Don't double encrypt when updating/add if not exists

spiffworkflow-backend/src/spiffworkflow_backend/routes/service_tasks_controller.py

@@ -43,7 +43,7 @@ def authentication_callback(
     """Authentication_callback."""
     verify_token(request.args.get("token"), force_run=True)
     response = request.args["response"]
-    SecretService().update_secret(
+    SecretService.update_secret(
         f"{service}/{auth_method}", response, g.user.id, create_if_not_exists=True
     )
     return redirect(

spiffworkflow-backend/src/spiffworkflow_backend/services/secret_service.py

@@ -68,9 +68,9 @@ class SecretService:
         create_if_not_exists: Optional[bool] = False,
     ) -> None:
         """Does this pass pre commit?"""
-        value = cls._encrypt(value)
         secret_model = SecretModel.query.filter(SecretModel.key == key).first()
         if secret_model:
+            value = cls._encrypt(value)
             secret_model.value = value
             db.session.add(secret_model)
             try: