-
-
Notifications
You must be signed in to change notification settings - Fork 127
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #552 from MasterKale/feat/530-remove-user-id-footgun
feat/530-remove-user-id-footgun
- Loading branch information
Showing
18 changed files
with
146 additions
and
103 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
import { assert, assertNotEquals } from 'https://deno.land/[email protected]/assert/mod.ts'; | ||
|
||
import { generateUserID } from './generateUserID.ts'; | ||
|
||
Deno.test('should return a buffer of 32 bytes', async () => { | ||
const userID = await generateUserID(); | ||
|
||
assert(userID.byteLength === 32); | ||
}); | ||
|
||
Deno.test('should return random bytes on each execution', async () => { | ||
const userID1 = await generateUserID(); | ||
const userID2 = await generateUserID(); | ||
|
||
assertNotEquals(userID1, userID2); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
import { isoCrypto } from './iso/index.ts'; | ||
|
||
/** | ||
* Generate a suitably random value to be used as user ID | ||
*/ | ||
export async function generateUserID(): Promise<Uint8Array> { | ||
/** | ||
* WebAuthn spec says user.id has a max length of 64 bytes. I prefer how 32 random bytes look | ||
* after they're base64url-encoded so I'm choosing to go with that here. | ||
*/ | ||
const newUserID = new Uint8Array(32); | ||
|
||
await isoCrypto.getRandomValues(newUserID); | ||
|
||
return _generateUserIDInternals.stubThis(newUserID); | ||
} | ||
|
||
// Make it possible to stub the return value during testing | ||
export const _generateUserIDInternals = { | ||
stubThis: (value: Uint8Array) => value, | ||
}; |
Oops, something went wrong.