From 8a0a67e2bb5239b003f0ab21a39f7458ffdc1a58 Mon Sep 17 00:00:00 2001
From: Eric Mc Sween <5454374+emcsween@users.noreply.github.com>
Date: Wed, 3 May 2023 07:49:52 -0400
Subject: [PATCH] Merge pull request #12880 from
 overleaf/em-hash-oauth-secrets-4

Hash secrets when creating OAuth clients

GitOrigin-RevId: 5fb05bd825ceaabda635fe554a95879773aa3396
---
 services/web/scripts/oauth/register_client.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/services/web/scripts/oauth/register_client.js b/services/web/scripts/oauth/register_client.js
index 4c4601d921..d5687d03f7 100644
--- a/services/web/scripts/oauth/register_client.js
+++ b/services/web/scripts/oauth/register_client.js
@@ -1,6 +1,9 @@
 const minimist = require('minimist')
 const { ObjectId } = require('mongodb')
 const { waitForDb, db } = require('../../app/src/infrastructure/mongodb')
+const {
+  hashSecret,
+} = require('../../modules/oauth2-server/app/src/SecretsHelper')
 
 async function main() {
   const opts = parseArgs()
@@ -40,7 +43,7 @@ async function upsertApplication(opts) {
     updates.name = opts.name
   }
   if (opts.secret != null) {
-    updates.clientSecret = opts.secret
+    updates.clientSecret = hashSecret(opts.secret)
   }
   if (opts.grants != null) {
     updates.grants = opts.grants