From 79bfd284198afa5d168ba1663ae3d86badfa3451 Mon Sep 17 00:00:00 2001
From: Bei Chu <914745487@qq.com>
Date: Wed, 20 Sep 2023 11:00:45 +0800
Subject: [PATCH] fix: Consider `DOZER_MASTER_SECRET` in `dozer security
 generate-token` (#2048)

---
 dozer-api/src/lib.rs                 |  1 +
 dozer-cli/src/simple/orchestrator.rs | 24 +++++++++++-------------
 2 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/dozer-api/src/lib.rs b/dozer-api/src/lib.rs
index ea3d1c59c9..d841775fa7 100644
--- a/dozer-api/src/lib.rs
+++ b/dozer-api/src/lib.rs
@@ -21,6 +21,7 @@ pub use tonic_reflection;
 pub use tonic_web;
 pub use tower_http;
 mod api_helper;
+pub use api_helper::get_api_security;
 
 #[derive(Debug)]
 pub struct CacheEndpoint {
diff --git a/dozer-cli/src/simple/orchestrator.rs b/dozer-cli/src/simple/orchestrator.rs
index 2c1d2dde99..b7694721b8 100644
--- a/dozer-cli/src/simple/orchestrator.rs
+++ b/dozer-cli/src/simple/orchestrator.rs
@@ -14,7 +14,7 @@ use crate::utils::{
 use crate::{flatten_join_handle, join_handle_map_err};
 use dozer_api::auth::{Access, Authorizer};
 use dozer_api::grpc::internal::internal_pipeline_server::start_internal_pipeline_server;
-use dozer_api::{grpc, rest, CacheEndpoint};
+use dozer_api::{get_api_security, grpc, rest, CacheEndpoint};
 use dozer_cache::cache::LmdbRwCacheManager;
 use dozer_cache::dozer_log::camino::Utf8PathBuf;
 use dozer_cache::dozer_log::home_dir::HomeDir;
@@ -276,18 +276,16 @@ impl SimpleOrchestrator {
     }
 
     pub fn generate_token(&self, ttl_in_secs: Option<i32>) -> Result<String, OrchestrationError> {
-        if let Some(api_config) = &self.config.api {
-            if let Some(api_security) = &api_config.api_security {
-                match api_security {
-                    dozer_types::models::api_security::ApiSecurity::Jwt(secret) => {
-                        let auth = Authorizer::new(secret, None, None);
-                        let duration =
-                            ttl_in_secs.map(|f| std::time::Duration::from_secs(f as u64));
-                        let token = auth
-                            .generate_token(Access::All, duration)
-                            .map_err(OrchestrationError::GenerateTokenFailed)?;
-                        return Ok(token);
-                    }
+        if let Some(api_security) = get_api_security(get_api_security_config(&self.config).cloned())
+        {
+            match api_security {
+                dozer_types::models::api_security::ApiSecurity::Jwt(secret) => {
+                    let auth = Authorizer::new(&secret, None, None);
+                    let duration = ttl_in_secs.map(|f| std::time::Duration::from_secs(f as u64));
+                    let token = auth
+                        .generate_token(Access::All, duration)
+                        .map_err(OrchestrationError::GenerateTokenFailed)?;
+                    return Ok(token);
                 }
             }
         }