Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: update deriveCookieSecret to meet oauth2-proxy requirements

Browse Source
This commit is contained in:
Mauricio Siu
2026-06-07 00:50:20 -06:00
parent 0f77c40ee3
commit c1c887d03c
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
packages/server/src/setup/forward-auth-setup.ts
View File

@@ -38,9 +38,12 @@ export const forwardAuthCallbackUrl = (
): string => `${https ? "https" : "http"}://${authDomain}/oauth2/callback`; ): string => `${https ? "https" : "http"}://${authDomain}/oauth2/callback`;
export const deriveCookieSecret = (salt: string): string => { export const deriveCookieSecret = (salt: string): string => {
// oauth2-proxy requires cookie_secret to be exactly 16, 24, or 32 bytes.
// Take the first 32 hex chars (= 16 bytes) to satisfy that constraint.
return createHmac("sha256", betterAuthSecret) return createHmac("sha256", betterAuthSecret)
.update(`forward-auth:${salt}`) .update(`forward-auth:${salt}`)
.digest("base64"); .digest("hex")
.slice(0, 32);
}; };
export const buildForwardAuthEnv = ( export const buildForwardAuthEnv = (