OneAuth

Commit Graph

Author	SHA1	Message	Date
veypi	69efc4284b	fix(api/oauth): encrypt ClientSecret in database Encrypt OAuth Provider ClientSecret before storing in database to prevent sensitive credential exposure in case of database breach. - Encrypt ClientSecret on create using cfg.Config.Key.Encrypt() - Encrypt ClientSecret on update when provided - Decrypt ClientSecret before use in OAuth token exchange - Add AES-GCM encryption/decryption functions to crypto package - Gracefully handle legacy plaintext secrets during transition	1 month ago
veypi	52f2ae35ab	upgrade new version	1 month ago

Author

SHA1

Message

Date

veypi

69efc4284b

fix(api/oauth): encrypt ClientSecret in database

Encrypt OAuth Provider ClientSecret before storing in database to prevent
sensitive credential exposure in case of database breach.

- Encrypt ClientSecret on create using cfg.Config.Key.Encrypt()
- Encrypt ClientSecret on update when provided
- Decrypt ClientSecret before use in OAuth token exchange
- Add AES-GCM encryption/decryption functions to crypto package
- Gracefully handle legacy plaintext secrets during transition

veypi

52f2ae35ab

upgrade new version

2 Commits (b00e36ca80da9acb27bd7fef397fbd0aa85d90f6)