Open Closed

About changing client secrets #441


User avatar
0
yilmaz.atalar created

Hi,

I need to change identity server client secrets. It's defined as E5Xd4yMqjP5kjWFKrYgySBju6JVfCzMyFp7n2QmMrME= in seeder class as static. How "1q2w3e* " is encoded to this value?

Thanks for your help.


6 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Try:

    secret: (configurationSection["MyProjectName_Web:ClientSecret"] ?? "E5Xd4yMqjP5kjWFKrYgySBju6JVfCzMyFp7n2QmMrME=*").Sha256()
    
  • User Avatar
    0
    yilmaz.atalar created

    Thanks for your attention but I think you've misunderstood something. Angular app sends "1q2w3e*" as client secret but it is defined "E5Xd4yMqjP5kjWFKrYgySBju6JVfCzMyFp7n2QmMrME=" on the database (also in the IdentityServerDataSeedContributor class). I think it is an encoded version of "1q2w3e*. I want to used another value instead of "1q2w3e*". So I need to encode the value that I want to use but I do not know how Abp encodes the secret. Which encoding algorithm is used while encoding "1q2w3e*" to "E5Xd4yMqjP5kjWFKrYgySBju6JVfCzMyFp7n2QmMrME=" ? I need this info.

    Thanks.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Okey, now I understand your mean. It has nothing to do with abp, It is handled by identityserver. You can see : https://github.com/IdentityServer/IdentityServer4/blob/18897890ce/src/IdentityServer4/src/Validation/Default/SecretValidator.cs

  • User Avatar
    0
    yilmaz.atalar created

    Nope it is not Sha256. I've checked this already.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    It is indeed sha256 and IdentityServer will use the HashedSharedSecretValidator, You can custom a secret validator to validation.

  • User Avatar
    0
    yilmaz.atalar created

    Hi again liangshiwei;

    I've found the point. IdentityServer's Sha256() result and the result obtained from System.Security.Cryptography.SHA256 class is different. I was confused because of this situation. I'm closing the topic.

    Thanks for your help.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38