github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-30 05:54:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: tighten pairing token blank handling

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-14 01:04:18 +00:00
parent 5ef458ca56
commit 604203c179
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/infra/pairing-token.test.ts
View File

@@ -27,4 +27,9 @@ describe("verifyPairingToken", () => {
expect(verifyPairingToken("secret-token", "secret-token")).toBe(true);
expect(verifyPairingToken("secret-token", "secret-tokEn")).toBe(false);
});
it("rejects blank tokens even when both sides match", () => {
expect(verifyPairingToken("", "")).toBe(false);
expect(verifyPairingToken(" ", " ")).toBe(false);
});
});

3
src/infra/pairing-token.ts
View File

@@ -8,5 +8,8 @@ export function generatePairingToken(): string {
}
export function verifyPairingToken(provided: string, expected: string): boolean {
if (provided.trim().length === 0 || expected.trim().length === 0) {
return false;
}
return safeEqualSecret(provided, expected);
}