Update _generate_signature method to use HMAC-SHA256

CityOfNewYork · Jun 13, 2023 · 3974fc0 · 3974fc0
1 parent ec9f38c
commit 3974fc0
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 24 deletions.
diff --git a/app/auth/utils.py b/app/auth/utils.py
@@ -16,7 +16,7 @@
     abort, current_app, flash, redirect, request, session, url_for
 )
 from flask_login import current_user, login_user, logout_user
-from hashlib import sha1
+from hashlib import sha256
 from ldap3 import Connection, Server, Tls
 from requests.exceptions import SSLError
 
@@ -680,10 +680,10 @@ def _generate_signature(password, string):
     """
     signature = None
     try:
-        hmac_sha1 = hmac.new(key=password.encode(),
-                             msg=string.encode(),
-                             digestmod=sha1)
-        signature = hmac_sha1.hexdigest()
+        hmac_sha256 = hmac.new(key=password.encode(),
+                               msg=string.encode(),
+                               digestmod=sha256)
+        signature = hmac_sha256.hexdigest()
     except Exception as e:
         sentry.captureException()
         current_app.logger.error("Failed to generate NYC ID.Web Services "

diff --git a/data/agencies.csv b/data/agencies.csv
@@ -19,7 +19,7 @@
 "032A","032","Social Services","Commission to Combat Police Corruption","CCPC","00001","[email protected]","[email protected]","False"
 "0054","054","Public Safety","Civilian Complaint Review Board","CCRB","00001","[email protected]","[email protected]","False"
 "0312","312","Civic Services","Conflicts of Interest Board","COIB","00001","[email protected]","[email protected]","False"
-"0866","866","Business","Department of Consumer Affairs","DCA","00001","dcafoil@dca.nyc.gov","dcafoil@dca.nyc.gov","False"
+"0866","866","Business","Department of Consumer and Worker Protection","DCWP","00001","FOIL@dcwp.nyc.gov","FOILAPPEALS@dcwp.nyc.gov","False"
 "0868","868","Civic Services","Department of Citywide Administrative Services","DCAS","00001","[email protected]","[email protected]","False"
 "0126","126","Culture & Recreation","Department of Cultural Affairs","DCLA","00001","[email protected]","[email protected]","False"
 "0030","030","Civic Services","Department of City Planning","DCP","00001","[email protected]","[email protected]","False"
@@ -33,7 +33,7 @@
 "0836","836","Business","Department of Finance","DOF","00001","[email protected]","[email protected]","False"
 "0816","816","Health","Department of Health and Mental Hygiene","DOHMH","00001","[email protected]","[email protected]","False"
 "0032","032","Public Safety","Department of Investigation","DOI","00001","[email protected]","[email protected]","False"
-"0858","858","Civic Services","Department of Information Technology and Telecommunications","DOITT","00001","foilrequest@doitt.nyc.gov","foilrequest@doitt.nyc.gov","True"
+"0858","858","Civic Services","NYC Office of Technology and Innovation","OTI","00001","foilrequest@oti.nyc.gov","foilappeal@oti.nyc.gov","True"
 "0781","781","Public Safety","Department of Probation","DOP","00001","[email protected]","[email protected]","False"
 "0860","860","Culture & Recreation","Department of Records and Information Services","DORIS","00001","[email protected]","[email protected]","True"
 "0841","841","Transportation","Department of Transportation","DOT","00001","[email protected]","[email protected]","False"

diff --git a/data/agencies.json b/data/agencies.json
@@ -163,10 +163,10 @@
       "categories": [
         "Business"
       ],
-      "name": "Department of Consumer Affairs",
+      "name": "Department of Consumer and Worker Protection",
       "next_request_number": 1,
-      "default_email": "dcafoil@dca.nyc.gov",
-      "appeals_email": "DCAFOILAPPEALS@dca.nyc.gov",
+      "default_email": "FOIL@dcwp.nyc.gov",
+      "appeals_email": "FOILAPPEALS@dcwp.nyc.gov",
       "is_active": true,
       "agency_features": {
         "letters": {
@@ -186,7 +186,7 @@
           "text": ""
         }
       },
-      "acronym": "DCA"
+      "acronym": "DCWP"
     },
     {
       "ein": "0059",
@@ -1003,10 +1003,10 @@
       "categories": [
         "Civic Services"
       ],
-      "name": "Department of Information Technology and Telecommunications",
+      "name": "NYC Office of Technology and Innovation",
       "next_request_number": 1,
-      "default_email": "foilrequest@doitt.nyc.gov",
-      "appeals_email": "foilrequest@doitt.nyc.gov",
+      "default_email": "foilrequest@oti.nyc.gov",
+      "appeals_email": "foilappeal@oti.nyc.gov",
       "is_active": true,
       "agency_features": {
         "letters": {
@@ -1026,7 +1026,7 @@
           "text": ""
         }
       },
-      "acronym": "DOITT"
+      "acronym": "OTI"
     },
     {
       "ein": "0134",

diff --git a/data/agencies_test.csv b/data/agencies_test.csv
@@ -19,7 +19,7 @@
 "032A","032","Social Services","Commission to Combat Police Corruption","CCPC","00001","[email protected]","[email protected]","False"
 "0054","054","Public Safety","Civilian Complaint Review Board","CCRB","00001","[email protected]","[email protected]","False"
 "0312","312","Civic Services","Conflicts of Interest Board","COIB","00001","[email protected]","[email protected]","False"
-"0866","866","Business","Department of Consumer Affairs","DCA","00001","[email protected]","[email protected]","False"
+"0866","866","Business","Department of Consumer and Worker Protection","DCWP","00001","[email protected]","[email protected]","False"
 "0868","868","Civic Services","Department of Citywide Administrative Services","DCAS","00001","[email protected]","[email protected]","False"
 "0126","126","Culture & Recreation","Department of Cultural Affairs","DCLA","00001","[email protected]","[email protected]","False"
 "0030","030","Civic Services","Department of City Planning","DCP","00001","[email protected]","[email protected]","False"
@@ -33,7 +33,7 @@
 "0836","836","Business","Department of Finance","DOF","00001","[email protected]","[email protected]","False"
 "0816","816","Health","Department of Health and Mental Hygiene","DOHMH","00001","[email protected]","[email protected]","False"
 "0032","032","Public Safety","Department of Investigation","DOI","00001","[email protected]","[email protected]","False"
-"0858","858","Civic Services","Department of Information Technology and Telecommunications","DOITT","00001","[email protected]","[email protected]","True"
+"0858","858","Civic Services","NYC Office of Technology and Innovation","OTI","00001","[email protected]","[email protected]","True"
 "0781","781","Public Safety","Department of Probation","DOP","00001","[email protected]","[email protected]","False"
 "0860","860","Culture & Recreation","Department of Records and Information Services","DORIS","00001","[email protected]","[email protected]","True"
 "0841","841","Transportation","Department of Transportation","DOT","00001","[email protected]","[email protected]","False"

diff --git a/data/agencies_test.json b/data/agencies_test.json
@@ -646,8 +646,8 @@
       "categories": [
         "Business"
       ],
-      "name": "Department of Consumer Affairs",
-      "acronym": "DCA",
+      "name": "Department of Consumer and Worker Protection",
+      "acronym": "DCWP",
       "next_request_number": 1,
       "default_email": "[email protected]",
       "appeals_email": "[email protected]",
@@ -1094,8 +1094,8 @@
       "categories": [
         "Civic Services"
       ],
-      "name": "Department of Information Technology and Telecommunications",
-      "acronym": "DOITT",
+      "name": "NYC Office of Technology and Innovation",
+      "acronym": "OTI",
       "next_request_number": 1,
       "default_email": "[email protected]",
       "appeals_email": "[email protected]",

diff --git a/data/custom_request_forms.json b/data/custom_request_forms.json
@@ -153,11 +153,11 @@
             "name": "fdny-form1-field9",
             "values": [
               "Building",
-              "Transportation",
+              "Vehicle/Transportation",
               "Outdoors",
               "Non-Fire Emergency"
             ],
-            "help_text": "If transportation is selected, please provide the model, make, and license plate in the description below. For Building, Outdoors, and Non-Fire Emergency please provide a short description below.",
+            "help_text": "If Vehicle/Transportation is selected, please provide the model, make, and license plate in the description below. For Building, Outdoors, and Non-Fire Emergency please provide a short description below.",
             "required": false
           }
         },
@@ -169,7 +169,7 @@
             "error_message": "<span class=\"glyphicon glyphicon-exclamation-sign\"></span>&nbsp;<strong>Error, Description of Incident is required.</strong> Please provide a short description.",
             "max_length": 5000,
             "character_counter": true,
-            "help_text": "Please provide a short description of the incident. If Transportation was selected above, please make sure to provide the Type, Make, and Plate of the vehicle."
+            "help_text": "Please provide a short description of the incident. If Vehicle/Transportation was selected above, please make sure to provide the Type, Make, and Plate of the vehicle."
           }
         }
       ],