From 95b49294dd54192a1d22cb1f4eb4925756c4ccd0 Mon Sep 17 00:00:00 2001
From: Gary Zhou <gzhou@records.nyc.gov>
Date: Wed, 15 Feb 2023 15:56:06 -0500
Subject: [PATCH] Update _generate_signature method to use HMAC-SHA256

---
 app/auth/utils.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/auth/utils.py b/app/auth/utils.py
index 00a35ff22..327440d87 100644
--- a/app/auth/utils.py
+++ b/app/auth/utils.py
@@ -16,7 +16,7 @@
     abort, current_app, flash, redirect, request, session, url_for
 )
 from flask_login import current_user, login_user, logout_user
-from hashlib import sha1
+from hashlib import sha256
 from ldap3 import Connection, Server, Tls
 from requests.exceptions import SSLError
 
@@ -684,10 +684,10 @@ def _generate_signature(password, string):
     """
     signature = None
     try:
-        hmac_sha1 = hmac.new(key=password.encode(),
-                             msg=string.encode(),
-                             digestmod=sha1)
-        signature = hmac_sha1.hexdigest()
+        hmac_sha256 = hmac.new(key=password.encode(),
+                               msg=string.encode(),
+                               digestmod=sha256)
+        signature = hmac_sha256.hexdigest()
     except Exception as e:
         sentry.captureException()
         current_app.logger.error("Failed to generate NYC ID.Web Services "