fix(oauth2): store hashed secret instead of encrypted

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
author: Julien Veyssier <julien-nc@posteo.net> 2024-08-29 17:28:01 +0200
committer: Julien Veyssier <julien-nc@posteo.net> 2024-09-02 14:38:39 +0200
commit: 034917b7900c77d0e54c3394c6bfb7839aee827a (patch)
tree: d6ba971522827d3bab9a8eaf01d0c6e3b6677ea4 /apps/oauth2/lib/Controller/SettingsController.php
parent: 796405883d214e6e4f3fa1497c036828efee0d62 (diff)
download: nextcloud-server-034917b7900c77d0e54c3394c6bfb7839aee827a.tar.gz
nextcloud-server-034917b7900c77d0e54c3394c6bfb7839aee827a.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/oauth2/lib/Controller/SettingsController.php b/apps/oauth2/lib/Controller/SettingsController.php
index ce85598d08d..f16b26696c4 100644
--- a/apps/oauth2/lib/Controller/SettingsController.php
+++ b/apps/oauth2/lib/Controller/SettingsController.php
@@ -50,8 +50,8 @@ class SettingsController extends Controller {
 		$client->setName($name);
 		$client->setRedirectUri($redirectUri);
 		$secret = $this->secureRandom->generate(64, self::validChars);
-		$encryptedSecret = $this->crypto->encrypt($secret);
-		$client->setSecret($encryptedSecret);
+		$hashedSecret = bin2hex($this->crypto->calculateHMAC($secret));
+		$client->setSecret($hashedSecret);
 		$client->setClientIdentifier($this->secureRandom->generate(64, self::validChars));
 		$client = $this->clientMapper->insert($client);
author	Julien Veyssier <julien-nc@posteo.net>	2024-08-29 17:28:01 +0200
committer	Julien Veyssier <julien-nc@posteo.net>	2024-09-02 14:38:39 +0200
commit	034917b7900c77d0e54c3394c6bfb7839aee827a (patch)
tree	d6ba971522827d3bab9a8eaf01d0c6e3b6677ea4 /apps/oauth2/lib/Controller/SettingsController.php
parent	796405883d214e6e4f3fa1497c036828efee0d62 (diff)
download	nextcloud-server-034917b7900c77d0e54c3394c6bfb7839aee827a.tar.gz nextcloud-server-034917b7900c77d0e54c3394c6bfb7839aee827a.zip