#344 /admin/providers/openidc/admin/new client_secret prefilled
Opened a month ago by bmwiedemann. Modified a month ago

When creating multiple new OIDC clients via /admin/providers/openidc/admin/new
the 2nd and 3rd got prefilled with information from the previously created one. That is nice.

However, it invisibly also prefilled the client_secret field that is marked as read-only in the web-UI. Thus the new credentials looked like this:

foo
AmLgs62e3P3d42WUQgJgVDGo0hKwRrDA

bar
AmLgs62e3P3d42WUQgJgVDGo0hKwRrDA

Even a logout+login did not help.
Even switching from firefox to chromium did not help.

Because the secret field is also read-only after creation, a workaround was to

cd /usr/lib/python3.6/site-packages/ipsilon &&
python3 -c 'import util.security; print(util.security.generate_random_secure_string())'

to generate 3 new random secrets and

sqlite3 /var/lib/ipsilon/root/openidc.static.sqlite
UPDATE client SET value="""XXX""" WHERE name="foo" AND option="client_secret";

It seems, an apache restart cleared the cache.

Login to comment on this ticket.

Metadata