commit | 0bc02ede1d7ac6b0ed264b8891844d15bdb4733e | [log] [tgz] |
---|---|---|
author | Vitaly Buka <vitalybuka@google.com> | Fri Dec 18 14:13:12 2015 -0800 |
committer | Vitaly Buka <vitalybuka@google.com> | Mon Dec 21 19:25:54 2015 +0000 |
tree | de03e97228ef9f8625cb374061c1b635370ae2a4 | |
parent | 3020c495e853c12bc4febca66b4ab739dbb773ef [diff] |
Use different secret for auth and access tokens Temporarily secret guaranties invalidation of access tokens on device reboot. Without that when device updates, we can have tokens signed with valid key, but with invalid format, or user_id collision. Change-Id: I0a6dbd782165715d781501456a4fd29bb060ffdd Reviewed-on: https://weave-review.googlesource.com/2062 Reviewed-by: Alex Vakulenko <avakulenko@google.com>