From 95c89124a66907861d7a54fc19fb048c55223469 Mon Sep 17 00:00:00 2001
From: HamidH97 <hashemi.h1375@gmail.com>
Date: Tue, 16 Dec 2025 19:14:40 +0330
Subject: [PATCH] fix: use token_checksum for lookup in
 _get_token_from_authentication_server

---
 AUTHORS                              | 3 ++-
 oauth2_provider/oauth2_validators.py | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/AUTHORS b/AUTHORS
index 4ebe787cd..9cf2fd067 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -61,6 +61,7 @@ Frederico Vieira
 Gaël Utard
 Glauco Junior
 Giovanni Giampauli
+Hamid Hashemi
 Hasan Ramezani
 Hiroki Kiyohara
 Hossein Shakiba
@@ -129,4 +130,4 @@ Yuri Savin
 Miriam Forner
 Alex Kerkum
 Tuhin Mitra
-q0w
\ No newline at end of file
+q0w
diff --git a/oauth2_provider/oauth2_validators.py b/oauth2_provider/oauth2_validators.py
index a202a6a82..7215235c6 100644
--- a/oauth2_provider/oauth2_validators.py
+++ b/oauth2_provider/oauth2_validators.py
@@ -445,9 +445,11 @@ def _get_token_from_authentication_server(
                     expires, timezone=get_timezone(oauth2_settings.AUTHENTICATION_SERVER_EXP_TIME_ZONE)
                 )
 
+            token_checksum = hashlib.sha256(token.encode("utf-8")).hexdigest()
             access_token, _created = AccessToken.objects.update_or_create(
-                token=token,
+                token_checksum=token_checksum,
                 defaults={
+                    "token": token,
                     "user": user,
                     "application": None,
                     "scope": scope,