From 24d50366e9174bd6face4e36e6b743f05340c9dc Mon Sep 17 00:00:00 2001 From: Stavros Date: Thu, 26 Feb 2026 16:45:48 +0200 Subject: [PATCH] refactor: use own utility for creating random strings (more flexible than stdlib) --- internal/controller/oidc_controller.go | 3 +-- internal/service/oidc_service.go | 8 ++++---- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/internal/controller/oidc_controller.go b/internal/controller/oidc_controller.go index 3be8d66..f912062 100644 --- a/internal/controller/oidc_controller.go +++ b/internal/controller/oidc_controller.go @@ -1,7 +1,6 @@ package controller import ( - "crypto/rand" "errors" "fmt" "net/http" @@ -145,7 +144,7 @@ func (controller *OIDCController) Authorize(c *gin.Context) { // WARNING: Since Tinyauth is stateless, we cannot have a sub that never changes. We will just create a uuid out of the username and client name which remains stable, but if username or client name changes then sub changes too. sub := utils.GenerateUUID(fmt.Sprintf("%s:%s", userContext.Username, client.ID)) - code := rand.Text() + code := utils.GenerateString(32) // Before storing the code, delete old session err = controller.oidc.DeleteOldSession(c, sub) diff --git a/internal/service/oidc_service.go b/internal/service/oidc_service.go index 2a05dba..5ce5ddd 100644 --- a/internal/service/oidc_service.go +++ b/internal/service/oidc_service.go @@ -403,8 +403,8 @@ func (service *OIDCService) GenerateAccessToken(c *gin.Context, client config.OI return TokenResponse{}, err } - accessToken := rand.Text() - refreshToken := rand.Text() + accessToken := utils.GenerateString(32) + refreshToken := utils.GenerateString(32) tokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry) * time.Second).Unix() @@ -464,8 +464,8 @@ func (service *OIDCService) RefreshAccessToken(c *gin.Context, refreshToken stri return TokenResponse{}, err } - accessToken := rand.Text() - newRefreshToken := rand.Text() + accessToken := utils.GenerateString(32) + newRefreshToken := utils.GenerateString(32) tokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry) * time.Second).Unix() refrshTokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry*2) * time.Second).Unix()