Add alternative ways to generate cookie secrets to docs

2025-01-24 05:26:55 +02:00 · 2021-03-14 19:48:26 +00:00 · 2021-03-14 19:48:26 +00:00 · a0e2f785f3
commit a0e2f785f3
parent 06808704a3
4 changed files with 169 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -8,6 +8,7 @@

 ## Changes since v7.1.3

+- [#1108](https://github.com/oauth2-proxy/oauth2-proxy/pull/1108) Add alternative ways to generate cookie secrets to docs (@JoelSpeed)
 - [#1142](https://github.com/oauth2-proxy/oauth2-proxy/pull/1142) Add pagewriter to upstream proxy (@JoelSpeed)
 - [#1181](https://github.com/oauth2-proxy/oauth2-proxy/pull/1181) Fix incorrect `cfg` name in show-debug-on-error flag (@iTaybb)

--- a/docs/docs/configuration/overview.md
+++ b/docs/docs/configuration/overview.md
@ -7,7 +7,62 @@ title: Overview

 ### Generating a Cookie Secret

-To generate a strong cookie secret use `python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(16)).decode())'`
+To generate a strong cookie secret use one of the below commands:
+
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+<Tabs
+  defaultValue="python"
+  values={[
+    {label: 'Python', value: 'python'},
+    {label: 'Bash', value: 'bash'},
+    {label: 'OpenSSL', value: 'openssl'},
+    {label: 'PowerShell', value: 'powershell'},
+    {label: 'Terraform', value: 'terraform'},
+  ]}>
+  <TabItem value="python">
+
+  ```shell
+  python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())'
+  ```
+
+  </TabItem>
+  <TabItem value="bash">
+
+  ```shell
+  cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 | base64
+  ```
+
+  </TabItem>
+  <TabItem value="openssl">
+
+  ```shell
+  openssl rand -base64 32 | tr -- '+/' '-_'
+  ```
+
+  </TabItem>
+  <TabItem value="powershell">
+
+  ```shell
+  # Add System.Web assembly to session, just in case
+  Add-Type -AssemblyName System.Web
+  [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes([System.Web.Security.Membership]::GeneratePassword(32,4))).Replace("+","-").Replace("/","_")
+  ```
+
+  </TabItem>
+  <TabItem value="terraform">
+
+  ```shell
+  # Valid 32 Byte Base64 URL encoding set that will decode to 24 []byte AES-192 secret
+  resource "random_password" "cookie_secret" {
+    length           = 32
+    override_special = "-_"
+  }
+  ```
+
+  </TabItem>
+</Tabs>

 ### Config File

--- a/docs/versioned_docs/version-6.1.x/configuration/overview.md
+++ b/docs/versioned_docs/version-6.1.x/configuration/overview.md
@ -7,7 +7,62 @@ title: Overview

 ### Generating a Cookie Secret

-To generate a strong cookie secret use `python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(16)).decode())'`
+To generate a strong cookie secret use one of the below commands:
+
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+<Tabs
+  defaultValue="python"
+  values={[
+    {label: 'Python', value: 'python'},
+    {label: 'Bash', value: 'bash'},
+    {label: 'OpenSSL', value: 'openssl'},
+    {label: 'PowerShell', value: 'powershell'},
+    {label: 'Terraform', value: 'terraform'},
+  ]}>
+  <TabItem value="python">
+
+  ```shell
+  python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())'
+  ```
+
+  </TabItem>
+  <TabItem value="bash">
+
+  ```shell
+  cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 | base64
+  ```
+
+  </TabItem>
+  <TabItem value="openssl">
+
+  ```shell
+  openssl rand -base64 32 | tr -- '+/' '-_'
+  ```
+
+  </TabItem>
+  <TabItem value="powershell">
+
+  ```shell
+  # Add System.Web assembly to session, just in case
+  Add-Type -AssemblyName System.Web
+  [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes([System.Web.Security.Membership]::GeneratePassword(32,4))).Replace("+","-").Replace("/","_")
+  ```
+
+  </TabItem>
+  <TabItem value="terraform">
+
+  ```shell
+  # Valid 32 Byte Base64 URL encoding set that will decode to 24 []byte AES-192 secret
+  resource "random_password" "cookie_secret" {
+    length           = 32
+    override_special = "-_"
+  }
+  ```
+
+  </TabItem>
+</Tabs>

 ### Config File

--- a/docs/versioned_docs/version-7.0.x/configuration/overview.md
+++ b/docs/versioned_docs/version-7.0.x/configuration/overview.md
@ -7,7 +7,62 @@ title: Overview

 ### Generating a Cookie Secret

-To generate a strong cookie secret use `python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(16)).decode())'`
+To generate a strong cookie secret use one of the below commands:
+
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+<Tabs
+  defaultValue="python"
+  values={[
+    {label: 'Python', value: 'python'},
+    {label: 'Bash', value: 'bash'},
+    {label: 'OpenSSL', value: 'openssl'},
+    {label: 'PowerShell', value: 'powershell'},
+    {label: 'Terraform', value: 'terraform'},
+  ]}>
+  <TabItem value="python">
+
+  ```shell
+  python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())'
+  ```
+
+  </TabItem>
+  <TabItem value="bash">
+
+  ```shell
+  cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 | base64
+  ```
+
+  </TabItem>
+  <TabItem value="openssl">
+
+  ```shell
+  openssl rand -base64 32 | tr -- '+/' '-_'
+  ```
+
+  </TabItem>
+  <TabItem value="powershell">
+
+  ```shell
+  # Add System.Web assembly to session, just in case
+  Add-Type -AssemblyName System.Web
+  [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes([System.Web.Security.Membership]::GeneratePassword(32,4))).Replace("+","-").Replace("/","_")
+  ```
+
+  </TabItem>
+  <TabItem value="terraform">
+
+  ```shell
+  # Valid 32 Byte Base64 URL encoding set that will decode to 24 []byte AES-192 secret
+  resource "random_password" "cookie_secret" {
+    length           = 32
+    override_special = "-_"
+  }
+  ```
+
+  </TabItem>
+</Tabs>

 ### Config File