Browse Source

Reset secret of web app that could have been exposed by Doorkeeper (#13688)

There are no obvious ways it could be misused, as the secret is not
really used for anything, but it is best to secure it for the future

Follow-up to #13613
Eugen Rochko 2 months ago
parent
commit
4b2d9b8a55
No account linked to committer's email address
2 changed files with 16 additions and 1 deletions
  1. 15
    0
      db/migrate/20200510110808_reset_web_app_secret.rb
  2. 1
    1
      db/schema.rb

+ 15
- 0
db/migrate/20200510110808_reset_web_app_secret.rb View File

@@ -0,0 +1,15 @@
1
+class ResetWebAppSecret < ActiveRecord::Migration[5.2]
2
+  disable_ddl_transaction!
3
+
4
+  def up
5
+    web_app = Doorkeeper::Application.find_by(superapp: true)
6
+
7
+    return if web_app.nil?
8
+
9
+    web_app.renew_secret
10
+    web_app.save!
11
+  end
12
+
13
+  def down
14
+  end
15
+end

+ 1
- 1
db/schema.rb View File

@@ -10,7 +10,7 @@
10 10
 #
11 11
 # It's strongly recommended that you check this file into your version control system.
12 12
 
13
-ActiveRecord::Schema.define(version: 2020_05_08_212852) do
13
+ActiveRecord::Schema.define(version: 2020_05_10_110808) do
14 14
 
15 15
   # These are extensions that must be enabled in order to support this database
16 16
   enable_extension "plpgsql"

Loading…
Cancel
Save