Rev 539 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 539 | Rev 566 | ||
|---|---|---|---|
| Line 1... | Line 1... | ||
| 1 | Where is SERVER_SECRET being used? |
1 | Where is SERVER_SECRET being used? |
| 2 | ---------------------------------- |
2 | ---------------------------------- |
| 3 | 3 | ||
| 4 | System: |
4 | System: |
| - | 5 | - Auth content Store |
|
| - | 6 | OIDplusAuthContentStoreJWT.class: Key to sign JWT tokens (used for Automated AJAX requests) using HMAC |
|
| 5 | - Session Handler: Encryption of session contents |
7 | - Session Handler: Encryption of session contents |
| 6 | - Auth utils: Generation of auth keys |
8 | - Auth utils: Generation of auth keys |
| 7 | makeAuthKey(data) = sha3_512(SERVER_SECRET + "/AUTHKEY/" + data) |
9 | makeAuthKey(data) = sha3_512(SERVER_SECRET + "/AUTHKEY/" + data) |
| 8 | used at plugin invite RA (ra/092): |
10 | used at plugin invite RA (ra/092): |
| 9 | makeAuthKey("activate_ra;" + email + ";" + timestamp) |
11 | makeAuthKey("activate_ra;" + email + ";" + timestamp) |