mirror of
https://github.com/pushbits/server.git
synced 2025-04-29 18:26:49 +02:00
Merge branch 'main' into sast
This commit is contained in:
eikendev
commit
66a2e74241
3 changed files with 15 additions and 14 deletions
6
Makefile
6
Makefile
|
|
@ -5,16 +5,14 @@ build:
|
||||||
|
|
||||||
.PHONY: test
|
.PHONY: test
|
||||||
test:
|
test:
|
||||||
stdout=$$(gofmt -l . 2>&1); \
|
stdout=$$(gofmt -l . 2>&1); if [ "$$stdout" ]; then exit 1; fi
|
||||||
if [ "$$stdout" ]; then \
|
|
||||||
exit 1; \
|
|
||||||
fi
|
|
||||||
go vet ./...
|
go vet ./...
|
||||||
gocyclo -over 10 $(shell find . -iname '*.go' -type f)
|
gocyclo -over 10 $(shell find . -iname '*.go' -type f)
|
||||||
staticcheck ./...
|
staticcheck ./...
|
||||||
go test -v -cover ./...
|
go test -v -cover ./...
|
||||||
gosec -exclude-dir=tests ./...
|
gosec -exclude-dir=tests ./...
|
||||||
semgrep --lang=go --config=tests/semgrep
|
semgrep --lang=go --config=tests/semgrep
|
||||||
|
@printf '\n%s\n' "> Test successful"
|
||||||
|
|
||||||
.PHONY: setup
|
.PHONY: setup
|
||||||
setup:
|
setup:
|
||||||
|
|
|
||||||
|
|
@ -53,5 +53,7 @@ func GenerateApplicationToken(compat bool) string {
|
||||||
tokenLength = compatTokenLength
|
tokenLength = compatTokenLength
|
||||||
}
|
}
|
||||||
|
|
||||||
|
tokenLength -= len(applicationTokenPrefix)
|
||||||
|
|
||||||
return applicationTokenPrefix + generateRandomString(tokenLength)
|
return applicationTokenPrefix + generateRandomString(tokenLength)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,28 +1,29 @@
|
||||||
package authentication
|
package authentication
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"log"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
||||||
func isGoodToken(assert *assert.Assertions, require *require.Assertions, token string, compat bool) {
|
const (
|
||||||
prefix := token[0:len(applicationTokenPrefix)]
|
minRandomChars = 14
|
||||||
token = token[len(applicationTokenPrefix):]
|
)
|
||||||
|
|
||||||
// Although constant at the time of writing, this check should prevent future changes from generating insecure tokens.
|
func isGoodToken(assert *assert.Assertions, require *require.Assertions, token string, compat bool) {
|
||||||
if len(token) < 14 {
|
tokenLength := len(token)
|
||||||
log.Fatalf("Tokens should have more random characters")
|
|
||||||
}
|
|
||||||
|
|
||||||
if compat {
|
if compat {
|
||||||
assert.Equal(len(token), compatTokenLength, "Unexpected compatibility token length")
|
assert.Equal(tokenLength, compatTokenLength, "Unexpected compatibility token length")
|
||||||
} else {
|
} else {
|
||||||
assert.Equal(len(token), regularTokenLength, "Unexpected regular token length")
|
assert.Equal(tokenLength, regularTokenLength, "Unexpected regular token length")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
randomChars := tokenLength - len(applicationTokenPrefix)
|
||||||
|
assert.GreaterOrEqual(randomChars, minRandomChars, "Token is too short to give sufficient entropy")
|
||||||
|
|
||||||
|
prefix := token[0:len(applicationTokenPrefix)]
|
||||||
assert.Equal(prefix, applicationTokenPrefix, "Invalid token prefix")
|
assert.Equal(prefix, applicationTokenPrefix, "Invalid token prefix")
|
||||||
|
|
||||||
for _, c := range []byte(token) {
|
for _, c := range []byte(token) {
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue