10 -04:00
Code Issues Packages Projects Releases Wiki Activity

feat!: Make the url signing secret a mandatory config option

Browse Source 
This is required for allowing the web office to download images to
insert into documents.

The secret is generated by `opencloud init` and the server refuses
to start now without a secret being set. (Breaking Change)

Also the setting is now moved to the shared options as all involved
services need the same secret to work properly.

Related: https://github.com/opencloud-eu/web/issues/704
This commit is contained in:
Ralf Haferkamp
2025-10-29 12:06:44 +01:00
committed by Ralf Haferkamp
parent 589cee4ab3
commit 37609e52df
12 changed files with 54 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
services/proxy/pkg/command/server.go
View File

@@ -311,15 +311,11 @@ func loadMiddlewares(logger log.Logger, cfg *config.Config,
RevaGatewaySelector: gatewaySelector,
})
var signURLVerifier signedurl.Verifier
if cfg.PreSignedURL.JWTSigningSharedSecret != "" {
var err error
signURLVerifier, err = signedurl.NewJWTSignedURL(signedurl.WithSecret(cfg.PreSignedURL.JWTSigningSharedSecret))
if err != nil {
logger.Fatal().Err(err).Msg("Failed to initialize signed URL configuration.")
}
signURLVerifier, err := signedurl.NewJWTSignedURL(signedurl.WithSecret(cfg.Commons.URLSigningSecret))
if err != nil {
logger.Fatal().Err(err).Msg("Failed to initialize signed URL configuration.")
}
authenticators = append(authenticators, middleware.SignedURLAuthenticator{
Logger: logger,
PreSignedURLConfig: cfg.PreSignedURL,