add tokenmanager to userlog to fix startup

2025-12-31 01:10:20 -06:00 · 2023-03-02 08:39:56 +01:00
parent ab41d0ae45
commit 1234429a8d
4 changed files with 24 additions and 1 deletions
--- a/services/userlog/pkg/config/config.go
+++ b/services/userlog/pkg/config/config.go
@@ -18,6 +18,8 @@ type Config struct {
 	HTTP          HTTP                  `yaml:"http"`
 	GRPCClientTLS *shared.GRPCClientTLS `yaml:"grpc_client_tls"`

+	TokenManager *TokenManager `yaml:"token_manager"`
+
 	MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;USERLOG_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary to access resources from other services."`
 	RevaGateway       string `yaml:"reva_gateway" env:"REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata"`
 	Events            Events `yaml:"events"`
@@ -60,3 +62,8 @@ type HTTP struct {
 	CORS      CORS                  `yaml:"cors"`
 	TLS       shared.HTTPServiceTLS `yaml:"tls"`
 }
+
+// TokenManager is the config for using the reva token manager
+type TokenManager struct {
+	JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;USERLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens."`
+}
--- a/services/userlog/pkg/config/defaults/defaultconfig.go
+++ b/services/userlog/pkg/config/defaults/defaultconfig.go
@@ -69,6 +69,14 @@ func EnsureDefaults(cfg *config.Config) {
 		}
 	}

+	if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil {
+		cfg.TokenManager = &config.TokenManager{
+			JWTSecret: cfg.Commons.TokenManager.JWTSecret,
+		}
+	} else if cfg.TokenManager == nil {
+		cfg.TokenManager = &config.TokenManager{}
+	}
+
 	if cfg.Commons != nil {
 		cfg.HTTP.TLS = cfg.Commons.HTTPServiceTLS
 	}
--- a/services/userlog/pkg/config/parser/parse.go
+++ b/services/userlog/pkg/config/parser/parse.go
@@ -39,5 +39,9 @@ func Validate(cfg *config.Config) error {
 		return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
 	}

+	if cfg.TokenManager.JWTSecret == "" {
+		return shared.MissingJWTTokenError(cfg.Service.Name)
+	}
+
 	return nil
 }
--- a/services/userlog/pkg/server/http/server.go
+++ b/services/userlog/pkg/server/http/server.go
@@ -7,6 +7,7 @@ import (

 	"github.com/go-chi/chi/v5"
 	chimiddleware "github.com/go-chi/chi/v5/middleware"
+	"github.com/owncloud/ocis/v2/ocis-pkg/account"
 	"github.com/owncloud/ocis/v2/ocis-pkg/middleware"
 	"github.com/owncloud/ocis/v2/ocis-pkg/service/http"
 	"github.com/owncloud/ocis/v2/ocis-pkg/version"
@@ -49,7 +50,10 @@ func Server(opts ...Option) (http.Service, error) {
 		middleware.Logger(
 			options.Logger,
 		),
-		middleware.ExtractAccountUUID(),
+		middleware.ExtractAccountUUID(
+			account.Logger(options.Logger),
+			account.JWTSecret(options.Config.TokenManager.JWTSecret),
+		),
 	}

 	mux := chi.NewMux()