Skip to content

Commit

Permalink
fix: Update minimum Bot Token length to 58 char (#1204)
Browse files Browse the repository at this point in the history 
* Update the minimum bot token length to 58 char

- Updates the minimum length of a bot token to be 58 characters. An older 58 char bot token was found by Moiph
- Makes this value an internal const instead of a magic number

* update the TokenUtils tests for 58 char min
  • Loading branch information
@Chris-Johnston @foxbot
Chris-Johnston authored and foxbot committed Nov 30, 2018
1 parent 6f5693f commit f6413ba
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 6 deletions.
15 changes: 12 additions & 3 deletions src/Discord.Net.Core/Utils/TokenUtils.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,15 @@ namespace Discord
/// </summary>
public static class TokenUtils
{
/// <summary>
/// The minimum length of a Bot token.
/// </summary>
/// <remarks>
/// This value was determined by comparing against the examples in the Discord
/// documentation, and pre-existing tokens.
/// </remarks>
internal const int MinBotTokenLength = 58;

/// <summary>
/// Checks the validity of the supplied token of a specific type.
/// </summary>
Expand All @@ -29,11 +38,11 @@ public static void ValidateToken(TokenType tokenType, string token)
// no validation is performed on Bearer tokens
break;
case TokenType.Bot:
// bot tokens are assumed to be at least 59 characters in length
// bot tokens are assumed to be at least 58 characters in length
// this value was determined by referencing examples in the discord documentation, and by comparing with
// pre-existing tokens
if (token.Length < 59)
throw new ArgumentException(message: "A Bot token must be at least 59 characters in length.", paramName: nameof(token));
if (token.Length < MinBotTokenLength)
throw new ArgumentException(message: $"A Bot token must be at least {MinBotTokenLength} characters in length.", paramName: nameof(token));
break;
default:
// All unrecognized TokenTypes (including User tokens) are considered to be invalid.
Expand Down
10 changes: 7 additions & 3 deletions test/Discord.Net.Tests/Tests.TokenUtils.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,12 @@ public void TestBearerTokenDoesNotThrowExceptions(string token)
/// <summary>
/// Tests the behavior of <see cref="TokenUtils.ValidateToken(TokenType, string)"/>
/// to see that valid Bot tokens do not throw Exceptions.
/// Valid Bot tokens can be strings of length 59 or above.
/// Valid Bot tokens can be strings of length 58 or above.
/// </summary>
[Theory]
// missing a single character from the end, 58 char. still should be valid
[InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKW")]
// 59 char token
[InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWs")]
[InlineData("This appears to be completely invalid, however the current validation rules are not very strict.")]
[InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKWss")]
Expand All @@ -90,12 +93,12 @@ public void TestBotTokenDoesNotThrowExceptions(string token)
/// </summary>
[Theory]
[InlineData("This is invalid")]
// missing a single character from the end
[InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kKW")]
// bearer token
[InlineData("6qrZcUqja7812RVdnEKjpzOL4CvHBFG")]
// client secret
[InlineData("937it3ow87i4ery69876wqire")]
// 57 char bot token
[InlineData("MTk4NjIyNDgzNDcxOTI1MjQ4.Cl2FMQ.ZnCjm1XVW7vRze4b7Cq4se7kK")]
public void TestBotTokenInvalidThrowsArgumentException(string token)
{
Assert.Throws<ArgumentException>(() => TokenUtils.ValidateToken(TokenType.Bot, token));
Expand All @@ -113,6 +116,7 @@ public void TestBotTokenInvalidThrowsArgumentException(string token)
// TokenType.User
[InlineData(0)]
// out of range TokenType
[InlineData(-1)]
[InlineData(4)]
[InlineData(7)]
public void TestUnrecognizedTokenType(int type)
Expand Down

0 comments on commit f6413ba

Please sign in to comment.