overleaf/services/web/scripts/oauth/backfill_hashed_secrets.mjs
Liangjun Song 902ae750dc Merge pull request #21202 from overleaf/ls-scripts-to-esm-2
Migrate scripts folder to esm 2/x

GitOrigin-RevId: 1698bc4f13e026fa281d37a4914a2f997849c761
2024-10-23 08:04:53 +00:00

45 lines
1.2 KiB
JavaScript

import {
db,
waitForDb,
READ_PREFERENCE_SECONDARY,
} from '../../app/src/infrastructure/mongodb.js'
import { hashSecret } from '../../modules/oauth2-server/app/src/SecretsHelper.js'
async function main() {
await waitForDb()
console.log('Hashing client secrets...')
await hashSecrets(db.oauthApplications, 'clientSecret')
console.log('Hashing access tokens...')
await hashSecrets(db.oauthAccessTokens, 'accessToken')
console.log('Hashing refresh tokens...')
await hashSecrets(db.oauthAccessTokens, 'refreshToken')
console.log('Hashing authorization codes...')
await hashSecrets(db.oauthAuthorizationCodes, 'authorizationCode')
}
async function hashSecrets(collection, field) {
const cursor = collection.find(
{
[field]: /^(?!v1\.)/,
},
{
projection: { _id: 1, [field]: 1 },
readPreference: READ_PREFERENCE_SECONDARY,
}
)
let hashedCount = 0
for await (const doc of cursor) {
const hash = hashSecret(doc[field])
await collection.updateOne({ _id: doc._id }, { $set: { [field]: hash } })
hashedCount++
}
console.log(`${hashedCount} secrets hashed`)
}
try {
await main()
process.exit(0)
} catch (error) {
console.error(error)
process.exit(1)
}