projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fcb8702) | patch
Bug 28772: Make Koha::ApiKey->store encrypt the secret
authorTomas Cohen Arazi <tomascohen@theke.io>
Thu, 26 Aug 2021 23:24:43 +0000 (20:24 -0300)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 30 Sep 2021 07:19:05 +0000 (09:19 +0200)
commit26a1b38573157ff0fffeb33cfc7ef34af7c4a33b
tree6cfe2fe5f8ad3aa1f81d3331fb3f790622b9cd27tree | snapshot
parentfcb87024ad97c6a0a8be756aa6977c7bbd17839dcommit | diff
Bug 28772: Make Koha::ApiKey->store encrypt the secret

This patch refactors the Koha::ApiKey class so:
- It encrypts the generated secret
- Allows accessing the plain text secret only immediately after the key
  creation (this implies that it won't be accessible if the key is
  fetched from the DB).
- It implements an allow list for attributes, that are not read only.
  Changing any other of them will make ->store throw an exception.
- A method for validating plain text secrets against the encrypted one
  is added.
- A method for accessing the plain text secret is added. Returns undef
  if the object is not 'fresh'.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/ApiKey.t
=> SUCCESS: Tests pass! Expected behavior is confirmed
3. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Koha/ApiKey.pm diff | blob | history
t/db_dependent/Koha/ApiKey.t [new file with mode: 0755] blob
t/db_dependent/Koha/ApiKeys.t [deleted file] blob | history
Main Koha release repository