From e24a844d174ea7c3a328a627e45ffa4ca0758a6c Mon Sep 17 00:00:00 2001 From: Jaime van Kessel Date: Thu, 2 Sep 2021 14:25:57 +0200 Subject: [PATCH] Use secrets instead of random Since we're no longer stuck on python 3.5, we can use secrets instead of random which provides better randomness. CURA-8401 SEC-207 --- cura/OAuth2/AuthorizationHelpers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cura/OAuth2/AuthorizationHelpers.py b/cura/OAuth2/AuthorizationHelpers.py index df3fc366ba..c97c7f3ec2 100644 --- a/cura/OAuth2/AuthorizationHelpers.py +++ b/cura/OAuth2/AuthorizationHelpers.py @@ -3,7 +3,7 @@ from datetime import datetime import json -import random +import secrets from hashlib import sha512 from base64 import b64encode from typing import Optional @@ -143,7 +143,7 @@ class AuthorizationHelpers: better to leave it at 32 """ - return "".join(random.choice("0123456789ABCDEF") for i in range(code_length)) + return "".join(secrets.choice("0123456789ABCDEF") for i in range(code_length)) @staticmethod def generateVerificationCodeChallenge(verification_code: str) -> str: