3pp-mirror/pushbits
1
0
Fork 0
mirror of https://github.com/pushbits/server.git synced 2025-05-23 05:46:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix token lengths

Browse source
This commit is contained in:
eikendev 2022-02-11 23:48:08 +01:00
parent 0ee3f69d15
commit 47f10c03ae
No known key found for this signature in database
GPG key ID: A1BDB1B28C8EF694
2 changed files with 4 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

11
internal/authentication/token_test.go
View file

@ -1,7 +1,6 @@
package authentication
import (
"log"
"testing"
"github.com/stretchr/testify/assert"
@ -9,20 +8,14 @@ import (
)
func isGoodToken(assert *assert.Assertions, require *require.Assertions, token string, compat bool) {
prefix := token[0:len(applicationTokenPrefix)]
token = token[len(applicationTokenPrefix):]
// Although constant at the time of writing, this check should prevent future changes from generating insecure tokens.
if len(token) < 14 {
log.Fatalf("Tokens should have more random characters")
}
if compat {
assert.Equal(len(token), compatTokenLength, "Unexpected compatibility token length")
} else {
assert.Equal(len(token), regularTokenLength, "Unexpected regular token length")
}
prefix := token[0:len(applicationTokenPrefix)]
assert.Equal(prefix, applicationTokenPrefix, "Invalid token prefix")
for _, c := range []byte(token) {