refactor: use own utility for creating random strings (more flexible

than stdlib)

internal/controller/oidc_controller.go

@@ -1,7 +1,6 @@
 package controller
 
 import (
-	"crypto/rand"
 	"errors"
 	"fmt"
 	"net/http"
@@ -145,7 +144,7 @@ func (controller *OIDCController) Authorize(c *gin.Context) {
 
 	// WARNING: Since Tinyauth is stateless, we cannot have a sub that never changes. We will just create a uuid out of the username and client name which remains stable, but if username or client name changes then sub changes too.
 	sub := utils.GenerateUUID(fmt.Sprintf("%s:%s", userContext.Username, client.ID))
-	code := rand.Text()
+	code := utils.GenerateString(32)
 
 	// Before storing the code, delete old session
 	err = controller.oidc.DeleteOldSession(c, sub)

internal/service/oidc_service.go

@@ -403,8 +403,8 @@ func (service *OIDCService) GenerateAccessToken(c *gin.Context, client config.OI
 		return TokenResponse{}, err
 	}
 
-	accessToken := rand.Text()
-	refreshToken := rand.Text()
+	accessToken := utils.GenerateString(32)
+	refreshToken := utils.GenerateString(32)
 
 	tokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry) * time.Second).Unix()
 
@@ -464,8 +464,8 @@ func (service *OIDCService) RefreshAccessToken(c *gin.Context, refreshToken stri
 		return TokenResponse{}, err
 	}
 
-	accessToken := rand.Text()
-	newRefreshToken := rand.Text()
+	accessToken := utils.GenerateString(32)
+	newRefreshToken := utils.GenerateString(32)
 
 	tokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry) * time.Second).Unix()
 	refrshTokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry*2) * time.Second).Unix()