Skip to content

Commit

Permalink
#44 front end JavaScript library with key obfuscated - update profile…
Browse files Browse the repository at this point in the history 
…s for local host development
  • Loading branch information
@drnow4u
drnow4u committed Apr 6, 2022
1 parent b57c98e commit 130b6e5
Show file tree
Hide file tree
Showing 5 changed files with 6 additions and 3 deletions.
2 changes: 1 addition & 1 deletion js/index.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
function secret() {
var password = "if you see this please fix the JavaScript setup";
var password = "this is second test secret";
return password;
}
2 changes: 1 addition & 1 deletion secondkey.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
this is test secret
this is second test secret
2 changes: 2 additions & 0 deletions src/main/resources/application.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ spring.cloud.vault.kubernetes.kubernetes-path=kubernetes
spring.cloud.vault.kubernetes.service-account-token-file=/var/run/secrets/kubernetes.io/serviceaccount/token
#---
spring.config.activate.on-profile=local-vault
challengedockermtpath=./
wrongsecretvalue=wrongsecret
spring.config.import=vault://secret/secret-challenge
spring.application.name=secret-challenge
Expand All @@ -59,6 +60,7 @@ spring.cloud.vault.authentication=TOKEN
spring.cloud.vault.token=00000000-0000-0000-0000-000000000000
#---
spring.config.activate.on-profile=without-vault
challengedockermtpath=./
wrongsecretvalue=wrongsecret
spring.cloud.vault.enabled=false
asciidoctor.enabled=true
2 changes: 1 addition & 1 deletion src/test/java/org/owasp/wrongsecrets/oauth/TokenControllerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ void shouldGetToken() throws Exception {
// When
var response = mvc.perform(post("/token")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.content("grant_type=client_credentials&client_id=WRONGSECRET_CLIENT_ID&client_secret=this is test secret"));
.content("grant_type=client_credentials&client_id=WRONGSECRET_CLIENT_ID&client_secret=this is second test secret"));

// Then
response.andExpect(status().isOk())
Expand Down
1 change: 1 addition & 0 deletions yourkey.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
this is test secret

0 comments on commit 130b6e5

Please sign in to comment.