8337863587

Committed 19 Mar 2024 05:08AM UTC coverage: 64.957% (-0.3%) from 65.241%

Build Type

github

Committed by

Commit Message

fix: apply suggestions

Pull Request Pull Request #1474: feat: add custom sms hook

Run Details

75 of 172 new or added lines in 12 files covered. (43.6%)

25 existing lines in 2 files now uncovered.

7993 of 12305 relevant lines covered (64.96%)

59.62 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

53.66

/internal/crypto/crypto.go

package crypto

import (
        "crypto/rand"
        "crypto/sha256"
        "encoding/base64"
        "fmt"
        "io"
        "math"
        "math/big"
        "strconv"
        "strings"
        "time"

        "github.com/gofrs/uuid"
        standardwebhooks "github.com/standard-webhooks/standard-webhooks/libraries/go"

        "github.com/pkg/errors"
)

// SecureToken creates a new random token
func SecureToken(options ...int) string {
        length := 16
        if len(options) > 0 {
                length = options[0]
        }
        b := make([]byte, length)
        if _, err := io.ReadFull(rand.Reader, b); err != nil {
                panic(err.Error()) // rand should never fail
        }
        return base64.RawURLEncoding.EncodeToString(b)
}

// GenerateOtp generates a random n digit otp
func GenerateOtp(digits int) (string, error) {
        upper := math.Pow10(digits)
        val, err := rand.Int(rand.Reader, big.NewInt(int64(upper)))
        if err != nil {
                return "", errors.WithMessage(err, "Error generating otp")
        }
        // adds a variable zero-padding to the left to ensure otp is uniformly random
        expr := "%0" + strconv.Itoa(digits) + "v"
        otp := fmt.Sprintf(expr, val.String())
        return otp, nil
}
func GenerateTokenHash(emailOrPhone, otp string) string {
        return fmt.Sprintf("%x", sha256.Sum224([]byte(emailOrPhone+otp)))
}

func GenerateSignatures(secrets []string, msgID uuid.UUID, currentTime time.Time, inputPayload []byte) ([]string, error) {
        SymmetricSignaturePrefix := "v1,"
        // TODO(joel): Handle asymmetric case once library has been upgraded
        var signatureList []string
        for _, secret := range secrets {
                if strings.HasPrefix(secret, SymmetricSignaturePrefix) {
                        trimmedSecret := strings.TrimPrefix(secret, SymmetricSignaturePrefix)
                        wh, err := standardwebhooks.NewWebhook(trimmedSecret)
                        if err != nil {
                                return nil, err
                        }
                        signature, err := wh.Sign(msgID.String(), currentTime, inputPayload)
                        if err != nil {
                                return nil, err
                        }
                        signatureList = append(signatureList, signature)
                } else {
                        return nil, errors.New("invalid signature format")
                }
        }
        return signatureList, nil
}

1	package crypto
2
3	import (
4	"crypto/rand"
5	"crypto/sha256"
6	"encoding/base64"
7	"fmt"
8	"io"
9	"math"
10	"math/big"
11	"strconv"
12	"strings"
13	"time"
14
15	"github.com/gofrs/uuid"
16	standardwebhooks "github.com/standard-webhooks/standard-webhooks/libraries/go"
17
18	"github.com/pkg/errors"
19	)
20
21	// SecureToken creates a new random token
22	func SecureToken(options ...int) string {	159✔
23	length := 16	159✔
24	if len(options) > 0 {	159✔
25	length = options[0]	×
26	}	×
27	b := make([]byte, length)	159✔
28	if _, err := io.ReadFull(rand.Reader, b); err != nil {	159✔
29	panic(err.Error()) // rand should never fail	×
30	}
31	return base64.RawURLEncoding.EncodeToString(b)	159✔
32	}
33
34	// GenerateOtp generates a random n digit otp
35	func GenerateOtp(digits int) (string, error) {	44✔
36	upper := math.Pow10(digits)	44✔
37	val, err := rand.Int(rand.Reader, big.NewInt(int64(upper)))	44✔
38	if err != nil {	44✔
39	return "", errors.WithMessage(err, "Error generating otp")	×
40	}	×
41	// adds a variable zero-padding to the left to ensure otp is uniformly random
42	expr := "%0" + strconv.Itoa(digits) + "v"	44✔
43	otp := fmt.Sprintf(expr, val.String())	44✔
44	return otp, nil	44✔
45	}
46	func GenerateTokenHash(emailOrPhone, otp string) string {	92✔
47	return fmt.Sprintf("%x", sha256.Sum224([]byte(emailOrPhone+otp)))	92✔
48	}	92✔
49
50	func GenerateSignatures(secrets []string, msgID uuid.UUID, currentTime time.Time, inputPayload []byte) ([]string, error) {	4✔
51	SymmetricSignaturePrefix := "v1,"	4✔
52	// TODO(joel): Handle asymmetric case once library has been upgraded	4✔
53	var signatureList []string	4✔
54	for _, secret := range secrets {	4✔
NEW 55	if strings.HasPrefix(secret, SymmetricSignaturePrefix) {	×
NEW 56	trimmedSecret := strings.TrimPrefix(secret, SymmetricSignaturePrefix)	×
NEW 57	wh, err := standardwebhooks.NewWebhook(trimmedSecret)	×
NEW 58	if err != nil {	×
NEW 59	return nil, err	×
NEW 60	}	×
NEW 61	signature, err := wh.Sign(msgID.String(), currentTime, inputPayload)	×
NEW 62	if err != nil {	×
NEW 63	return nil, err	×
NEW 64	}	×
NEW 65	signatureList = append(signatureList, signature)	×
NEW 66	} else {	×
NEW 67	return nil, errors.New("invalid signature format")	×
NEW 68	}	×
69	}
70	return signatureList, nil	4✔
71	}

supabase / gotrue / 8337863587

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous