Skip to content

[LG-16274] Limit character length on user supplied names for auth_app_configuration, piv_cac_configuration, and webauthn_configuration #12760

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
joshuaalley25 merged 24 commits into from
Jan 8, 2026
Merged

[LG-16274] Limit character length on user supplied names for auth_app_configuration, piv_cac_configuration, and webauthn_configuration #12760

Show file tree
Hide file tree
Changes from 16 commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
f524678
wip
joshuaalley25 Dec 26, 2025
5432ee1
changelog: Bug Fixes, user input limits, adding character limits to u…
joshuaalley25 Dec 29, 2025
5f604e3
adjust factories for new character limits on user supplied names
joshuaalley25 Dec 29, 2025
d14f679
rubo fixes
joshuaalley25 Dec 29, 2025
d2ae25f
adjust character limit
joshuaalley25 Dec 29, 2025
2ab449a
remove old commented code
joshuaalley25 Dec 29, 2025
cef6213
Adjust character limit to 20
joshuaalley25 Dec 30, 2025
d620572
adjust WebauthnConfiguration name length to handle platform authentic…
joshuaalley25 Jan 5, 2026
41cd3ea
Add unit tests for name length validations
joshuaalley25 Jan 5, 2026
34ce67a
remove binding
joshuaalley25 Jan 5, 2026
b5c809c
Reverting nonunique names for configurations
joshuaalley25 Jan 6, 2026
c2bbe0f
Adjusting stubs for configuration names
joshuaalley25 Jan 6, 2026
c356791
Merge branch 'main' into jralley/LG-17274-limit-mfa-field-lengths
joshuaalley25 Jan 7, 2026
2a98679
Shorten length of SP friendly name stubs
joshuaalley25 Jan 7, 2026
8cf0fad
revert friendly name changes
joshuaalley25 Jan 7, 2026
2700731
remove pry
joshuaalley25 Jan 7, 2026
8b5150b
create concern for max length constants in models
joshuaalley25 Jan 7, 2026
b43c1e4
lint
joshuaalley25 Jan 7, 2026
4288556
refine unit tests using context
joshuaalley25 Jan 7, 2026
abe1660
update override constant name
joshuaalley25 Jan 7, 2026
d569659
update factories to use constants
joshuaalley25 Jan 7, 2026
3b81221
Merge branch 'main' into jralley/LG-17274-limit-mfa-field-lengths
joshuaalley25 Jan 7, 2026
1edf180
update webauthn max length constant
joshuaalley25 Jan 7, 2026
9aa143f
remove errant imports
joshuaalley25 Jan 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion app/models/auth_app_configuration.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ class AuthAppConfiguration < ApplicationRecord

belongs_to :user

validates :name, presence: true
validates :name, presence: true, length: { maximum: 20 }

def mfa_enabled?
otp_secret_key.present?
Expand Down
3 changes: 1 addition & 2 deletions app/models/piv_cac_configuration.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@

class PivCacConfiguration < ApplicationRecord
belongs_to :user

validates :name, presence: true
validates :name, presence: true, length: { maximum: 20 }

def mfa_enabled?
x509_dn_uuid.present?
Expand Down
2 changes: 1 addition & 1 deletion app/models/webauthn_configuration.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

class WebauthnConfiguration < ApplicationRecord
belongs_to :user
validates :name, presence: true
validates :name, presence: true, length: { maximum: 80 }
validates :credential_id, presence: true
validates :credential_public_key, presence: true
validate :valid_transports
Expand Down
2 changes: 1 addition & 1 deletion spec/controllers/users/totp_setup_controller_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@
end

describe '#confirm' do
let(:name) { SecureRandom.hex }
let(:name) { SecureRandom.hex[0, 15] }
let(:success) { false }

before do
Expand Down
2 changes: 1 addition & 1 deletion spec/factories/auth_app_configurations.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
Faker::Config.locale = :en

factory :auth_app_configuration do
name { Faker::Lorem.unique.words.join(' ') }
name { Faker::Lorem.unique.words.join(' ')[0, 19] }
otp_secret_key { SecureRandom.hex(16) }
user
end
Expand Down
2 changes: 1 addition & 1 deletion spec/factories/piv_cac_configurations.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
Faker::Config.locale = :en

factory :piv_cac_configuration do
name { Faker::Lorem.unique.words.join(' ') }
name { Faker::Lorem.unique.words.join(' ')[0, 19] }
x509_dn_uuid { Random.uuid }
user
end
Expand Down
2 changes: 1 addition & 1 deletion spec/forms/totp_setup_form_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
let(:user) { create(:user) }
let(:secret) { user.generate_totp_secret }
let(:code) { generate_totp_code(secret) }
let(:name) { SecureRandom.hex }
let(:name) { SecureRandom.hex[0, 19] }

describe '#submit' do
context 'when TOTP code is valid' do
Expand Down
25 changes: 25 additions & 0 deletions spec/models/auth_app_configuration_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
require 'rails_helper'

RSpec.describe AuthAppConfiguration do
describe 'Associations' do
it { is_expected.to belong_to(:user) }
end

describe 'name validations' do
it 'is invalid when name is longer than 20 characters' do
config = AuthAppConfiguration.new(
name: 'a' * 21,
)

expect(config).not_to be_valid
end

it('is valid when name has exactly 20 characters') do
config = AuthAppConfiguration.new(
name: 'a' * 20,
)

expect(config).to be_valid
end
end
end
25 changes: 25 additions & 0 deletions spec/models/piv_cac_configuration_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
require 'rails_helper'

RSpec.describe PivCacConfiguration do
describe 'Associations' do
it { is_expected.to belong_to(:user) }
end

describe 'name validations' do
it 'is invalid when name is longer than 20 characters' do
config = PivCacConfiguration.new(
name: 'a' * 21,
)

expect(config).not_to be_valid
end

it('is valid when name has exactly 20 characters') do
config = PivCacConfiguration.new(
name: 'a' * 20,
)

expect(config).to be_valid
end
end
end
20 changes: 20 additions & 0 deletions spec/models/webauthn_configuration_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,4 +106,24 @@
it { expect(subject).not_to be_valid }
end
end

describe 'name validations' do
it 'is invalid when name is longer than 80 characters' do
config = WebauthnConfiguration.new(
name: 'a' * 81, credential_id: '111',
credential_public_key: '222'
)

expect(config).not_to be_valid
end

it('is valid when name has exactly 80 characters') do
config = WebauthnConfiguration.new(
name: 'a' * 80, credential_id: '111',
credential_public_key: '222'
)

expect(config).to be_valid
end
end
end