Merge "Replace the random library with secrets in oauth1" into stable/2025.1

2025-12-12 17:58:47 +00:00
parent 6cef9855bf f1e80dd69c
commit 3d72b132cd
1 changed files with 3 additions and 3 deletions
--- a/keystone/oauth1/backends/sql.py
+++ b/keystone/oauth1/backends/sql.py
@@ -13,7 +13,7 @@
 # under the License.

 import datetime
-import random as _random
+import secrets
 import uuid

 from oslo_serialization import jsonutils
@@ -25,7 +25,7 @@ from keystone import exception
 from keystone.i18n import _
 from keystone.oauth1.backends import base

-random = _random.SystemRandom()
+system_random = secrets.SystemRandom()


 class Consumer(sql.ModelBase, sql.ModelDictMixinWithExtras):
@@ -206,7 +206,7 @@ class OAuth1(base.Oauth1DriverBase):
            token_dict = token_ref.to_dict()
            token_dict['authorizing_user_id'] = user_id
            token_dict['verifier'] = ''.join(
-                random.sample(base.VERIFIER_CHARS, 8)
+                system_random.sample(base.VERIFIER_CHARS, 8)
            )
            token_dict['role_ids'] = jsonutils.dumps(role_ids)