diff --git a/Intersect.Server/Web/Net7/ApiService.AppSettings.cs b/Intersect.Server/Web/Net7/ApiService.AppSettings.cs index cd3d79c000..fe4c30acdc 100644 --- a/Intersect.Server/Web/Net7/ApiService.AppSettings.cs +++ b/Intersect.Server/Web/Net7/ApiService.AppSettings.cs @@ -87,9 +87,9 @@ private static void ValidateConfiguration() TokenGenerationOptions.DefaultRefreshTokenLifetime; } - if (apiConfiguration.TokenGenerationOptions.SecretData.Length < 64) + if (apiConfiguration.TokenGenerationOptions.Secret.Length < 128) { - apiConfiguration.TokenGenerationOptions.SecretData = default; + apiConfiguration.TokenGenerationOptions.Secret = default; if (apiConfiguration.TokenGenerationOptions.Secret == default) { throw new UnreachableException("This should be automatically re-generated."); diff --git a/Intersect.Server/Web/Net7/Configuration/TokenGenerationOptions.cs b/Intersect.Server/Web/Net7/Configuration/TokenGenerationOptions.cs index 5c82f76382..f497d16b6b 100644 --- a/Intersect.Server/Web/Net7/Configuration/TokenGenerationOptions.cs +++ b/Intersect.Server/Web/Net7/Configuration/TokenGenerationOptions.cs @@ -1,6 +1,6 @@ using System.ComponentModel.DataAnnotations; using System.Security.Cryptography; -using System.Text; +using Intersect.Logging; namespace Intersect.Server.Web.Configuration; @@ -29,7 +29,25 @@ public class TokenGenerationOptions public string Secret { get => Convert.ToHexString(SecretData ??= RandomNumberGenerator.GetBytes(64)); - set => SecretData = string.IsNullOrWhiteSpace(value) ? default : Convert.FromHexString(value); + set + { + if (string.IsNullOrWhiteSpace(value)) + { + SecretData = default; + return; + } + + try + { + value = value.Trim(); + SecretData = Convert.FromHexString(value.Trim()); + } + catch (Exception exception) + { + Log.Error(exception, $"Failed to parse secret (should be hex), value was {value.Length} characters long"); + SecretData = default; + } + } } [Newtonsoft.Json.JsonIgnore]