ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-11-23 05:33:20 +05:30
Code Issues Packages Projects Releases Wiki Activity

Extract encryption key into the configuration param

Browse Source
This commit is contained in:
ErickSkrauch 2019-12-04 13:24:30 +03:00
parent 72cbf16c97
commit a9a56c9e1d
6 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env-dist
View File

@ -7,8 +7,10 @@ EMAILS_RENDERER_HOST=http://emails-renderer:3000
## Security params
JWT_USER_SECRET=
JWT_ENCRYPTION_KEY=
JWT_PUBLIC_KEY_PATH=
JWT_PRIVATE_KEY_PATH=
JWT_PRIVATE_KEY_PASS=
## External services
RECAPTCHA_PUBLIC=

7
api/components/OAuth2/Component.php
View File

@ -13,6 +13,11 @@ use yii\base\Component as BaseComponent;
class Component extends BaseComponent {
/**
* @var string|\Defuse\Crypto\Key
*/
public $encryptionKey;
/**
* @var AuthorizationServer
*/
@ -34,7 +39,7 @@ class Component extends BaseComponent {
$accessTokensRepo,
new Repositories\EmptyScopeRepository(),
new EmptyKey(),
'123' // TODO: extract to the variable
$this->encryptionKey
);
$authCodeGrant = new AuthCodeGrant($authCodesRepo, $refreshTokensRepo, new DateInterval('PT10M'));
$authCodeGrant->disableRequireCodeChallengeForPublicClients();

3
api/config/config-test.php
View File

@ -1,6 +1,9 @@
<?php
return [
'components' => [
'oauth' => [
'encryptionKey' => 'mock-encryption-key',
],
'tokens' => [
'hmacKey' => 'tests-secret-key',
'privateKeyPath' => codecept_data_dir('certs/private.pem'),

4
api/config/config.php
View File

@ -11,6 +11,10 @@ return [
'user' => [
'class' => api\components\User\Component::class,
],
'oauth' => [
'class' => api\components\OAuth2\Component::class,
'encryptionKey' => getenv('JWT_ENCRYPTION_KEY'),
],
'tokens' => [
'class' => api\components\Tokens\Component::class,
'hmacKey' => getenv('JWT_USER_SECRET'),

2
autocompletion.php
View File

@ -22,7 +22,6 @@ class Yii extends \yii\BaseYii {
* @property \GuzzleHttp\Client $guzzle
* @property \common\components\EmailsRenderer\Component $emailsRenderer
* @property \mito\sentry\Component $sentry
* @property \api\components\OAuth2\Component $oauth
* @property \common\components\StatsD $statsd
* @property \yii\queue\Queue $queue
* @property \api\components\Tokens\Component $tokens
@ -36,6 +35,7 @@ abstract class BaseApplication extends yii\base\Application {
*
* @property \api\components\User\Component $user User component.
* @property \api\components\ReCaptcha\Component $reCaptcha
* @property \api\components\OAuth2\Component $oauth
*
* @method \api\components\User\Component getUser()
*/

7
common/config/config.php
View File

@ -12,7 +12,7 @@ return [
'@console' => '@root/console',
],
'params' => [
'fromEmail' => 'ely@ely.by',
'fromEmail' => 'account@ely.by',
'supportEmail' => 'support@ely.by',
],
'container' => [
@ -91,12 +91,9 @@ return [
],
'emailsRenderer' => [
'class' => common\components\EmailsRenderer\Component::class,
'serviceUrl' => getenv('EMAILS_RENDERER_HOST'),
'serviceUrl' => getenv('EMAILS_RENDERER_HOST') ?: 'http://emails-renderer:3000',
'basePath' => '/images/emails',
],
'oauth' => [
'class' => api\components\OAuth2\Component::class,
],
'authManager' => [
'class' => \api\rbac\Manager::class,
'itemFile' => '@api/rbac/.generated/items.php',