Updated OAuth2 token length & secure random algorithm config.
Change-Id: I1c0cd2d7ad6e7c3e5570fae19fa86211a01bfeff
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
index 4d63e75..8741553 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
@@ -348,6 +348,7 @@
throws OAuthSystemException, KustvaktException {
String random = randomGenerator.createRandomCode();
+ random += randomGenerator.createRandomCode();
if (isPublicClient){
return createsAccessTokenResponse(scopes, accessScopes, clientId,
userId, authenticationTime);
@@ -366,6 +367,7 @@
throws OAuthSystemException, KustvaktException {
String accessToken = randomGenerator.createRandomCode();
+ accessToken +=randomGenerator.createRandomCode();
tokenDao.storeAccessToken(accessToken, refreshToken, accessScopes,
userId, clientId, authenticationTime);
@@ -383,6 +385,7 @@
throws OAuthSystemException, KustvaktException {
String accessToken = randomGenerator.createRandomCode();
+ accessToken +=randomGenerator.createRandomCode();
tokenDao.storeAccessToken(accessToken, null, accessScopes,
userId, clientId, authenticationTime);
diff --git a/full/src/main/resources/kustvakt.conf b/full/src/main/resources/kustvakt.conf
index a9086ba..daf0e9a 100644
--- a/full/src/main/resources/kustvakt.conf
+++ b/full/src/main/resources/kustvakt.conf
@@ -69,8 +69,8 @@
oauth2.client.credentials.scopes = client_info
## see SecureRandom Number Generation Algorithms
-## default SHA1PRNG
-security.secure.random.algorithm=SHA1PRNG
+## optional
+# security.secure.random.algorithm=SHA1PRNG
## see MessageDigest Algorithms
## default MD5