-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[oauth2] Store hashed secret instead of encrypted #47635
Conversation
/compile |
/backport to stable30 |
/backport to stable29 |
/backport to stable28 |
/backport to stable27 |
@@ -138,7 +138,8 @@ | |||
} | |||
|
|||
try { | |||
$storedClientSecret = $this->crypto->decrypt($client->getSecret()); | |||
$storedClientSecretHash = $client->getSecret(); | |||
$clientSecretHash = bin2hex($this->crypto->calculateHMAC($client_secret)); |
Check notice
Code scanning / Psalm
PossiblyNullArgument Note
cd765c2
to
43ae7d2
Compare
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
43ae7d2
to
120e7e8
Compare
/compile |
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
The backport to # Switch to the target branch and update it
git checkout stable27
git pull origin stable27
# Create the new backport branch
git checkout -b backport/47635/stable27
# Cherry pick the change from the commit sha1 of the change against the default branch
# This might cause conflicts, resolve them
git cherry-pick 034917b7 120e7e83 5b98abcf
# Push the cherry pick commit to the remote repository and open a pull request
git push origin backport/47635/stable27 Error: Failed to clone repository: Failed to checkout branches: Updating 1cc7851..09b8aea
Learn more about backports at https://docs.nextcloud.com/server/stable/go.php?to=developer-backports. |
The backport to # Switch to the target branch and update it
git checkout stable28
git pull origin stable28
# Create the new backport branch
git checkout -b backport/47635/stable28
# Cherry pick the change from the commit sha1 of the change against the default branch
# This might cause conflicts, resolve them
git cherry-pick 034917b7 120e7e83 5b98abcf
# Push the cherry pick commit to the remote repository and open a pull request
git push origin backport/47635/stable28 Error: Failed to clone repository: Failed to checkout branches: Updating 1cc7851..09b8aea
Learn more about backports at https://docs.nextcloud.com/server/stable/go.php?to=developer-backports. |
The backport to # Switch to the target branch and update it
git checkout stable29
git pull origin stable29
# Create the new backport branch
git checkout -b backport/47635/stable29
# Cherry pick the change from the commit sha1 of the change against the default branch
# This might cause conflicts, resolve them
git cherry-pick 034917b7 120e7e83 5b98abcf
# Push the cherry pick commit to the remote repository and open a pull request
git push origin backport/47635/stable29 Error: Failed to clone repository: Failed to checkout branches: Updating 1cc7851..09b8aea
Learn more about backports at https://docs.nextcloud.com/server/stable/go.php?to=developer-backports. |
The backport to # Switch to the target branch and update it
git checkout stable30
git pull origin stable30
# Create the new backport branch
git checkout -b backport/47635/stable30
# Cherry pick the change from the commit sha1 of the change against the default branch
# This might cause conflicts, resolve them
git cherry-pick 034917b7 120e7e83 5b98abcf
# Push the cherry pick commit to the remote repository and open a pull request
git push origin backport/47635/stable30 Error: Failed to clone repository: Failed to checkout branches: Updating 1cc7851..09b8aea
Learn more about backports at https://docs.nextcloud.com/server/stable/go.php?to=developer-backports. |
Store the oauth2 secrets as hash instead of encrypting them. Then they can be validated but not recovered.
UI adjustment: