gitea-admin/lti-api
1
0
Fork 0
mirror of https://gitlab.com/mbugroup/lti-api.git synced 2026-05-23 06:45:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

[FEAT/BE] down to hs256 without rotate key

Browse Source
This commit is contained in:
ragilap
2026-02-26 12:39:02 +07:00
parent 4d009978ae
commit 2cf4ab03ad
5 changed files with 121 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/config/config.go
+5
View File
@@ -50,6 +50,7 @@ var (
CORSMaxAge int
SSOIssuer string
SSOJWKSURL string
SSOHMACSecret string
SSOAllowedAudiences []string
SSOAuthorizeURL string
SSOTokenURL string
@@ -136,6 +137,7 @@ func init() {
// SSO integration
SSOIssuer = viper.GetString("SSO_ISSUER")
SSOJWKSURL = viper.GetString("SSO_JWKS_URL")
SSOHMACSecret = viper.GetString("SSO_HS_SECRET")
SSOAllowedAudiences = parseList("SSO_ALLOWED_AUDIENCES")
SSOAuthorizeURL = viper.GetString("SSO_AUTHORIZE_URL")
SSOTokenURL = viper.GetString("SSO_TOKEN_URL")
@@ -270,6 +272,9 @@ func ensureProdConfig() {
if SSOAuthorizeURL == "" || !strings.HasPrefix(SSOAuthorizeURL, "https://") {
panic("SSO_AUTHORIZE_URL must be https in production")
}
if strings.TrimSpace(SSOHMACSecret) == "" && strings.TrimSpace(SSOJWKSURL) == "" {
panic("SSO_JWKS_URL or SSO_HS_SECRET must be configured in production")
}
if SSOTokenURL == "" || !strings.HasPrefix(SSOTokenURL, "https://") {
panic("SSO_TOKEN_URL must be https in production")
}