Timing Attacks

cf-uaa-lib is vulnerable to timing attacks. This vulnerability is caused because the HMAC hashes are not compared in constant time, allowing malicious users to guess the valid HMAC hashes based on the time that a comparison takes...