apunkt/SurfSense
1
0
Fork 0
mirror of https://github.com/MODSetter/SurfSense.git synced 2026-06-08 20:25:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

feat: Added logic to encrypt the access token, refresh token, and client secret if the configuration specifies token encryption for native Gmail connector

Browse source
This commit is contained in:
Anish Sarkar 2026-03-19 17:57:51 +05:30
parent c9deae940c
commit 90481b9462
1 changed files with 32 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

33
surfsense_backend/app/connectors/google_gmail_connector.py
View file

@ -134,7 +134,38 @@ class GoogleGmailConnector:
raise RuntimeError(
"GMAIL connector not found; cannot persist refreshed token."
)
connector.config = json.loads(self._credentials.to_json())
from app.config import config
from app.utils.oauth_security import TokenEncryption
creds_dict = json.loads(self._credentials.to_json())
token_encrypted = connector.config.get(
"_token_encrypted", False
)
if token_encrypted and config.SECRET_KEY:
token_encryption = TokenEncryption(config.SECRET_KEY)
if creds_dict.get("token"):
creds_dict["token"] = (
token_encryption.encrypt_token(
creds_dict["token"]
)
)
if creds_dict.get("refresh_token"):
creds_dict["refresh_token"] = (
token_encryption.encrypt_token(
creds_dict["refresh_token"]
)
)
if creds_dict.get("client_secret"):
creds_dict["client_secret"] = (
token_encryption.encrypt_token(
creds_dict["client_secret"]
)
)
creds_dict["_token_encrypted"] = True
connector.config = creds_dict
flag_modified(connector, "config")
await self._session.commit()
except Exception as e: