diff options
author | Frederick Muriuki Muriithi | 2023-05-30 11:27:17 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-05-30 11:27:17 +0300 |
commit | 0b0da1783bc701e74a1972869bdb221a3c9a6b2a (patch) | |
tree | 6467594957167722726963387275a72c5db9cff1 /gn3/auth/authentication/oauth2 | |
parent | 2aa7abf383df814f24c88beea733c324cda682d0 (diff) | |
download | genenetwork3-0b0da1783bc701e74a1972869bdb221a3c9a6b2a.tar.gz |
auth: Change check for client secret
We are saving the client secret in an encrypted form, meaning we have to
verify that the CLIENT_SECRET that is provided is the same one as was
generated at registration in a different way.
Initially, I was doing a direct comparison, having saved the CLIENT_SECRET
value as unencrypted plain-text.
Diffstat (limited to 'gn3/auth/authentication/oauth2')
-rw-r--r-- | gn3/auth/authentication/oauth2/models/oauth2client.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/gn3/auth/authentication/oauth2/models/oauth2client.py b/gn3/auth/authentication/oauth2/models/oauth2client.py index da20200..14c4c94 100644 --- a/gn3/auth/authentication/oauth2/models/oauth2client.py +++ b/gn3/auth/authentication/oauth2/models/oauth2client.py @@ -27,7 +27,7 @@ class OAuth2Client(NamedTuple): def check_client_secret(self, client_secret: str) -> bool: """Check whether the `client_secret` matches this client.""" - return self.client_secret == client_secret + return same_password(client_secret, self.client_secret) @property def token_endpoint_auth_method(self) -> str: |