Reset secret of web app that could have been exposed by Doorkeeper (#13688)

There are no obvious ways it could be misused, as the secret is not really used for anything, but it is best to secure it for the future Follow-up to #13613
author: Eugen Rochko <eugen@zeonfederated.com> 2020-05-10 18:18:12 +0200
committer: GitHub <noreply@github.com> 2020-05-10 18:18:12 +0200
commit: 4b2d9b8a558190f8ccc51cfe67f5e151f2c3342b (patch)
tree: cbca015e85d901b4caa2ab25a88423b3c20d86b7 /db/migrate
parent: 8012fce727559ae49130a43ba6b44168f0b55d04 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/db/migrate/20200510110808_reset_web_app_secret.rb b/db/migrate/20200510110808_reset_web_app_secret.rb
new file mode 100644
index 000000000..b274844c5
--- /dev/null
+++ b/db/migrate/20200510110808_reset_web_app_secret.rb
@@ -0,0 +1,15 @@
+class ResetWebAppSecret < ActiveRecord::Migration[5.2]
+  disable_ddl_transaction!
+
+  def up
+    web_app = Doorkeeper::Application.find_by(superapp: true)
+
+    return if web_app.nil?
+
+    web_app.renew_secret
+    web_app.save!
+  end
+
+  def down
+  end
+end
author	Eugen Rochko <eugen@zeonfederated.com>	2020-05-10 18:18:12 +0200
committer	GitHub <noreply@github.com>	2020-05-10 18:18:12 +0200
commit	4b2d9b8a558190f8ccc51cfe67f5e151f2c3342b (patch)
tree	cbca015e85d901b4caa2ab25a88423b3c20d86b7 /db/migrate
parent	8012fce727559ae49130a43ba6b44168f0b55d04 (diff)