sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions

feat: Add option to use HS512 secret for JWT instead of ED25519 (#680)

Browse source 
* Add functionality for HS512 JWT tokens

* Add HS512_SECRET to installation docs

* Update CHANGELOG.md regarding HS512

* Move HS512_SECRET to advenced section in docs

* Move token Keyfunc logic to Server function

* Add Keyfunc to spelling

* chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Martin Weidenauer <mweidenauer@nanx0as46153.anx.local>
Co-authored-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Martin 2025-06-26 12:06:44 +02:00 committed by GitHub
parent 1562f88c35
commit 59f5b07281
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 68 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/http.go
View file

@ -201,5 +201,9 @@ func (s *Server) signJWT(claims jwt.MapClaims) (string, error) {
claims["nbf"] = time.Now().Add(-1 * time.Minute).Unix()
claims["exp"] = time.Now().Add(s.opts.CookieExpiration).Unix()
return jwt.NewWithClaims(jwt.SigningMethodEdDSA, claims).SignedString(s.priv)
if len(s.hs512Secret) == 0 {
return jwt.NewWithClaims(jwt.SigningMethodEdDSA, claims).SignedString(s.ed25519Priv)
} else {
return jwt.NewWithClaims(jwt.SigningMethodHS512, claims).SignedString(s.hs512Secret)
}
}