Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Doorkeeper client_secret obfuscation
# config/initializers/doorkeeper.rb
Doorkeeper.configure do
client_credentials :from_obfuscated_params
end
module Doorkeeper
module OAuth
class Client
module Methods
def from_obfuscated_params(request)
client_id, client_time, client_digest = request.parameters.values_at(:client_id, :client_time, :client_digest)
if Time.at(client_time.to_f).between?(15.minutes.ago, 15.minutes.from_now) and app = Doorkeeper::Application.by_uid(client_id)
calculated_digest = OpenSSL::HMAC::hexdigest(OpenSSL::Digest::SHA1.new, app.secret, client_time)
if Rack::Utils.secure_compare(client_digest, calculated_digest)
return [client_id, app.secret]
end
end
[client_id, nil]
end
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment