search

skoruba / IdentityServer4.Admin

The administration for the IdentityServer4 and Asp.Net Core Identity
MIT License
3.57k stars 1.15k forks source link

Secrets are no more showed on the UI #1059

Open rafaarcangel opened 5 months ago

rafaarcangel commented 5 months ago

Describe the bug

From the previous version 1.0.0 to the new 2.0.0, there are a few new lines to set ClientSecrets values to null. This new code shows an empty box when you try to see those secrets in the UI

To Reproduce

1- Open backoffice 2- Go to client section > Manage secrets 3- Click on any secret You will see an empty box image

Relevant parts of the log file

The code that was changed is on ClientService.cs:

clientSecretsDto.ClientSecrets.ForEach(delegate (ClientSecretDto x)
{
    x.Value = null;
});

Discussion reference: https://github.com/skoruba/IdentityServer4.Admin/discussions/1058

skoruba commented 4 months ago

I removed it very long time ago, because it was not recommended to be able to see this value there. it is from security reason.