diff --git a/crates/erp-health/Cargo.toml b/crates/erp-health/Cargo.toml index 470e5e6..cdcc145 100644 --- a/crates/erp-health/Cargo.toml +++ b/crates/erp-health/Cargo.toml @@ -24,3 +24,6 @@ sha2 = "0.10" base64 = "0.22" hex = "0.4" zeroize = { version = "1", features = ["derive"] } +argon2.workspace = true +jsonwebtoken.workspace = true +rand_core = "0.6" diff --git a/crates/erp-health/src/oauth/service.rs b/crates/erp-health/src/oauth/service.rs index 1412681..6e2b78a 100644 --- a/crates/erp-health/src/oauth/service.rs +++ b/crates/erp-health/src/oauth/service.rs @@ -1,7 +1,8 @@ use argon2::{ Argon2, - password_hash::{PasswordHash, PasswordHasher, PasswordVerifier, SaltString, rand_core::RngCore}, + password_hash::{PasswordHash, PasswordHasher, PasswordVerifier, SaltString}, }; +use rand_core::RngCore; use chrono::Utc; use sea_orm::{ ActiveModelTrait, ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter, Set, @@ -34,14 +35,14 @@ fn validate_scopes(requested: &[String]) -> OAuthResult> { } fn generate_client_id() -> String { - use argon2::password_hash::rand_core::OsRng; + use rand_core::OsRng; let mut bytes = [0u8; 16]; OsRng.fill_bytes(&mut bytes); hex::encode(bytes) } fn generate_client_secret() -> OAuthResult<(String, String)> { - use argon2::password_hash::rand_core::OsRng; + use rand_core::OsRng; let mut bytes = [0u8; 32]; OsRng.fill_bytes(&mut bytes); let plain = hex::encode(bytes); @@ -270,7 +271,7 @@ impl OAuthService { } active.updated_by = Set(Some(updated_by)); active.updated_at = Set(Utc::now().into()); - active.version = Set(active.version.unwrap() + 1); + active.version = Set(req.version + 1); let model = active.update(db).await?; @@ -326,10 +327,10 @@ impl OAuthService { let (plain, hash) = generate_client_secret()?; let mut active: api_client::ActiveModel = client.into(); - let id = active.id.clone().unwrap().to_string(); active.client_secret_hash = Set(hash); active.updated_at = Set(Utc::now().into()); active.version = Set(active.version.clone().unwrap() + 1); + let id = active.id.clone().unwrap().to_string(); active.update(db).await?; Ok((id, plain))