Skip to content

Commit 69fbac3

Browse files
DotunjDotunj
authored
fix: add support for jwt env variables (frain-dev#813)
1 parent fb1ef97 commit 69fbac3

File tree

2 files changed

+36
-6
lines changed

2 files changed

+36
-6
lines changed

config/config.go

+29-5
Original file line numberDiff line numberDiff line change
@@ -71,11 +71,11 @@ type NativeRealmOptions struct {
7171
}
7272

7373
type JwtRealmOptions struct {
74-
Enabled bool `json:"enabled"`
75-
Secret string `json:"secret"`
76-
Expiry int `json:"expiry"`
77-
RefreshSecret string `json:"refresh_secret"`
78-
RefreshExpiry int `json:"refresh_expiry"`
74+
Enabled bool `json:"enabled" envconfig:"CONVOY_JWT_REALM_ENABLED"`
75+
Secret string `json:"secret" envconfig:"CONVOY_JWT_SECRET"`
76+
Expiry int `json:"expiry" envconfig:"CONVOY_JWT_EXPIRY"`
77+
RefreshSecret string `json:"refresh_secret" envconfig:"CONVOY_JWT_REFRESH_SECRET"`
78+
RefreshExpiry int `json:"refresh_expiry" envconfig:"CONVOY_JWT_REFRESH_EXPIRY"`
7979
}
8080

8181
type SMTPConfiguration struct {
@@ -421,6 +421,26 @@ func overrideConfigWithEnvVars(c *Configuration, override *Configuration) {
421421
c.Auth.File.Basic = override.Auth.File.Basic
422422
}
423423

424+
// CONVOY_JWT_SECRET
425+
if !IsStringEmpty(override.Auth.Jwt.Secret) {
426+
c.Auth.Jwt.Secret = override.Auth.Jwt.Secret
427+
}
428+
429+
// CONVOY_JWT_EXPIRY
430+
if override.Auth.Jwt.Expiry != 0 {
431+
c.Auth.Jwt.Expiry = override.Auth.Jwt.Expiry
432+
}
433+
434+
// CONVOY_JWT_REFRESH_SECRET
435+
if !IsStringEmpty(override.Auth.Jwt.RefreshSecret) {
436+
c.Auth.Jwt.RefreshSecret = override.Auth.Jwt.RefreshSecret
437+
}
438+
439+
// CONVOY_JWT_REFRESH_EXPIRY
440+
if override.Auth.Jwt.RefreshExpiry != 0 {
441+
c.Auth.Jwt.RefreshExpiry = override.Auth.Jwt.RefreshExpiry
442+
}
443+
424444
// boolean values are weird; we have to check if they are actually set
425445

426446
if _, ok := os.LookupEnv("CONVOY_MULTIPLE_TENANTS"); ok {
@@ -438,6 +458,10 @@ func overrideConfigWithEnvVars(c *Configuration, override *Configuration) {
438458
if _, ok := os.LookupEnv("CONVOY_NATIVE_REALM_ENABLED"); ok {
439459
c.Auth.Native.Enabled = override.Auth.Native.Enabled
440460
}
461+
462+
if _, ok := os.LookupEnv("CONVOY_JWT_REALM_ENABLED"); ok {
463+
c.Auth.Jwt.Enabled = override.Auth.Jwt.Enabled
464+
}
441465
}
442466

443467
// LoadConfig is used to load the configuration from either the json config file

convoy.env.example

+7-1
Original file line numberDiff line numberDiff line change
@@ -46,4 +46,10 @@ CONVOY_REQUIRE_AUTH=false
4646
CONVOY_BASIC_AUTH_CONFIG="[{\"username\": \"some-admin\",\"password\": \"some-password\",\"role\": {\"type\": \"super_user\",\"groups\": []}}]"
4747
CONVOY_API_KEY_CONFIG="[{\"api_key\":\"ABC1234\",\"role\":{\"type\":\"admin\",\"groups\":[\"group-uid-1\",\"group-uid-2\"],\"apps\":[\"apps-uid-1\",\"apps-uid-2\"]}}]"
4848

49-
CONVOY_NATIVE_REALM_ENABLED=true
49+
CONVOY_NATIVE_REALM_ENABLED=true
50+
51+
CONVOY_JWT_REALM_ENABLED=true
52+
CONVOY_JWT_SECRET=
53+
CONVOY_JWT_EXPIRY=
54+
CONVOY_JWT_REFRESH_SECRET=
55+
CONVOY_JWT_REFRESH_EXPIRY=

0 commit comments

Comments
 (0)