3pp-mirror/pushbits
1
0
Fork 0
mirror of https://github.com/pushbits/server.git synced 2025-05-23 05:46:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

Consider the prefix when testing token length

Browse source
This commit is contained in:
eikendev 2022-02-13 11:55:43 +01:00
parent 500a8cd4b0
commit be99411b1b
No known key found for this signature in database
GPG key ID: A1BDB1B28C8EF694
2 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

12
internal/authentication/token_test.go
View file

@ -8,20 +8,22 @@ import (
)
const (
minTokenLength = 14
minRandomChars = 14
)
func isGoodToken(assert *assert.Assertions, require *require.Assertions, token string, compat bool) {
tokenLength := len(token)
if compat {
assert.Equal(len(token), compatTokenLength, "Unexpected compatibility token length")
assert.Equal(tokenLength, compatTokenLength, "Unexpected compatibility token length")
} else {
assert.Equal(len(token), regularTokenLength, "Unexpected regular token length")
assert.Equal(tokenLength, regularTokenLength, "Unexpected regular token length")
}
assert.GreaterOrEqual(len(token), minTokenLength, "Token is too short to give sufficient entropy")
randomChars := tokenLength - len(applicationTokenPrefix)
assert.GreaterOrEqual(randomChars, minRandomChars, "Token is too short to give sufficient entropy")
prefix := token[0:len(applicationTokenPrefix)]
assert.Equal(prefix, applicationTokenPrefix, "Invalid token prefix")
for _, c := range []byte(token) {