OAuth UIDs and secrets should be generated, not manually edited

[alexmuller]

Feature request! We have some OAuth UIDs and secrets which are not as long as some other ones, and should be longer.

I think we should do the following:

• The application page should not have editable text fields for UID and secret
• UID and secret should have a minimum length of 64 characters enforced
• There should be a "regenerate" button on the application page which makes new ones

[floehopper]

Feature request! We have some OAuth UIDs and secrets which are not as long as some other ones, and should be longer.

I think we should do the following:

• The application page should not have editable text fields for UID and secret

The UID is still an editable text field:

https://github.com/alphagov/signon/blob/a0f4e425115d0b993db0a2e3dcd3515a98b58991/app/views/doorkeeper_applications/edit.html.erb#L64-L72

The secret is still an editable text field:

https://github.com/alphagov/signon/blob/a0f4e425115d0b993db0a2e3dcd3515a98b58991/app/views/doorkeeper_applications/edit.html.erb#L74-L82

• UID and secret should have a minimum length of 64 characters enforced

There doesn't appear to be any validation enforcing a minimum length on these fields in either the DoorkeeperApplicationsController or the Doorkeeper::Application.

• There should be a "regenerate" button on the application page which makes new ones

There doesn't appear to be any such button on the application page.

Given all the above, I think this is still a valid issue.