3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 08:19:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

devices: shrink credentials by removing unnecessary data (#2951)

Browse source
This commit is contained in:
Caleb Doxsey 2022-01-21 09:32:33 -07:00 committed by GitHub
parent 6574926c42
commit 9f4fc986ee
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 138 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

106
pkg/grpc/device/device_test.go Normal file
View file

@ -0,0 +1,106 @@
package device
import (
"bytes"
"testing"
"github.com/stretchr/testify/assert"
)
func TestShrinkCredential(t *testing.T) {
t.Run("authenticate response", func(t *testing.T) {
credential := &Credential{
Id: "c1",
TypeId: "t1",
EnrollmentId: "e1",
UserId: "u1",
Specifier: &Credential_Webauthn{
Webauthn: &Credential_WebAuthn{
Id: []byte{0, 1, 2},
PublicKey: []byte{3, 4, 5},
RegisterOptions: bytes.Repeat([]byte{1}, 10),
RegisterResponse: bytes.Repeat([]byte{2}, 10),
AuthenticateResponse: [][]byte{
bytes.Repeat([]byte{3}, 64*1024),
bytes.Repeat([]byte{4}, 64*1024),
bytes.Repeat([]byte{5}, 64*1024),
bytes.Repeat([]byte{6}, 64*1024),
bytes.Repeat([]byte{7}, 64*1024),
bytes.Repeat([]byte{8}, 64*1024),
},
},
},
}
shrinkCredential(credential)
assert.Equal(t, "c1", credential.GetId())
assert.Equal(t, "t1", credential.GetTypeId())
assert.Equal(t, "e1", credential.GetEnrollmentId())
assert.Equal(t, "u1", credential.GetUserId())
assert.Equal(t, []byte{0, 1, 2}, credential.GetWebauthn().GetId())
assert.Equal(t, []byte{3, 4, 5}, credential.GetWebauthn().GetPublicKey())
assert.Equal(t, bytes.Repeat([]byte{1}, 10), credential.GetWebauthn().GetRegisterOptions())
assert.Equal(t, bytes.Repeat([]byte{2}, 10), credential.GetWebauthn().GetRegisterResponse())
assert.Equal(t, [][]byte{
bytes.Repeat([]byte{6}, 64*1024),
bytes.Repeat([]byte{7}, 64*1024),
bytes.Repeat([]byte{8}, 64*1024),
}, credential.GetWebauthn().GetAuthenticateResponse())
})
t.Run("register response", func(t *testing.T) {
credential := &Credential{
Id: "c1",
TypeId: "t1",
EnrollmentId: "e1",
UserId: "u1",
Specifier: &Credential_Webauthn{
Webauthn: &Credential_WebAuthn{
Id: []byte{0, 1, 2},
PublicKey: []byte{3, 4, 5},
RegisterOptions: bytes.Repeat([]byte{1}, 10),
RegisterResponse: bytes.Repeat([]byte{2}, 256*1024),
},
},
}
shrinkCredential(credential)
assert.Equal(t, "c1", credential.GetId())
assert.Equal(t, "t1", credential.GetTypeId())
assert.Equal(t, "e1", credential.GetEnrollmentId())
assert.Equal(t, "u1", credential.GetUserId())
assert.Equal(t, []byte{0, 1, 2}, credential.GetWebauthn().GetId())
assert.Equal(t, []byte{3, 4, 5}, credential.GetWebauthn().GetPublicKey())
assert.Equal(t, bytes.Repeat([]byte{1}, 10), credential.GetWebauthn().GetRegisterOptions())
assert.Empty(t, credential.GetWebauthn().GetRegisterResponse())
assert.Empty(t, credential.GetWebauthn().GetAuthenticateResponse())
})
t.Run("register options", func(t *testing.T) {
credential := &Credential{
Id: "c1",
TypeId: "t1",
EnrollmentId: "e1",
UserId: "u1",
Specifier: &Credential_Webauthn{
Webauthn: &Credential_WebAuthn{
Id: []byte{0, 1, 2},
PublicKey: []byte{3, 4, 5},
RegisterOptions: bytes.Repeat([]byte{1}, 256*1024),
},
},
}
shrinkCredential(credential)
assert.Equal(t, "c1", credential.GetId())
assert.Equal(t, "t1", credential.GetTypeId())
assert.Equal(t, "e1", credential.GetEnrollmentId())
assert.Equal(t, "u1", credential.GetUserId())
assert.Equal(t, []byte{0, 1, 2}, credential.GetWebauthn().GetId())
assert.Equal(t, []byte{3, 4, 5}, credential.GetWebauthn().GetPublicKey())
assert.Empty(t, credential.GetWebauthn().GetRegisterOptions())
assert.Empty(t, credential.GetWebauthn().GetRegisterResponse())
assert.Empty(t, credential.GetWebauthn().GetAuthenticateResponse())
})
}