use jwt instead of basicAuth for webEnv (#10246)

master
Harshavardhana 4 years ago committed by GitHub
parent 6914b2c99d
commit 900eebb9a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 16
      pkg/env/web_env.go

16
pkg/env/web_env.go vendored

@ -30,6 +30,8 @@ import (
"os" "os"
"regexp" "regexp"
"time" "time"
"github.com/dgrijalva/jwt-go"
) )
const ( const (
@ -96,10 +98,20 @@ func fetchEnvHTTP(envKey string, u *url.URL) (string, error) {
return "", err return "", err
} }
if username != "" && password != "" { claims := &jwt.StandardClaims{
req.SetBasicAuth(username, password) ExpiresAt: int64(15 * time.Minute),
Issuer: username,
Subject: envKey,
}
token := jwt.NewWithClaims(jwt.SigningMethodHS512, claims)
ss, err := token.SignedString([]byte(password))
if err != nil {
return "", err
} }
req.Header.Set("Authorization", "Bearer "+ss)
clnt := &http.Client{ clnt := &http.Client{
Transport: &http.Transport{ Transport: &http.Transport{
Proxy: http.ProxyFromEnvironment, Proxy: http.ProxyFromEnvironment,

Loading…
Cancel
Save