youys
/
Discord.Net
Not watched
1
0
Fork 0
Code
Releases 34 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
3033 Commits
26 Branches
52 MB
6970 Download
Tree: 4433ca741b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4433ca741b'
${ noResults }
Discord.Net/test/Discord.Net.Tests/Tests.TokenUtils.cs

Tests.TokenUtils.cs 10 kB
Raw Normal View History

Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
fix: Update minimum Bot Token length to 58 char (#1204) * Update the minimum bot token length to 58 char - Updates the minimum length of a bot token to be 58 characters. An older 58 char bot token was found by Moiph - Makes this value an internal const instead of a magic number * update the TokenUtils tests for 58 char min
7 years ago
Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
fix: Update minimum Bot Token length to 58 char (#1204) * Update the minimum bot token length to 58 char - Updates the minimum length of a bot token to be 58 characters. An older 58 char bot token was found by Moiph - Makes this value an internal const instead of a magic number * update the TokenUtils tests for 58 char min
7 years ago
Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
fix: fix false invalidation when decoding token User Ids (#1278) * add a util method for padding base64 strings if they are not of an expected length * return the original string if it already contains padding, do not throw * add tests for padding method, and for token that needs padding
6 years ago
Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
fix: Update minimum Bot Token length to 58 char (#1204) * Update the minimum bot token length to 58 char - Updates the minimum length of a bot token to be 58 characters. An older 58 char bot token was found by Moiph - Makes this value an internal const instead of a magic number * update the TokenUtils tests for 58 char min
7 years ago
feature: Check for whitespace or newline characters in tokens (#1305) * Trim whitespace from tokens before logging in This change trims whitespace characters from the supplied token before it is used to log in. Users can encounter this accidentally if they read their token from a file that ends with a blank line. Leading whitespace will make the token invalid. Trailing whitespace or \n (not \r\n) will also fail to log in. \r\n (CRLF) doesn't fail because of the line break style for http request headers. * revert trimming api token * add check for whitespace or newline characters to existing token validation Checks to see if a token contains any illegal characters, like whitespace or a newline. If it is, throws an ArgumentException warning the user that their token may be invalid. I considered only checking the first and last character, but given that a token containing whitespace or a newline wouldn't work either I figured this made sense. * removed unused usings These were leftover from a previous approach using an ImmutableHashSet
6 years ago
fix: Improve validation of Bot Tokens (#1206) * improve bot token validation by trying to decode user id from token Try to decode the user id from the supplied bot token as a way of validating the token. If this should fail, indicate that the token is invalid. * Update the tokenutils tests to pass the new validation checks * Add test case for CheckBotTokenValidity method * lint: clean up whitespace * Add check for null or whitespace string, lint whitespace * fix userid conversion * Add hint to user to check that token is not an oauth client secret * Catch exception that can be thrown by GetString * Refactor token conversion logic into it's own testable method
7 years ago
Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
fix: Update minimum Bot Token length to 58 char (#1204) * Update the minimum bot token length to 58 char - Updates the minimum length of a bot token to be 58 characters. An older 58 char bot token was found by Moiph - Makes this value an internal const instead of a magic number * update the TokenUtils tests for 58 char min
7 years ago
Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
fix: Improve validation of Bot Tokens (#1206) * improve bot token validation by trying to decode user id from token Try to decode the user id from the supplied bot token as a way of validating the token. If this should fail, indicate that the token is invalid. * Update the tokenutils tests to pass the new validation checks * Add test case for CheckBotTokenValidity method * lint: clean up whitespace * Add check for null or whitespace string, lint whitespace * fix userid conversion * Add hint to user to check that token is not an oauth client secret * Catch exception that can be thrown by GetString * Refactor token conversion logic into it's own testable method
7 years ago
fix: fix false invalidation when decoding token User Ids (#1278) * add a util method for padding base64 strings if they are not of an expected length * return the original string if it already contains padding, do not throw * add tests for padding method, and for token that needs padding
6 years ago
fix: Improve validation of Bot Tokens (#1206) * improve bot token validation by trying to decode user id from token Try to decode the user id from the supplied bot token as a way of validating the token. If this should fail, indicate that the token is invalid. * Update the tokenutils tests to pass the new validation checks * Add test case for CheckBotTokenValidity method * lint: clean up whitespace * Add check for null or whitespace string, lint whitespace * fix userid conversion * Add hint to user to check that token is not an oauth client secret * Catch exception that can be thrown by GetString * Refactor token conversion logic into it's own testable method
7 years ago
fix: fix false invalidation when decoding token User Ids (#1278) * add a util method for padding base64 strings if they are not of an expected length * return the original string if it already contains padding, do not throw * add tests for padding method, and for token that needs padding
6 years ago
Add validation to bot tokens based on string length (#1128) * Add input validation for bot tokens based on their length * Add token validation to BaseDiscordClient#LoginAsync Adds a TokenUtils class which is used to validate that tokens are correct * Revert changes to DiscordRestApiClient * Add Unit tests to the TokenUtils class, fix a logic error that was caught by those tests * Allow for API to throw exceptions Moves the validation of tokens to be inside of LoginInternalAsync, and writes a Warning to the console when the supplied tokens are invalid
7 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216 
  1. using System;

  2. using System.Collections.Generic;

  3. using System.Text;

  4. using Xunit;

  5. 

  6. namespace Discord

  7. {

  8.     public class TokenUtilsTests

  9.     {

  10.         /// <summary>

  11.         ///     Tests the usage of <see cref="TokenUtils.ValidateToken(TokenType, string)"/>

  12.         ///     to see that when a null, empty or whitespace-only string is passed as the token,

  13.         ///     it will throw an ArgumentNullException.

  14.         /// </summary>

  15.         [Theory]

  16.         [InlineData(null)]

  17.         [InlineData("")] // string.Empty isn't a constant type

  18.         [InlineData(" ")]

  19.         [InlineData("    ")]

  20.         [InlineData("\t")]

  21.         public void TestNullOrWhitespaceToken(string token)

  22.         {

  23.             // an ArgumentNullException should be thrown, regardless of the TokenType

  24.             Assert.Throws<ArgumentNullException>(() => TokenUtils.ValidateToken(TokenType.Bearer, token));

  25.             Assert.Throws<ArgumentNullException>(() => TokenUtils.ValidateToken(TokenType.Bot, token));

  26.             Assert.Throws<ArgumentNullException>(() => TokenUtils.ValidateToken(TokenType.Webhook, token));

  27.         }

  28.         

  29.         /// <summary>

  30.         ///     Tests the behavior of <see cref="TokenUtils.ValidateToken(TokenType, string)"/>

  31.         ///     to see that valid Webhook tokens do not throw Exceptions.

  32.         /// </summary>

  33.         /// <param name="token"></param>

  34.         [Theory]

  35.         [InlineData("123123123")]

  36.         // bot token

  37.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs")]

  38.         // bearer token taken from discord docs

  39.         [InlineData("6qrZcUqja7812RVdnEKjpzOL4CvHBFG")]

  40.         // client secret

  41.         [InlineData("937it3ow87i4ery69876wqire")]

  42.         public void TestWebhookTokenDoesNotThrowExceptions(string token)

  43.         {

  44.             TokenUtils.ValidateToken(TokenType.Webhook, token);

  45.         }

  46. 

  47.         // No tests for invalid webhook token behavior, because there is nothing there yet.

  48. 

  49.         /// <summary>

  50.         ///     Tests the behavior of <see cref="TokenUtils.ValidateToken(TokenType, string)"/>

  51.         ///     to see that valid Webhook tokens do not throw Exceptions.

  52.         /// </summary>

  53.         /// <param name="token"></param>

  54.         [Theory]

  55.         [InlineData("123123123")]

  56.         // bot token

  57.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs")]

  58.         // bearer token taken from discord docs

  59.         [InlineData("6qrZcUqja7812RVdnEKjpzOL4CvHBFG")]

  60.         // client secret

  61.         [InlineData("937it3ow87i4ery69876wqire")]

  62.         public void TestBearerTokenDoesNotThrowExceptions(string token)

  63.         {

  64.             TokenUtils.ValidateToken(TokenType.Bearer, token);

  65.         }

  66. 

  67.         // No tests for invalid bearer token behavior, because there is nothing there yet.

  68. 

  69.         /// <summary>

  70.         ///     Tests the behavior of <see cref="TokenUtils.ValidateToken(TokenType, string)"/>

  71.         ///     to see that valid Bot tokens do not throw Exceptions.

  72.         ///     Valid Bot tokens can be strings of length 58 or above.

  73.         /// </summary>

  74.         [Theory]

  75.         // missing a single character from the end, 58 char. still should be valid

  76.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKW")]

  77.         // 59 char token

  78.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs")]

  79.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWss")]

  80.         // simulated token with a very old user id

  81.         [InlineData("ODIzNjQ4MDEzNTAxMDcxMzY=.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKW")]

  82.         public void TestBotTokenDoesNotThrowExceptions(string token)

  83.         {

  84.             // This example token is pulled from the Discord Docs

  85.             // https://discordapp.com/developers/docs/reference#authentication-example-bot-token-authorization-header

  86.             // should not throw any exception

  87.             TokenUtils.ValidateToken(TokenType.Bot, token);

  88.         }

  89. 

  90.         /// <summary>

  91.         ///     Tests the usage of <see cref="TokenUtils.ValidateToken(TokenType, string)"/> with

  92.         ///     a Bot token that is invalid.

  93.         /// </summary>

  94.         [Theory]

  95.         [InlineData("This is invalid")]

  96.         // bearer token

  97.         [InlineData("6qrZcUqja7812RVdnEKjpzOL4CvHBFG")]

  98.         // client secret

  99.         [InlineData("937it3ow87i4ery69876wqire")]

  100.         // 57 char bot token

  101.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kK")]

  102.         // ends with invalid characters

  103.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k ")]

  104.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k\n")]

  105.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k\t")]

  106.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k\r\n")]

  107.         // starts with invalid characters

  108.         [InlineData(" MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k")]

  109.         [InlineData("\nMTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k")]

  110.         [InlineData("\tMTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k")]

  111.         [InlineData("\r\nMTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7k")]

  112.         [InlineData("This is an invalid token, but it passes the check for string length.")]

  113.         // valid token, but passed in twice

  114.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWsMTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs")]

  115.         public void TestBotTokenInvalidThrowsArgumentException(string token)

  116.         {

  117.             Assert.Throws<ArgumentException>(() => TokenUtils.ValidateToken(TokenType.Bot, token));

  118.         }

  119. 

  120.         /// <summary>

  121.         ///     Tests the behavior of <see cref="TokenUtils.ValidateToken(TokenType, string)"/>

  122.         ///     to see that an <see cref="ArgumentException"/> is thrown when an invalid

  123.         ///     <see cref="TokenType"/> is supplied as a parameter.

  124.         /// </summary>

  125.         /// <remarks>

  126.         ///     The <see cref="TokenType.User"/> type is treated as an invalid <see cref="TokenType"/>.

  127.         /// </remarks>

  128.         [Theory]

  129.         // TokenType.User

  130.         [InlineData(0)]

  131.         // out of range TokenType

  132.         [InlineData(-1)]

  133.         [InlineData(4)]

  134.         [InlineData(7)]

  135.         public void TestUnrecognizedTokenType(int type)

  136.         {

  137.             Assert.Throws<ArgumentException>(() =>

  138.                 TokenUtils.ValidateToken((TokenType)type, "MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs"));

  139.         }

  140. 

  141.         /// <summary>

  142.         ///     Checks the <see cref="TokenUtils.CheckBotTokenValidity(string)"/> method for expected output.

  143.         /// </summary>

  144.         /// <param name="token"> The Bot Token to test.</param>

  145.         /// <param name="expected"> The expected result. </param>

  146.         [Theory]

  147.         // this method only checks the first part of the JWT

  148.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4..", true)]

  149.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kK", true)]

  150.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4. this part is invalid. this part is also invalid", true)]

  151.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.", false)]

  152.         [InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4", false)]

  153.         [InlineData("NDI4NDc3OTQ0MDA5MTk1NTIw.xxxx.xxxxx", true)]

  154.         // should not throw an unexpected exception

  155.         [InlineData("", false)]

  156.         [InlineData(null, false)]

  157.         public void TestCheckBotTokenValidity(string token, bool expected)

  158.         {

  159.             Assert.Equal(expected, TokenUtils.CheckBotTokenValidity(token));

  160.         }

  161. 

  162.         [Theory]

  163.         // cannot pass a ulong? as a param in InlineData, so have to have a separate param

  164.         // indicating if a value is null

  165.         [InlineData("NDI4NDc3OTQ0MDA5MTk1NTIw", false, 428477944009195520)]

  166.         // user id that has base 64 '=' padding

  167.         [InlineData("ODIzNjQ4MDEzNTAxMDcxMzY=", false, 82364801350107136)]

  168.         // user id that does not have '=' padding, and needs it

  169.         [InlineData("ODIzNjQ4MDEzNTAxMDcxMzY", false, 82364801350107136)]

  170.         // should return null w/o throwing other exceptions

  171.         [InlineData("", true, 0)]

  172.         [InlineData(" ", true, 0)]

  173.         [InlineData(null, true, 0)]

  174.         [InlineData("these chars aren't allowed @U#)*@#!)*", true, 0)]

  175.         public void TestDecodeBase64UserId(string encodedUserId, bool isNull, ulong expectedUserId)

  176.         {

  177.             var result = TokenUtils.DecodeBase64UserId(encodedUserId);

  178.             if (isNull)

  179.                 Assert.Null(result);

  180.             else

  181.                 Assert.Equal(expectedUserId, result);

  182.         }

  183. 

  184.         [Theory]

  185.         [InlineData("QQ", "QQ==")] // "A" encoded

  186.         [InlineData("QUE", "QUE=")] // "AA"

  187.         [InlineData("QUFB", "QUFB")] // "AAA"

  188.         [InlineData("QUFBQQ", "QUFBQQ==")] // "AAAA"

  189.         [InlineData("QUFBQUFB", "QUFBQUFB")] // "AAAAAA"

  190.         // strings that already contain padding will be returned, even if invalid

  191.         [InlineData("QUFBQQ==", "QUFBQQ==")]

  192.         [InlineData("QUFBQQ=", "QUFBQQ=")]

  193.         [InlineData("=", "=")]

  194.         public void TestPadBase64String(string input, string expected)

  195.         {

  196.             Assert.Equal(expected, TokenUtils.PadBase64String(input));

  197.         }

  198. 

  199.         [Theory]

  200.         // no null, empty, or whitespace

  201.         [InlineData("", typeof(ArgumentNullException))]

  202.         [InlineData(" ", typeof(ArgumentNullException))]

  203.         [InlineData("\t", typeof(ArgumentNullException))]

  204.         [InlineData(null, typeof(ArgumentNullException))]

  205.         // cannot require 3 padding chars

  206.         [InlineData("A", typeof(FormatException))]

  207.         [InlineData("QUFBQ", typeof(FormatException))]

  208.         public void TestPadBase64StringException(string input, Type type)

  209.         {

  210.             Assert.Throws(type, () =>

  211.             {

  212.                 TokenUtils.PadBase64String(input);

  213.             });

  214.         }

  215.     }

  216. }

No Description