Reset secret of web app that could have been exposed by Doorkeeper ()

There are no obvious ways it could be misused, as the secret is not
really used for anything, but it is best to secure it for the future

Follow-up to 
This commit is contained in:
Eugen Rochko 2020-05-10 18:18:12 +02:00 committed by GitHub
parent 8012fce727
commit 4b2d9b8a55
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 1 deletions

View file

@ -0,0 +1,15 @@
class ResetWebAppSecret < ActiveRecord::Migration[5.2]
disable_ddl_transaction!
def up
web_app = Doorkeeper::Application.find_by(superapp: true)
return if web_app.nil?
web_app.renew_secret
web_app.save!
end
def down
end
end

View file

@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 2020_05_08_212852) do
ActiveRecord::Schema.define(version: 2020_05_10_110808) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"