RussellSpitzer commented on code in PR #438:
URL: https://github.com/apache/polaris/pull/438#discussion_r1837248608
##########
polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrincipalSecrets.java:
##########
@@ -108,11 +155,29 @@ public String getPrincipalClientId() {
return principalClientId;
}
+ public boolean matchesSecret(String potentialSecret) {
+ String potentialSecretHash = hashSecret(potentialSecret);
+ return potentialSecretHash.equals(this.mainSecretHash)
+ || potentialSecretHash.equals(this.secondarySecretHash);
Review Comment:
Sounds like an easy enough thing to add for now to prevent a backwards
incompatibility, but maybe we should just only do so if the "hash" is not set?
Then the moment hash is set only accept a hashed comparison?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
