From fcf55bb5045784219033b2fc4aaa987b9d3f762b Mon Sep 17 00:00:00 2001 From: RageLtMan Date: Thu, 19 Jan 2017 04:02:59 -0500 Subject: [PATCH] Do not permit OAUTH_CONSUMER_SECRET to be nil When QBO plugin is not configured, OAUTH_CONSUMER_SECRET can be nil, and any codepath hitting the model raises a stack trace. Set a "safe-ish" value here to allow execution in conditions where QBO plugin is installed, but not yet configured. --- app/models/customer_token.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/customer_token.rb b/app/models/customer_token.rb index 05c5998..0976410 100644 --- a/app/models/customer_token.rb +++ b/app/models/customer_token.rb @@ -15,7 +15,7 @@ class CustomerToken < ActiveRecord::Base validates_presence_of :expires_at, :issue_id before_create :generate_token - OAUTH_CONSUMER_SECRET = Setting.plugin_redmine_qbo['settingsOAuthConsumerSecret'] + OAUTH_CONSUMER_SECRET = Setting.plugin_redmine_qbo['settingsOAuthConsumerSecret'] || 'CONFIGURE_QBO__' + SecureRandom.uuid def generate_token self.token = SecureRandom.base64(15).tr('+/=lIO0', OAUTH_CONSUMER_SECRET)