Fix the way tokens are generated to use stronger PRNG

author garciadeblas <gerardo.garciadeblas@telefonica.com>

Wed, 25 Jun 2025 15:18:05 +0000 (17:18 +0200)

committer garciadeblas <gerardo.garciadeblas@telefonica.com>

Thu, 26 Jun 2025 18:09:52 +0000 (20:09 +0200)
author garciadeblas <gerardo.garciadeblas@telefonica.com>
Wed, 25 Jun 2025 15:18:05 +0000 (17:18 +0200)
committer garciadeblas <gerardo.garciadeblas@telefonica.com>
Thu, 26 Jun 2025 18:09:52 +0000 (20:09 +0200)
diff --git a/osm_nbi/authconn_internal.py b/osm_nbi/authconn_internal.py

index ac157b8..fe86f16 100644 (file)
--- a/osm_nbi/authconn_internal.py
+++ b/osm_nbi/authconn_internal.py
@@ -32,6 +32,7 @@ __date__ = "$06-jun-2019 11:16:08$"
  
  import logging
  import re
+import secrets
  
  from osm_nbi.authconn import (
      Authconn,
@@ -402,12 +403,8 @@ class AuthconnInternal(Authconn):
              user_data,
          )
  
-        token_id = "".join(
-            random_choice(
-                "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
-            )
-            for _ in range(0, 32)
-        )
+        # Generate a secure random 32 byte array base64 encoded for use in URLs
+        token_id = secrets.token_urlsafe(32)
  
          # projects = user_content.get("projects", [])
          prm_list = user_content.get("project_role_mappings", [])
author	garciadeblas <gerardo.garciadeblas@telefonica.com>
	Wed, 25 Jun 2025 15:18:05 +0000 (17:18 +0200)
committer	garciadeblas <gerardo.garciadeblas@telefonica.com>
	Thu, 26 Jun 2025 18:09:52 +0000 (20:09 +0200)