adminmpmcz/patchcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

test_psmp: derivation Fernet exacte identique a secrets_service

Browse Source
This commit is contained in:
Pierre & Lumière 2026-04-14 23:46:23 +02:00
parent cdf976a9e8
commit 8729b8470b
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tools/test_psmp.py
View File

@ -21,15 +21,19 @@ DATABASE_URL = os.getenv("DATABASE_URL_DEMO") or os.getenv("DATABASE_URL") \
def get_secret(conn, key): def get_secret(conn, key):
"""Lit + dechiffre via le service officiel (Fernet).""" """Lit + dechiffre Fernet (meme derivation que app/services/secrets_service.py)."""
from app.services.secrets_service import decrypt import base64
from cryptography.fernet import Fernet
secret_key = os.getenv("SECRET_KEY",
"slpm-patchcenter-secret-key-2026-change-in-production")
raw = secret_key.encode()[:32].ljust(32, b'\0')
fernet = Fernet(base64.urlsafe_b64encode(raw))
row = conn.execute(text("SELECT value FROM app_secrets WHERE key=:k"), {"k": key}).fetchone() row = conn.execute(text("SELECT value FROM app_secrets WHERE key=:k"), {"k": key}).fetchone()
if not row or not row.value: if not row or not row.value:
return None return None
try: try:
return decrypt(row.value) return fernet.decrypt(row.value.encode()).decode()
except Exception: except Exception:
# Fallback si stocke en clair
return row.value return row.value