lp://staging/~nataliabidart/canonical-identity-provider/admin-access-via-sso
- Get this branch:
- bzr branch lp://staging/~nataliabidart/canonical-identity-provider/admin-access-via-sso
Branch merges
Related source package recipes
Branch information
Recent revisions
- 1353. By Daniel Manrique
-
[r=nataliabidar
t,james- w] New parameters for more secure AuthToken strings. 20-character tokens taken from a set of hopefully non-ambiguous letters
and numbers will yield tokens with about 110 bits of entropy, as opposed
to the 36 bits we had with 6-character a-zA-Z0-9 tokens. - 1352. By Daniel Manrique
-
[r=ricardokirkn
er,matt- goodall] Admin-side tweaks to display a shortened version of hashed tokens and avoid the unwieldy 64-character sha256 hashes. - 1351. By Daniel Manrique
-
[r=ricardokirkn
er,james- w] Store only AuthToken hashes in the database. Since AuthTokens are security-sensitive, once a raw token is generated and sent to the user via either e-mail or URL redirection, the raw value is discarded and only a hash is kept in the database. So raw tokens can't be recovered directly from the database.
The data is stored in the same existing "token" column (though renamed at model-level to "hashed_token").
The code accounts for "old-style", raw tokens to be stored in the same table; all existing tokens continue to be valid and can be used. However, only "new-style", hashed tokens will be stored in the future.
- 1349. By Natalia Bidart
-
[r=wesmason] - Reduce logging for OAuth handler now that we have deployed the feature.
- 1348. By Ricardo Kirkner
-
[r=nataliabidar
t,roadmr] split docs requirements to it's own file so that readthedocs.org can build the docs properly
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/canonical-identity-provider/release
