ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-09-13 15:15:33 +05:30
Code Issues Packages Projects Releases Wiki Activity

Extract encryption key into the configuration param

Browse Source
This commit is contained in:
ErickSkrauch 2019-12-04 13:24:30 +03:00
parent 72cbf16c97
commit a9a56c9e1d
6 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env-dist
View File

@ -7,8 +7,10 @@ EMAILS_RENDERER_HOST=http://emails-renderer:3000
## Security params ## Security params
JWT_USER_SECRET= JWT_USER_SECRET=
JWT_ENCRYPTION_KEY=
JWT_PUBLIC_KEY_PATH= JWT_PUBLIC_KEY_PATH=
JWT_PRIVATE_KEY_PATH= JWT_PRIVATE_KEY_PATH=
JWT_PRIVATE_KEY_PASS=
## External services ## External services
RECAPTCHA_PUBLIC= RECAPTCHA_PUBLIC=

7
api/components/OAuth2/Component.php
View File

@ -13,6 +13,11 @@ use yii\base\Component as BaseComponent;
class Component extends BaseComponent { class Component extends BaseComponent {
/**
* @var string|\Defuse\Crypto\Key
*/
public $encryptionKey;
/** /**
* @var AuthorizationServer * @var AuthorizationServer
*/ */
@ -34,7 +39,7 @@ class Component extends BaseComponent {
$accessTokensRepo, $accessTokensRepo,
new Repositories\EmptyScopeRepository(), new Repositories\EmptyScopeRepository(),
new EmptyKey(), new EmptyKey(),
'123' // TODO: extract to the variable $this->encryptionKey
); );
$authCodeGrant = new AuthCodeGrant($authCodesRepo, $refreshTokensRepo, new DateInterval('PT10M')); $authCodeGrant = new AuthCodeGrant($authCodesRepo, $refreshTokensRepo, new DateInterval('PT10M'));
$authCodeGrant->disableRequireCodeChallengeForPublicClients(); $authCodeGrant->disableRequireCodeChallengeForPublicClients();

3
api/config/config-test.php
View File

@ -1,6 +1,9 @@
<?php <?php
return [ return [
'components' => [ 'components' => [
'oauth' => [
'encryptionKey' => 'mock-encryption-key',
],
'tokens' => [ 'tokens' => [
'hmacKey' => 'tests-secret-key', 'hmacKey' => 'tests-secret-key',
'privateKeyPath' => codecept_data_dir('certs/private.pem'), 'privateKeyPath' => codecept_data_dir('certs/private.pem'),

4
api/config/config.php
View File

@ -11,6 +11,10 @@ return [
'user' => [ 'user' => [
'class' => api\components\User\Component::class, 'class' => api\components\User\Component::class,
], ],
'oauth' => [
'class' => api\components\OAuth2\Component::class,
'encryptionKey' => getenv('JWT_ENCRYPTION_KEY'),
],
'tokens' => [ 'tokens' => [
'class' => api\components\Tokens\Component::class, 'class' => api\components\Tokens\Component::class,
'hmacKey' => getenv('JWT_USER_SECRET'), 'hmacKey' => getenv('JWT_USER_SECRET'),

2
autocompletion.php
View File

@ -22,7 +22,6 @@ class Yii extends \yii\BaseYii {
* @property \GuzzleHttp\Client $guzzle * @property \GuzzleHttp\Client $guzzle
* @property \common\components\EmailsRenderer\Component $emailsRenderer * @property \common\components\EmailsRenderer\Component $emailsRenderer
* @property \mito\sentry\Component $sentry * @property \mito\sentry\Component $sentry
* @property \api\components\OAuth2\Component $oauth
* @property \common\components\StatsD $statsd * @property \common\components\StatsD $statsd
* @property \yii\queue\Queue $queue * @property \yii\queue\Queue $queue
* @property \api\components\Tokens\Component $tokens * @property \api\components\Tokens\Component $tokens
@ -36,6 +35,7 @@ abstract class BaseApplication extends yii\base\Application {
* *
* @property \api\components\User\Component $user User component. * @property \api\components\User\Component $user User component.
* @property \api\components\ReCaptcha\Component $reCaptcha * @property \api\components\ReCaptcha\Component $reCaptcha
* @property \api\components\OAuth2\Component $oauth
* *
* @method \api\components\User\Component getUser() * @method \api\components\User\Component getUser()
*/ */

7
common/config/config.php
View File

@ -12,7 +12,7 @@ return [
'@console' => '@root/console', '@console' => '@root/console',
], ],
'params' => [ 'params' => [
'fromEmail' => 'ely@ely.by', 'fromEmail' => 'account@ely.by',
'supportEmail' => 'support@ely.by', 'supportEmail' => 'support@ely.by',
], ],
'container' => [ 'container' => [
@ -91,12 +91,9 @@ return [
], ],
'emailsRenderer' => [ 'emailsRenderer' => [
'class' => common\components\EmailsRenderer\Component::class, 'class' => common\components\EmailsRenderer\Component::class,
'serviceUrl' => getenv('EMAILS_RENDERER_HOST'), 'serviceUrl' => getenv('EMAILS_RENDERER_HOST') ?: 'http://emails-renderer:3000',
'basePath' => '/images/emails', 'basePath' => '/images/emails',
], ],
'oauth' => [
'class' => api\components\OAuth2\Component::class,
],
'authManager' => [ 'authManager' => [
'class' => \api\rbac\Manager::class, 'class' => \api\rbac\Manager::class,
'itemFile' => '@api/rbac/.generated/items.php', 'itemFile' => '@api/rbac/.generated/items.php',