fix: max length file secret

BeyondTrust · Feb 29, 2024 · 8df5a30 · 8df5a30
1 parent a9f61d3
commit 8df5a30
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -58,8 +58,8 @@ The library supports retrieval of secrets from BeyondInsight/Password Safe versi
   - type: int
   - default: 2 minutes
   - required: False
-- maxFileSecretSize
-  - description: Max file size allows the user of the library to set a limit on the file size that the library will work with. Range 1-5000000 Bytes.
+- maxFileSecretSizeBytes
+  - description: Max file size allows the user of the library to set a limit on the file size. If max size is exceeded an error is logged and the secret is ignored. Range 1-5000000 Bytes.
   - type: int
   - default: 4000
   - required: false

diff --git a/TestClient.go b/TestClient.go
@@ -30,10 +30,10 @@ func main() {
 	clientTimeOutInSeconds := 30
 	verifyCa := true
 	retryMaxElapsedTimeMinutes := 2
-	maxFileSecretSize := 4000
+	maxFileSecretSizeBytes := 4000
 
 	// validate inputs
-	errorsInInputs := utils.ValidateInputs(clientId, clientSecret, apiUrl, clientTimeOutInSeconds, &separator, verifyCa, zapLogger, certificate, certificateKey, &retryMaxElapsedTimeMinutes, &maxFileSecretSize)
+	errorsInInputs := utils.ValidateInputs(clientId, clientSecret, apiUrl, clientTimeOutInSeconds, &separator, verifyCa, zapLogger, certificate, certificateKey, &retryMaxElapsedTimeMinutes, &maxFileSecretSizeBytes)
 
 	if errorsInInputs != nil {
 		return
@@ -52,7 +52,7 @@ func main() {
 	}
 
 	// instantiating secret obj
-	secretObj, _ := secrets.NewSecretObj(*authenticate, zapLogger, maxFileSecretSize)
+	secretObj, _ := secrets.NewSecretObj(*authenticate, zapLogger, maxFileSecretSizeBytes)
 
 	secretPaths := []string{"fake/Client", "fake/test_file_1"}
 

diff --git a/api/secrets/secrets.go b/api/secrets/secrets.go
@@ -20,17 +20,17 @@ import (
 
 // SecretObj responsible for session requests.
 type SecretObj struct {
-	log               logging.Logger
-	authenticationObj authentication.AuthenticationObj
-	maxFileSecretSize int
+	log                    logging.Logger
+	authenticationObj      authentication.AuthenticationObj
+	maxFileSecretSizeBytes int
 }
 
 // NewSecretObj creates secret obj
-func NewSecretObj(authentication authentication.AuthenticationObj, logger logging.Logger, maxFileSecretSize int) (*SecretObj, error) {
+func NewSecretObj(authentication authentication.AuthenticationObj, logger logging.Logger, maxFileSecretSizeBytes int) (*SecretObj, error) {
 	secretObj := &SecretObj{
-		log:               logger,
-		authenticationObj: authentication,
-		maxFileSecretSize: maxFileSecretSize,
+		log:                    logger,
+		authenticationObj:      authentication,
+		maxFileSecretSizeBytes: maxFileSecretSizeBytes,
 	}
 	return secretObj, nil
 }
@@ -80,8 +80,8 @@ func (secretObj *SecretObj) GetSecretFlow(secretsToRetrieve []string, separator
 
 			secretInBytes := []byte(fileSecretContent)
 
-			if len(secretInBytes) > secretObj.maxFileSecretSize {
-				secretObj.log.Error(fmt.Sprintf("%v%v%v: %v %v %v %v", secretPath, separator, secretTitle, "Secret file Size:", len(secretInBytes), "is greater than the maximum allowed size:", secretObj.maxFileSecretSize))
+			if len(secretInBytes) > secretObj.maxFileSecretSizeBytes {
+				secretObj.log.Error(fmt.Sprintf("%v%v%v: %v %v %v %v", secretPath, separator, secretTitle, "Secret file Size:", len(secretInBytes), "is greater than the maximum allowed size:", secretObj.maxFileSecretSizeBytes))
 			} else {
 				secretDictionary[secretToRetrieve] = fileSecretContent
 			}

diff --git a/api/utils/validator.go b/api/utils/validator.go
@@ -21,13 +21,13 @@ type UserInputValidaton struct {
 	ClientTimeOutinSeconds int    `validate:"gte=1,lte=300"`
 	Separator              string `validate:"required,min=1,max=1"`
 	VerifyCa               bool   `validate:"required"`
-	MaxFileSecretSize      int    `validate:"gte=1,lte=5000"`
+	MaxFileSecretSizeBytes int    `validate:"gte=1,lte=5000"`
 }
 
 var validate *validator.Validate
 
 // ValidateInputs is responsible for validating end-user inputs.
-func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientTimeOutinSeconds int, separator *string, verifyCa bool, logger logging.Logger, certificate string, certificate_key string, retryMaxElapsedTimeMinutes *int, maxFileSecretSize *int) error {
+func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientTimeOutinSeconds int, separator *string, verifyCa bool, logger logging.Logger, certificate string, certificate_key string, retryMaxElapsedTimeMinutes *int, maxFileSecretSizeBytes *int) error {
 
 	if clientTimeOutinSeconds == 0 {
 		clientTimeOutinSeconds = 30
@@ -39,8 +39,8 @@ func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientT
 		*retryMaxElapsedTimeMinutes = 2
 	}
 
-	if *maxFileSecretSize == 0 {
-		*maxFileSecretSize = 4000
+	if *maxFileSecretSizeBytes == 0 {
+		*maxFileSecretSizeBytes = 4000
 	}
 
 	validate = validator.New(validator.WithRequiredStructEnabled())
@@ -52,7 +52,7 @@ func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientT
 		ClientTimeOutinSeconds: clientTimeOutinSeconds,
 		Separator:              *separator,
 		VerifyCa:               verifyCa,
-		MaxFileSecretSize:      *maxFileSecretSize,
+		MaxFileSecretSizeBytes: *maxFileSecretSizeBytes,
 	}
 
 	if !verifyCa {