aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth/authentication/oauth2
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-05-30 11:27:17 +0300
committerFrederick Muriuki Muriithi2023-05-30 11:27:17 +0300
commit0b0da1783bc701e74a1972869bdb221a3c9a6b2a (patch)
tree6467594957167722726963387275a72c5db9cff1 /gn3/auth/authentication/oauth2
parent2aa7abf383df814f24c88beea733c324cda682d0 (diff)
downloadgenenetwork3-0b0da1783bc701e74a1972869bdb221a3c9a6b2a.tar.gz
auth: Change check for client secret
We are saving the client secret in an encrypted form, meaning we have to verify that the CLIENT_SECRET that is provided is the same one as was generated at registration in a different way. Initially, I was doing a direct comparison, having saved the CLIENT_SECRET value as unencrypted plain-text.
Diffstat (limited to 'gn3/auth/authentication/oauth2')
-rw-r--r--gn3/auth/authentication/oauth2/models/oauth2client.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/gn3/auth/authentication/oauth2/models/oauth2client.py b/gn3/auth/authentication/oauth2/models/oauth2client.py
index da20200..14c4c94 100644
--- a/gn3/auth/authentication/oauth2/models/oauth2client.py
+++ b/gn3/auth/authentication/oauth2/models/oauth2client.py
@@ -27,7 +27,7 @@ class OAuth2Client(NamedTuple):
def check_client_secret(self, client_secret: str) -> bool:
"""Check whether the `client_secret` matches this client."""
- return self.client_secret == client_secret
+ return same_password(client_secret, self.client_secret)
@property
def token_endpoint_auth_method(self) -> str: