Add asymmetric JWT signing (#16010)

* Added asymmetric token signing. * Load signing key from settings. * Added optional kid parameter. * Updated documentation. * Add "kid" to token header.
2025-05-20 14:00:04 +02:00 · 2021-06-17 23:56:46 +02:00 · 2021-06-17 23:56:46 +02:00 · 29695cd6d5
commit 29695cd6d5
parent f7cd394680
13 changed files with 481 additions and 47 deletions
--- a/modules/setting/lfs.go
+++ b/modules/setting/lfs.go
@ -54,7 +54,7 @@ func newLFSService() {
 		n, err := base64.RawURLEncoding.Decode(LFS.JWTSecretBytes, []byte(LFS.JWTSecretBase64))

 		if err != nil || n != 32 {
-			LFS.JWTSecretBase64, err = generate.NewJwtSecret()
+			LFS.JWTSecretBase64, err = generate.NewJwtSecretBase64()
 			if err != nil {
 				log.Fatal("Error generating JWT Secret for custom config: %v", err)
 				return