Moved v3 code from NginxProxyManager/nginx-proxy-manager-3 to NginxProxyManager/nginx-proxy-manager

2022-05-12 08:47:31 +10:00
parent 4db34f5894
commit 2110ecc382
830 changed files with 38168 additions and 36635 deletions
--- a/backend/internal/jwt/jwt.go
+++ b/backend/internal/jwt/jwt.go
@ -0,0 +1,60 @@
+package jwt
+
+import (
+	"fmt"
+	"time"
+
+	"npm/internal/entity/user"
+	"npm/internal/logger"
+
+	"github.com/dgrijalva/jwt-go"
+)
+
+// UserJWTClaims is the structure of a JWT for a User
+type UserJWTClaims struct {
+	UserID int      `json:"uid"`
+	Roles  []string `json:"roles"`
+	jwt.StandardClaims
+}
+
+// GeneratedResponse is the response of a generated token, usually used in http response
+type GeneratedResponse struct {
+	Expires int64  `json:"expires"`
+	Token   string `json:"token"`
+}
+
+// Generate will create a JWT
+func Generate(userObj *user.Model) (GeneratedResponse, error) {
+	var response GeneratedResponse
+
+	key, _ := GetPrivateKey()
+	expires := time.Now().AddDate(0, 0, 1) // 1 day
+
+	// Create the Claims
+	claims := UserJWTClaims{
+		userObj.ID,
+		[]string{"user"},
+		jwt.StandardClaims{
+			IssuedAt:  time.Now().Unix(),
+			ExpiresAt: expires.Unix(),
+			Issuer:    "api",
+		},
+	}
+
+	// Create a new token object, specifying signing method and the claims
+	// you would like it to contain.
+	token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
+	var err error
+	token.Signature, err = token.SignedString(key)
+	if err != nil {
+		logger.Error("JWTError", fmt.Errorf("Error signing token: %v", err))
+		return response, err
+	}
+
+	response = GeneratedResponse{
+		Expires: expires.Unix(),
+		Token:   token.Signature,
+	}
+
+	return response, nil
+}
--- a/backend/internal/jwt/keys.go
+++ b/backend/internal/jwt/keys.go
@ -0,0 +1,86 @@
+package jwt
+
+import (
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+
+	"npm/internal/config"
+)
+
+var (
+	privateKey *rsa.PrivateKey
+	publicKey  *rsa.PublicKey
+)
+
+// GetPrivateKey will load the key from config package and return a usable object
+// It should only load from file once per program execution
+func GetPrivateKey() (*rsa.PrivateKey, error) {
+	if privateKey == nil {
+		var blankKey *rsa.PrivateKey
+
+		if config.PrivateKey == "" {
+			return blankKey, errors.New("Could not get Private Key from configuration")
+		}
+
+		var err error
+		privateKey, err = LoadPemPrivateKey(config.PrivateKey)
+		if err != nil {
+			return blankKey, err
+		}
+	}
+
+	pub, pubErr := GetPublicKey()
+	if pubErr != nil {
+		return privateKey, pubErr
+	}
+
+	privateKey.PublicKey = *pub
+
+	return privateKey, pubErr
+}
+
+// GetPublicKey will load the key from config package and return a usable object
+// It should only load once per program execution
+func GetPublicKey() (*rsa.PublicKey, error) {
+	if publicKey == nil {
+		var blankKey *rsa.PublicKey
+
+		if config.PublicKey == "" {
+			return blankKey, errors.New("Could not get Public Key filename, check environment variables")
+		}
+
+		var err error
+		publicKey, err = LoadPemPublicKey(config.PublicKey)
+		if err != nil {
+			return blankKey, err
+		}
+	}
+
+	return publicKey, nil
+}
+
+// LoadPemPrivateKey reads a key from a PEM encoded string and returns a private key
+func LoadPemPrivateKey(content string) (*rsa.PrivateKey, error) {
+	var key *rsa.PrivateKey
+	data, _ := pem.Decode([]byte(content))
+	var err error
+	key, err = x509.ParsePKCS1PrivateKey(data.Bytes)
+	if err != nil {
+		return key, err
+	}
+	return key, nil
+}
+
+// LoadPemPublicKey reads a key from a PEM encoded string and returns a public key
+func LoadPemPublicKey(content string) (*rsa.PublicKey, error) {
+	var key *rsa.PublicKey
+	data, _ := pem.Decode([]byte(content))
+	publicKeyFileImported, err := x509.ParsePKCS1PublicKey(data.Bytes)
+	if err != nil {
+		return key, err
+	}
+
+	return publicKeyFileImported, nil
+}