From 901a5e27fc084b0cd4417b6eaf60d072dcf57d78 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Tue, 14 May 2024 14:55:37 +0200 Subject: [PATCH] - let ocis init generate jwt token for collaboration service - separate REVA jwt secret from WOPI jwt secret - fix gatway service name configuration --- ocis/pkg/init/init.go | 12 ++++++++++++ services/collaboration/README.md | 2 +- services/collaboration/pkg/config/config.go | 2 +- services/collaboration/pkg/config/cs3api.go | 2 +- .../pkg/config/defaults/defaultconfig.go | 3 --- 5 files changed, 15 insertions(+), 6 deletions(-) diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go index 70d6865cc1..ba7aebf431 100644 --- a/ocis/pkg/init/init.go +++ b/ocis/pkg/init/init.go @@ -156,6 +156,10 @@ type Clientlog struct { ServiceAccount ServiceAccount `yaml:"service_account"` } +type Collaboration struct { + JWTSecret string `yaml:"jwt_secret"` +} + type Nats struct { // The nats config has a field called nats Nats struct { @@ -191,6 +195,7 @@ type OcisConfig struct { Graph GraphService Idp LdapBasedService Idm IdmService + Collaboration Collaboration Proxy ProxyService Frontend FrontendService AuthBasic AuthbasicService `yaml:"auth_basic"` @@ -289,6 +294,10 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin if err != nil { return fmt.Errorf("could not generate random password for tokenmanager: %s", err) } + collaborationJwtSecret, err := generators.GenerateRandomPassword(passwordLength) + if err != nil { + return fmt.Errorf("could not generate random password for collaboration service: %s", err) + } machineAuthAPIKey, err := generators.GenerateRandomPassword(passwordLength) if err != nil { return fmt.Errorf("could not generate random password for machineauthsecret: %s", err) @@ -344,6 +353,9 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin }, }, }, + Collaboration: Collaboration{ + JWTSecret: collaborationJwtSecret, + }, Groups: UsersAndGroupsService{ Drivers: LdapBasedService{ Ldap: LdapSettings{ diff --git a/services/collaboration/README.md b/services/collaboration/README.md index 8f2eb61bb8..61c75d614a 100644 --- a/services/collaboration/README.md +++ b/services/collaboration/README.md @@ -10,7 +10,7 @@ The collaboration service requires the target document server (ONLYOFFICE, Colla * External document server. * The gateway service. -* The app-provider service. +* The app-registry service. If any of the named services above have not been started or are not reachable, the collaboration service won't start. For the binary or the docker release of Infinite Scale, check with the `ocis list` command if they have been started. If not, you must start them manually upfront before starting the collaboration service. diff --git a/services/collaboration/pkg/config/config.go b/services/collaboration/pkg/config/config.go index 7654a5e34e..20bd86fe42 100644 --- a/services/collaboration/pkg/config/config.go +++ b/services/collaboration/pkg/config/config.go @@ -14,7 +14,7 @@ type Config struct { Service Service `yaml:"-"` App App `yaml:"app"` - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET" desc:"Used as JWT token and to encrypt access token." introductionVersion:"5.1"` + JWTSecret string `yaml:"jwt_secret" env:"COLLABORATION_JWT_SECRET" desc:"Used as mint and verify WOPI JWT tokens and encrypt and decrypt the REVA JWT token embedded in the WOPI JWT token." introductionVersion:"5.1"` GRPC GRPC `yaml:"grpc"` HTTP HTTP `yaml:"http"` diff --git a/services/collaboration/pkg/config/cs3api.go b/services/collaboration/pkg/config/cs3api.go index 776cf86177..d2a85f3e11 100644 --- a/services/collaboration/pkg/config/cs3api.go +++ b/services/collaboration/pkg/config/cs3api.go @@ -8,7 +8,7 @@ type CS3Api struct { // Gateway defines the available configuration for the CS3 API gateway type Gateway struct { - Name string `yaml: "name" env:"OCIS_REVA_GATEWAY;COLLABORATION_CS3API_GATEWAY_NAME" desc:"The service name of the CS3API gateway." introductionVersion:"5.1"` + Name string `yaml:"name" env:"OCIS_REVA_GATEWAY;COLLABORATION_CS3API_GATEWAY_NAME" desc:"The service name of the CS3API gateway." introductionVersion:"5.1"` } // DataGateway defines the available configuration for the CS3 API data gateway diff --git a/services/collaboration/pkg/config/defaults/defaultconfig.go b/services/collaboration/pkg/config/defaults/defaultconfig.go index ef4edc91ee..88f85128f2 100644 --- a/services/collaboration/pkg/config/defaults/defaultconfig.go +++ b/services/collaboration/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,6 @@ package defaults import ( - "github.com/owncloud/ocis/v2/ocis-pkg/generators" "github.com/owncloud/ocis/v2/services/collaboration/pkg/config" ) @@ -15,7 +14,6 @@ func FullDefaultConfig() *config.Config { // DefaultConfig returns a basic default configuration func DefaultConfig() *config.Config { - secret, _ := generators.GenerateRandomString(generators.AlphaNumChars, 32) // anything to do with the error? return &config.Config{ Service: config.Service{ Name: "collaboration", @@ -26,7 +24,6 @@ func DefaultConfig() *config.Config { Icon: "image-edit", LockName: "com.github.owncloud.collaboration", }, - JWTSecret: secret, GRPC: config.GRPC{ Addr: "0.0.0.0:9301", Namespace: "com.owncloud.collaboration",