add Mutex to protect jwtKey random generation

free5gc · Jul 13, 2023 · 7d6542e · 7d6542e
1 parent 3e019d9
commit 7d6542e
Showing 1 changed file with 18 additions and 2 deletions.
diff --git a/backend/WebUI/api_webui.go b/backend/WebUI/api_webui.go
@@ -5,10 +5,12 @@ import (
 	"crypto/tls"
 	"encoding/json"
 	"fmt"
+	"math/rand"
 	"net/http"
 	"reflect"
 	"strconv"
 	"strings"
+	"sync"
 	"time"
 
 	"github.com/gin-gonic/gin"
@@ -38,6 +40,11 @@ const (
 	msisdnSupiMapColl = "subscriptionData.msisdnSupiMap"
 )
 
+var (
+	jwtKey = "" // for generating JWT
+	mu     *sync.Mutex
+)
+
 var httpsClient *http.Client
 
 func init() {
@@ -46,6 +53,7 @@ func init() {
 			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
 		},
 	}
+	mu = new(sync.Mutex)
 }
 
 func mapToByte(data map[string]interface{}) (ret []byte) {
@@ -400,11 +408,19 @@ func JWT(email, userId, tenantId string) string {
 	claims["email"] = email
 	claims["tenantId"] = tenantId
 
-	tokenString, err := token.SignedString([]byte(""))
+	mu.Lock()
+	if jwtKey == "" {
+		rand.Seed(time.Now().UnixNano())
+		jwtKey = strconv.Itoa(rand.Intn(2 << 32))
+	}
+	mu.Unlock()
+
+	tokenString, err := token.SignedString([]byte(jwtKey))
 	if err != nil {
 		logger.ProcLog.Errorf("JWT err: %+v", err)
 	}
 
+	fmt.Println("tokenString: ", tokenString)
 	return tokenString
 }
 
@@ -491,7 +507,7 @@ type AuthSub struct {
 // Parse JWT
 func ParseJWT(tokenStr string) (jwt.MapClaims, error) {
 	token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {
-		return []byte(""), nil
+		return []byte(uniqKey), nil
 	})
 	if err != nil {
 		return nil, errors.Wrap(err, "ParseJWT error")