From 31444259a0f0ca08ebefe23bb570bab59f6c3046 Mon Sep 17 00:00:00 2001 From: Michael Kochell <6913320+mickmister@users.noreply.github.com> Date: Wed, 13 Dec 2023 17:49:07 -0500 Subject: [PATCH 1/4] support client secrets longer than 64 chars --- server/flow.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/server/flow.go b/server/flow.go index 4f7d77aa8..c9a3cfb17 100644 --- a/server/flow.go +++ b/server/flow.go @@ -509,8 +509,8 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientID = strings.TrimSpace(clientID) - if len(clientID) != 64 { - errorList["client_id"] = "Client ID should be 64 characters long" + if len(clientID) < 64 { + errorList["client_id"] = "Client ID should be at least 64 characters long" } clientSecretRaw, ok := submitted["client_secret"] @@ -524,8 +524,8 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientSecret = strings.TrimSpace(clientSecret) - if len(clientSecret) != 64 { - errorList["client_secret"] = "Client Secret should be 64 characters long" + if len(clientSecret) < 64 { + errorList["client_secret"] = "Client Secret should be at least 64 characters long" } if len(errorList) != 0 { From 05d33c4821e9b0ae6aea9ee4b92e315d576e499b Mon Sep 17 00:00:00 2001 From: Michael Kochell <6913320+mickmister@users.noreply.github.com> Date: Wed, 13 Dec 2023 17:53:53 -0500 Subject: [PATCH 2/4] remove length check --- server/flow.go | 8 -------- 1 file changed, 8 deletions(-) diff --git a/server/flow.go b/server/flow.go index c9a3cfb17..980acdcb4 100644 --- a/server/flow.go +++ b/server/flow.go @@ -509,10 +509,6 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientID = strings.TrimSpace(clientID) - if len(clientID) < 64 { - errorList["client_id"] = "Client ID should be at least 64 characters long" - } - clientSecretRaw, ok := submitted["client_secret"] if !ok { return "", nil, nil, errors.New("client_secret missing") @@ -524,10 +520,6 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientSecret = strings.TrimSpace(clientSecret) - if len(clientSecret) < 64 { - errorList["client_secret"] = "Client Secret should be at least 64 characters long" - } - if len(errorList) != 0 { return "", nil, errorList, nil } From ea80b0d75d05961d849c7d97f41c48b8e5694c07 Mon Sep 17 00:00:00 2001 From: Michael Kochell <6913320+mickmister@users.noreply.github.com> Date: Thu, 14 Dec 2023 14:04:15 -0500 Subject: [PATCH 3/4] change client secret length check to assume at least 64 chars --- server/flow.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/server/flow.go b/server/flow.go index 980acdcb4..53a91668d 100644 --- a/server/flow.go +++ b/server/flow.go @@ -509,6 +509,10 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientID = strings.TrimSpace(clientID) + if len(clientID) < 64 { + errorList["client_id"] = "Client ID should be 64 characters long" + } + clientSecretRaw, ok := submitted["client_secret"] if !ok { return "", nil, nil, errors.New("client_secret missing") @@ -520,6 +524,10 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientSecret = strings.TrimSpace(clientSecret) + if len(clientSecret) < 64 { + errorList["client_secret"] = "Client Secret should be 64 characters long" + } + if len(errorList) != 0 { return "", nil, errorList, nil } From 0e38b4e59bf3b42a60cefb32a06afea999dea65d Mon Sep 17 00:00:00 2001 From: Michael Kochell <6913320+mickmister@users.noreply.github.com> Date: Thu, 14 Dec 2023 14:29:48 -0500 Subject: [PATCH 4/4] change wording of error message --- server/flow.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/flow.go b/server/flow.go index 53a91668d..c9a3cfb17 100644 --- a/server/flow.go +++ b/server/flow.go @@ -510,7 +510,7 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientID = strings.TrimSpace(clientID) if len(clientID) < 64 { - errorList["client_id"] = "Client ID should be 64 characters long" + errorList["client_id"] = "Client ID should be at least 64 characters long" } clientSecretRaw, ok := submitted["client_secret"] @@ -525,7 +525,7 @@ func (fm *FlowManager) submitOAuthConfig(f *flow.Flow, submitted map[string]inte clientSecret = strings.TrimSpace(clientSecret) if len(clientSecret) < 64 { - errorList["client_secret"] = "Client Secret should be 64 characters long" + errorList["client_secret"] = "Client Secret should be at least 64 characters long" } if len(errorList) != 0 {