github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 07:07:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): harden channel token and id generation

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 10:09:55 +01:00
parent c3e13175d2
commit ae8d4a8eec
9 changed files with 81 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/infra/secure-random.test.ts Normal file
View File

@@ -0,0 +1,20 @@
import { describe, expect, it } from "vitest";
import { generateSecureToken, generateSecureUuid } from "./secure-random.js";
describe("secure-random", () => {
it("generates UUIDs", () => {
const first = generateSecureUuid();
const second = generateSecureUuid();
expect(first).not.toBe(second);
expect(first).toMatch(
/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i,
);
});
it("generates url-safe tokens", () => {
const defaultToken = generateSecureToken();
const token18 = generateSecureToken(18);
expect(defaultToken).toMatch(/^[A-Za-z0-9_-]+$/);
expect(token18).toMatch(/^[A-Za-z0-9_-]{24}$/);
});
});