search

zf-fr / zfr-oauth2-server

PHP library for creating an OAuth 2 server (currently proof of concept)
BSD 3-Clause "New" or "Revised" License
36 stars 13 forks source link

Hashing of client secret #67

Closed basz closed 7 years ago

basz commented 8 years ago

Protect against a compromissed database by persisting only hashed client secrets.

See #22

basz commented 7 years ago

Allready Done https://github.com/zf-fr/zfr-oauth2-server/blob/master/src/Model/Client.php#L174