Sandor Molnar created KNOX-2579:
-----------------------------------
Summary: Make token passcode secure in DB token state backend
Key: KNOX-2579
URL: https://issues.apache.org/jira/browse/KNOX-2579
Project: Apache Knox
Issue Type: New Feature
Components: Server
Affects Versions: 1.6.0
Reporter: Sandor Molnar
Assignee: Sandor Molnar
Fix For: 1.6.0
With KNOX-2554, we now have the ability to store passcode tokens in relational
databases. However, it indicates poor security practice if sensitive data is
stored in plain text format. Since the {{token_id}} JWT claim can be used as a
passcode, we need to make sure it's saved in a hashed format. To be able to do
this, the following is going to be implemented:
* keep the current {{token_id}} column as a primary key (UUID can be used here
as key)
* add a new column called \{[passcode}} which will store the hashed value of
the {{token.id}} claim
By default, {{HS256}} is going to be used as a hash algorithm, but end-users
can configure it via the {{gateway_database_hash_alg}} gateway level
configuration. A new pre-defined alias name is to be introduced too:
{{gateway_database_hash_key}}. End-users must save the desired key using this
alias if they use the new {{JDBCTokenStateService}} as the token management
backend. Please note that key size it's very important for hash-based
algorithms so using the {{master secret}} is not an option here.
The token verification logic has to be changed too (need to hash {{token.id}}
before getting expiration from the database).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
