Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-02-08 00:01:28 +01:00
Code Issues Projects Releases Wiki Activity

[EC-598] feat: check user id length

Browse Source
This commit is contained in:
Andreas Coroiu 2023-03-30 13:54:46 +02:00
parent f172625f26
commit b8821ccd3d
No known key found for this signature in database
GPG Key ID: E70B5FFC81DFEC1A
2 changed files with 34 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
libs/common/src/webauthn/services/fido2-client.service.spec.ts
View File

@ -19,12 +19,37 @@ describe("FidoAuthenticatorService", () => {
describe("createCredential", () => { describe("createCredential", () => {
describe("invalid input parameters", () => { describe("invalid input parameters", () => {
/** Spec: If sameOriginWithAncestors is false, return a "NotAllowedError" DOMException. */ /** Spec: If sameOriginWithAncestors is false, return a "NotAllowedError" DOMException. */
it("throw error if sameOriginWithAncestors is false", async () => { it("should throw error if sameOriginWithAncestors is false", async () => {
const params = createParams({ sameOriginWithAncestors: false }); const params = createParams({ sameOriginWithAncestors: false });
const result = async () => await client.createCredential(params); const result = async () => await client.createCredential(params);
await expect(result).rejects.toThrowError(new DOMException(undefined, "NotAllowedError")); const rejects = await expect(result).rejects;
rejects.toMatchObject({ name: "NotAllowedError" });
rejects.toBeInstanceOf(DOMException);
});
/** Spec: If the length of options.user.id is not between 1 and 64 bytes (inclusive) then return a TypeError. */
it("should throw error if user.id is too small", async () => {
const params = createParams({ user: { id: "", displayName: "name" } });
const result = async () => await client.createCredential(params);
await expect(result).rejects.toBeInstanceOf(TypeError);
});
/** Spec: If the length of options.user.id is not between 1 and 64 bytes (inclusive) then return a TypeError. */
it("should throw error if user.id is too large", async () => {
const params = createParams({
user: {
id: "YWJzb2x1dGVseS13YXktd2F5LXRvby1sYXJnZS1iYXNlNjQtZW5jb2RlZC11c2VyLWlkLWJpbmFyeS1zZXF1ZW5jZQ",
displayName: "name",
},
});
const result = async () => await client.createCredential(params);
await expect(result).rejects.toBeInstanceOf(TypeError);
}); });
}); });

8
libs/common/src/webauthn/services/fido2-client.service.ts
View File

@ -6,6 +6,7 @@ import {
CreateCredentialResult, CreateCredentialResult,
Fido2ClientService as Fido2ClientServiceAbstraction, Fido2ClientService as Fido2ClientServiceAbstraction,
} from "../abstractions/fido2-client.service.abstraction"; } from "../abstractions/fido2-client.service.abstraction";
import { Fido2Utils } from "../abstractions/fido2-utils";
export class Fido2ClientService implements Fido2ClientServiceAbstraction { export class Fido2ClientService implements Fido2ClientServiceAbstraction {
constructor(private authenticator: Fido2AuthenticatorService) {} constructor(private authenticator: Fido2AuthenticatorService) {}
@ -15,7 +16,12 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
abortController?: AbortController abortController?: AbortController
): Promise<CreateCredentialResult> { ): Promise<CreateCredentialResult> {
if (!params.sameOriginWithAncestors) { if (!params.sameOriginWithAncestors) {
throw new DOMException(undefined, "NotAllowedError"); throw new DOMException("Invalid 'sameOriginWithAncestors' value", "NotAllowedError");
}
const userId = Fido2Utils.stringToBuffer(params.user.id);
if (userId.length < 1 || userId.length > 64) {
throw new TypeError("Invalid 'user.id' length");
} }
throw new Error("Not implemented"); throw new Error("Not implemented");