From 55bf16c06daba5cf4ce7f5dfb670d175494b010c Mon Sep 17 00:00:00 2001
From: Eric Mc Sween <eric.mcsween@overleaf.com>
Date: Thu, 10 Dec 2020 08:32:40 -0500
Subject: [PATCH] Merge pull request #3437 from
 overleaf/em-project-specific-blobs

Use per-project v1 history blob URLs for git-bridge

GitOrigin-RevId: b68ee2129ceb57f4b7f68262c5bcbadc0952b56f
---
 .../app/src/infrastructure/JsonWebToken.js    | 22 +++++++++++++++++++
 services/web/config/settings.defaults.coffee  |  4 ++++
 services/web/docker-compose.ci.yml            |  1 +
 services/web/docker-compose.yml               |  1 +
 4 files changed, 28 insertions(+)
 create mode 100644 services/web/app/src/infrastructure/JsonWebToken.js

diff --git a/services/web/app/src/infrastructure/JsonWebToken.js b/services/web/app/src/infrastructure/JsonWebToken.js
new file mode 100644
index 0000000000..a1716cc86c
--- /dev/null
+++ b/services/web/app/src/infrastructure/JsonWebToken.js
@@ -0,0 +1,22 @@
+const { callbackify, promisify } = require('util')
+const JWT = require('jsonwebtoken')
+const Settings = require('settings-sharelatex')
+
+const jwtSign = promisify(JWT.sign)
+
+async function sign(payload, options = {}) {
+  const key = Settings.jwt.key
+  const algorithm = Settings.jwt.algorithm
+  if (!key || !algorithm) {
+    throw new Error('missing JWT configuration')
+  }
+  const token = await jwtSign(payload, key, { ...options, algorithm })
+  return token
+}
+
+module.exports = {
+  sign: callbackify(sign),
+  promises: {
+    sign
+  }
+}
diff --git a/services/web/config/settings.defaults.coffee b/services/web/config/settings.defaults.coffee
index 3de634e49e..4af56d9505 100644
--- a/services/web/config/settings.defaults.coffee
+++ b/services/web/config/settings.defaults.coffee
@@ -258,6 +258,10 @@ module.exports = settings =
 		enabled: process.env['TWO_FACTOR_AUTHENTICATION_ENABLED'] == 'true'
 		requiredForStaff: process.env['TWO_FACTOR_AUTHENTICATION_REQUIRED_FOR_STAFF'] == 'true'
 
+	jwt:
+		key: process.env['OT_JWT_AUTH_KEY']
+		algorithm: process.env['OT_JWT_AUTH_ALG'] || 'HS256'
+
 	# Default features
 	# ----------------
 	#
diff --git a/services/web/docker-compose.ci.yml b/services/web/docker-compose.ci.yml
index 2400f38afd..e1babb47d7 100644
--- a/services/web/docker-compose.ci.yml
+++ b/services/web/docker-compose.ci.yml
@@ -33,6 +33,7 @@ services:
       COOKIE_DOMAIN: .overleaf.test
       PUBLIC_URL: 'http://www.overleaf.test:3000'
       HTTP_TEST_HOST: www.overleaf.test
+      OT_JWT_AUTH_KEY: "very secret key"
     extra_hosts:
       - 'www.overleaf.test:127.0.0.1'
     command: npm run test:acceptance:app
diff --git a/services/web/docker-compose.yml b/services/web/docker-compose.yml
index 22c01df089..f107b5e5d1 100644
--- a/services/web/docker-compose.yml
+++ b/services/web/docker-compose.yml
@@ -42,6 +42,7 @@ services:
       COOKIE_DOMAIN: .overleaf.test
       PUBLIC_URL: 'http://www.overleaf.test:3000'
       HTTP_TEST_HOST: www.overleaf.test
+      OT_JWT_AUTH_KEY: "very secret key"
     extra_hosts:
       - 'www.overleaf.test:127.0.0.1'
     depends_on: