fixed key to one line
This commit is contained in:
30
app.py
30
app.py
@@ -42,7 +42,7 @@ class FlicButtonHandler:
|
|||||||
}
|
}
|
||||||
|
|
||||||
# Ensure subscriptions file and directory exist
|
# Ensure subscriptions file and directory exist
|
||||||
self.subscriptions_file = os.getenv('SUBSCRIPTIONS_FILE', '/app/subscriptions.json')
|
self.subscriptions_file = os.getenv('SUBSCRIPTIONS_FILE', 'app/subscriptions.json')
|
||||||
self._ensure_subscriptions_file()
|
self._ensure_subscriptions_file()
|
||||||
|
|
||||||
# Load subscriptions
|
# Load subscriptions
|
||||||
@@ -70,26 +70,30 @@ class FlicButtonHandler:
|
|||||||
|
|
||||||
def _decode_vapid_private_key(self):
|
def _decode_vapid_private_key(self):
|
||||||
"""
|
"""
|
||||||
Decode and load the VAPID private key from base64 encoded string.
|
Load the VAPID private key from environment variable.
|
||||||
Returns the PEM-formatted private key as a string.
|
Handles the \n escaped format from .env file.
|
||||||
"""
|
"""
|
||||||
try:
|
try:
|
||||||
# Decode base64 private key
|
# Get the key from environment
|
||||||
private_key_pem = base64.urlsafe_b64decode(
|
env_key = os.getenv('VAPID_PRIVATE_KEY', '').strip()
|
||||||
os.getenv('VAPID_PRIVATE_KEY', '').encode('utf-8')
|
|
||||||
)
|
|
||||||
|
|
||||||
# Load private key to validate it
|
# Convert escaped newlines back to actual newlines
|
||||||
private_key = serialization.load_pem_private_key(
|
private_pem = env_key.replace('\\n', '\n')
|
||||||
private_key_pem,
|
|
||||||
|
# Verify PEM format
|
||||||
|
if not private_pem.startswith('-----BEGIN PRIVATE KEY-----'):
|
||||||
|
raise ValueError("Invalid PEM format")
|
||||||
|
|
||||||
|
# Validate the key
|
||||||
|
serialization.load_pem_private_key(
|
||||||
|
private_pem.encode('utf-8'),
|
||||||
password=None
|
password=None
|
||||||
)
|
)
|
||||||
|
|
||||||
# Return the original PEM string (pywebpush needs this format)
|
return private_pem
|
||||||
return private_key_pem.decode('utf-8')
|
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.error(f"Error loading VAPID private key: {e}")
|
logger.error(f"VAPID key error: {str(e)}")
|
||||||
raise
|
raise
|
||||||
|
|
||||||
def load_subscriptions(self) -> List[Dict]:
|
def load_subscriptions(self) -> List[Dict]:
|
||||||
|
|||||||
@@ -31,26 +31,33 @@ def generate_vapid_keys():
|
|||||||
# Generate EC private key
|
# Generate EC private key
|
||||||
private_key = ec.generate_private_key(ec.SECP256R1())
|
private_key = ec.generate_private_key(ec.SECP256R1())
|
||||||
|
|
||||||
# Serialize private key
|
# Serialize private key to PEM format
|
||||||
private_pem = private_key.private_bytes(
|
private_pem = private_key.private_bytes(
|
||||||
encoding=serialization.Encoding.PEM,
|
encoding=serialization.Encoding.PEM,
|
||||||
format=serialization.PrivateFormat.PKCS8,
|
format=serialization.PrivateFormat.PKCS8,
|
||||||
encryption_algorithm=serialization.NoEncryption()
|
encryption_algorithm=serialization.NoEncryption()
|
||||||
)
|
).decode('utf-8')
|
||||||
|
|
||||||
|
# Format for .env file (replace newlines with \n)
|
||||||
|
env_private_key = private_pem.strip().replace('\n', '\\n')
|
||||||
|
|
||||||
# Get public key
|
# Get public key
|
||||||
public_key = private_key.public_key()
|
public_key = private_key.public_key()
|
||||||
public_pem = public_key.public_bytes(
|
public_key_bytes = public_key.public_bytes(
|
||||||
encoding=serialization.Encoding.X962,
|
encoding=serialization.Encoding.X962,
|
||||||
format=serialization.PublicFormat.UncompressedPoint
|
format=serialization.PublicFormat.UncompressedPoint
|
||||||
)
|
)
|
||||||
|
|
||||||
# Base64 encode keys
|
# Store keys
|
||||||
env_vars['VAPID_PRIVATE_KEY'] = base64.urlsafe_b64encode(private_pem).decode('utf-8')
|
env_vars['VAPID_PRIVATE_KEY'] = env_private_key # Single-line format
|
||||||
env_vars['VAPID_PUBLIC_KEY'] = base64.urlsafe_b64encode(public_pem).decode('utf-8')
|
env_vars['VAPID_PUBLIC_KEY'] = base64.urlsafe_b64encode(public_key_bytes).decode('utf-8')
|
||||||
print("New VAPID keys generated and added to .env file.")
|
|
||||||
|
print("New VAPID keys generated in .env-compatible format.")
|
||||||
else:
|
else:
|
||||||
print("Existing VAPID keys found in .env file - no changes made.")
|
print("Existing VAPID keys found - no changes made.")
|
||||||
|
# Verify existing key format
|
||||||
|
if '-----BEGIN PRIVATE KEY-----' not in env_vars['VAPID_PRIVATE_KEY']:
|
||||||
|
print("Warning: Existing private key doesn't appear to be in PEM format!")
|
||||||
|
|
||||||
# Ensure we have all required configuration variables with defaults if missing
|
# Ensure we have all required configuration variables with defaults if missing
|
||||||
defaults = {
|
defaults = {
|
||||||
|
|||||||
Reference in New Issue
Block a user