From 7b3cc13f6d978e3471a8e90b6d04f8583cd76217 Mon Sep 17 00:00:00 2001 From: Jose Celano Date: Mon, 12 Aug 2024 12:59:38 +0100 Subject: [PATCH 1/2] fix: [710] make secrets in config options mandatory - `tracker.token` - `auth.user_claim_token_pepper` It keeps the default for the SMPT server credential ebcuase they are not always needed. - `mail.smpt.credentials.password` --- .../default/config/index.container.mysql.toml | 6 ++++++ .../config/index.container.sqlite3.toml | 6 ++++++ .../config/index.development.sqlite3.toml | 6 ++++++ .../index.private.e2e.container.sqlite3.toml | 6 +++++- .../index.public.e2e.container.mysql.toml | 6 +++++- .../index.public.e2e.container.sqlite3.toml | 6 +++++- ...tracker.private.e2e.container.sqlite3.toml | 7 ++++++- .../tracker.public.e2e.container.sqlite3.toml | 6 ++++++ src/config/mod.rs | 19 ++++++++++++++++++- 9 files changed, 63 insertions(+), 5 deletions(-) diff --git a/share/default/config/index.container.mysql.toml b/share/default/config/index.container.mysql.toml index 1c865ab8..9bc28f58 100644 --- a/share/default/config/index.container.mysql.toml +++ b/share/default/config/index.container.mysql.toml @@ -11,6 +11,12 @@ threshold = "info" #threshold = "debug" #threshold = "trace" +[tracker] +token = "MyAccessToken" + +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [database] connect_url = "mysql://root:root_secret_password@mysql:3306/torrust_index" diff --git a/share/default/config/index.container.sqlite3.toml b/share/default/config/index.container.sqlite3.toml index 340c29fa..ab223343 100644 --- a/share/default/config/index.container.sqlite3.toml +++ b/share/default/config/index.container.sqlite3.toml @@ -11,6 +11,12 @@ threshold = "info" #threshold = "debug" #threshold = "trace" +[tracker] +token = "MyAccessToken" + +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [database] connect_url = "sqlite:///var/lib/torrust/index/database/sqlite3.db?mode=rwc" diff --git a/share/default/config/index.development.sqlite3.toml b/share/default/config/index.development.sqlite3.toml index 6998613e..4b4af3aa 100644 --- a/share/default/config/index.development.sqlite3.toml +++ b/share/default/config/index.development.sqlite3.toml @@ -11,6 +11,12 @@ threshold = "info" #threshold = "debug" #threshold = "trace" +[tracker] +token = "MyAccessToken" + +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + # Uncomment if you want to enable TSL for development #[net.tsl] #ssl_cert_path = "./storage/index/lib/tls/localhost.crt" diff --git a/share/default/config/index.private.e2e.container.sqlite3.toml b/share/default/config/index.private.e2e.container.sqlite3.toml index fdf43695..608bd419 100644 --- a/share/default/config/index.private.e2e.container.sqlite3.toml +++ b/share/default/config/index.private.e2e.container.sqlite3.toml @@ -15,8 +15,12 @@ threshold = "info" api_url = "http://tracker:1212" listed = false private = true +token = "MyAccessToken" url = "http://tracker:7070" +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [database] connect_url = "sqlite:///var/lib/torrust/index/database/e2e_testing_sqlite3.db?mode=rwc" @@ -25,4 +29,4 @@ port = 1025 server = "mailcatcher" [registration] -[registration.email] \ No newline at end of file +[registration.email] diff --git a/share/default/config/index.public.e2e.container.mysql.toml b/share/default/config/index.public.e2e.container.mysql.toml index 2d429d70..c6b4550e 100644 --- a/share/default/config/index.public.e2e.container.mysql.toml +++ b/share/default/config/index.public.e2e.container.mysql.toml @@ -13,8 +13,12 @@ threshold = "info" [tracker] api_url = "http://tracker:1212" +token = "MyAccessToken" url = "udp://tracker:6969" +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [database] connect_url = "mysql://root:root_secret_password@mysql:3306/torrust_index_e2e_testing" @@ -23,4 +27,4 @@ port = 1025 server = "mailcatcher" [registration] -[registration.email] \ No newline at end of file +[registration.email] diff --git a/share/default/config/index.public.e2e.container.sqlite3.toml b/share/default/config/index.public.e2e.container.sqlite3.toml index 4e364fb8..1b807154 100644 --- a/share/default/config/index.public.e2e.container.sqlite3.toml +++ b/share/default/config/index.public.e2e.container.sqlite3.toml @@ -13,8 +13,12 @@ threshold = "info" [tracker] api_url = "http://tracker:1212" +token = "MyAccessToken" url = "udp://tracker:6969" +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [database] connect_url = "sqlite:///var/lib/torrust/index/database/e2e_testing_sqlite3.db?mode=rwc" @@ -23,4 +27,4 @@ port = 1025 server = "mailcatcher" [registration] -[registration.email] \ No newline at end of file +[registration.email] diff --git a/share/default/config/tracker.private.e2e.container.sqlite3.toml b/share/default/config/tracker.private.e2e.container.sqlite3.toml index 028f1aa6..647d5cee 100644 --- a/share/default/config/tracker.private.e2e.container.sqlite3.toml +++ b/share/default/config/tracker.private.e2e.container.sqlite3.toml @@ -4,6 +4,12 @@ schema_version = "2.0.0" [logging] threshold = "info" +[tracker] +token = "MyAccessToken" + +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [core] listed = false private = true @@ -17,4 +23,3 @@ bind_address = "0.0.0.0:6969" [http_api] bind_address = "0.0.0.0:1212" - diff --git a/share/default/config/tracker.public.e2e.container.sqlite3.toml b/share/default/config/tracker.public.e2e.container.sqlite3.toml index 1b93d36a..e3f73d0b 100644 --- a/share/default/config/tracker.public.e2e.container.sqlite3.toml +++ b/share/default/config/tracker.public.e2e.container.sqlite3.toml @@ -4,6 +4,12 @@ schema_version = "2.0.0" [logging] threshold = "info" +[tracker] +token = "MyAccessToken" + +[auth] +user_claim_token_pepper = "MaxVerstappenWC2021" + [core] listed = false private = false diff --git a/src/config/mod.rs b/src/config/mod.rs index 5dfef8f0..a5935242 100644 --- a/src/config/mod.rs +++ b/src/config/mod.rs @@ -340,7 +340,12 @@ impl Configuration { /// Will return an error if a mandatory configuration option is only /// obtained by default value (code), meaning the user hasn't overridden it. fn check_mandatory_options(figment: &Figment) -> Result<(), Error> { - let mandatory_options = ["metadata.schema_version", "logging.threshold"]; + let mandatory_options = [ + "auth.user_claim_token_pepper", + "logging.threshold", + "metadata.schema_version", + "tracker.token", + ]; for mandatory_option in mandatory_options { figment @@ -512,6 +517,12 @@ mod tests { [logging] threshold = "info" + + [tracker] + token = "MyAccessToken" + + [auth] + user_claim_token_pepper = "MaxVerstappenWC2021" "#, )?; @@ -537,6 +548,12 @@ mod tests { [logging] threshold = "info" + + [tracker] + token = "MyAccessToken" + + [auth] + user_claim_token_pepper = "MaxVerstappenWC2021" "# .to_string(); From cb0e37579cee18ce0df39631ab1c0bfa564f3c30 Mon Sep 17 00:00:00 2001 From: Jose Celano Date: Mon, 12 Aug 2024 13:07:50 +0100 Subject: [PATCH 2/2] fix: [#653] rename auth.secret_key config option This changes were missing when the issue was implemented. See https://github.com/torrust/torrust-index/issues/653. --- compose.yaml | 2 +- .../dev-tools/container/e2e/sqlite/mode/private/e2e-env-up.sh | 2 +- .../dev-tools/container/e2e/sqlite/mode/public/e2e-env-up.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/compose.yaml b/compose.yaml index 9e533e15..3f63dde5 100644 --- a/compose.yaml +++ b/compose.yaml @@ -13,7 +13,7 @@ services: - TORRUST_INDEX_DATABASE=${TORRUST_INDEX_DATABASE:-e2e_testing_sqlite3} - TORRUST_INDEX_DATABASE_DRIVER=${TORRUST_INDEX_DATABASE_DRIVER:-sqlite3} - TORRUST_INDEX_CONFIG_OVERRIDE_TRACKER__TOKEN=${TORRUST_INDEX_CONFIG_OVERRIDE_TRACKER__TOKEN:-MyAccessToken} - - TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__SECRET_KEY=${TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__SECRET_KEY:-MaxVerstappenWC2021} + - TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__USER_CLAIM_TOKEN_PEPPER=${TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__USER_CLAIM_TOKEN_PEPPER:-MaxVerstappenWC2021} networks: - server_side ports: diff --git a/contrib/dev-tools/container/e2e/sqlite/mode/private/e2e-env-up.sh b/contrib/dev-tools/container/e2e/sqlite/mode/private/e2e-env-up.sh index 839ce5f4..f5151dc8 100755 --- a/contrib/dev-tools/container/e2e/sqlite/mode/private/e2e-env-up.sh +++ b/contrib/dev-tools/container/e2e/sqlite/mode/private/e2e-env-up.sh @@ -8,7 +8,7 @@ USER_ID=${USER_ID:-1000} \ TORRUST_INDEX_DATABASE="e2e_testing_sqlite3" \ TORRUST_INDEX_DATABASE_DRIVER="sqlite3" \ TORRUST_INDEX_CONFIG_OVERRIDE_TRACKER__TOKEN="MyAccessToken" \ - TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__SECRET_KEY="MaxVerstappenWC2021" \ + TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__USER_CLAIM_TOKEN_PEPPER="MaxVerstappenWC2021" \ TORRUST_TRACKER_CONFIG_TOML=$(cat ./share/default/config/tracker.private.e2e.container.sqlite3.toml) \ TORRUST_TRACKER_DATABASE="e2e_testing_sqlite3" \ TORRUST_TRACKER_CONFIG_OVERRIDE_CORE__DATABASE__DRIVER="sqlite3" \ diff --git a/contrib/dev-tools/container/e2e/sqlite/mode/public/e2e-env-up.sh b/contrib/dev-tools/container/e2e/sqlite/mode/public/e2e-env-up.sh index c252b47f..ebaae531 100755 --- a/contrib/dev-tools/container/e2e/sqlite/mode/public/e2e-env-up.sh +++ b/contrib/dev-tools/container/e2e/sqlite/mode/public/e2e-env-up.sh @@ -8,7 +8,7 @@ USER_ID=${USER_ID:-1000} \ TORRUST_INDEX_DATABASE="e2e_testing_sqlite3" \ TORRUST_INDEX_DATABASE_DRIVER="sqlite3" \ TORRUST_INDEX_CONFIG_OVERRIDE_TRACKER__TOKEN="MyAccessToken" \ - TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__SECRET_KEY="MaxVerstappenWC2021" \ + TORRUST_INDEX_CONFIG_OVERRIDE_AUTH__USER_CLAIM_TOKEN_PEPPER="MaxVerstappenWC2021" \ TORRUST_TRACKER_CONFIG_TOML=$(cat ./share/default/config/tracker.public.e2e.container.sqlite3.toml) \ TORRUST_TRACKER_DATABASE="e2e_testing_sqlite3" \ TORRUST_TRACKER_CONFIG_OVERRIDE_CORE__DATABASE__DRIVER="sqlite3" \