Port "Use general token signing secret"

Port of https://github.com/go-gitea/gitea/pull/29205 Use a clearly defined "signing secret" for token signing. (cherry picked from commit 8be198cdef0a486f417663b1fd6878458d7e5d92)
2025-08-19 17:01:12 +00:00 · 2024-02-19 01:39:04 +08:00 · 2024-02-19 01:39:04 +08:00 · 62d3e5255f
commit 62d3e5255f
parent cfd6420a0e
13 changed files with 131 additions and 61 deletions
--- a/services/actions/auth_test.go
+++ b/services/actions/auth_test.go
@ -20,7 +20,7 @@ func TestCreateAuthorizationToken(t *testing.T) {
 	assert.NotEqual(t, "", token)
 	claims := jwt.MapClaims{}
 	_, err = jwt.ParseWithClaims(token, claims, func(t *jwt.Token) (interface{}, error) {
-		return []byte(setting.SecretKey), nil
+		return setting.GetGeneralTokenSigningSecret(), nil
 	})
 	assert.Nil(t, err)
 	scp, ok := claims["scp"]