fix: Update the algorithm to calculate nonce (#1295)

jdneo · web-flow · commit 3792c5702dec · 2024-03-06T10:34:52.000+08:00
Signed-off-by: Sheng Chen &lt;sheche@microsoft.com&gt;
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -322,7 +322,7 @@
     "@types/fs-extra": "^9.0.13",
     "@types/lodash": "^4.14.186",
     "@types/minimatch": "^3.0.5",
-    "@types/node": "^16.11.65",
+    "@types/node": "18.x",
     "@types/path-exists": "^3.0.0",
     "@types/react": "^17.0.50",
     "@types/react-dom": "^16.9.16",
diff --git a/src/beginner-tips/index.ts b/src/beginner-tips/index.ts
@@ -4,7 +4,7 @@
 import * as path from "path";
 import * as vscode from "vscode";
 import { sendInfo } from "vscode-extension-telemetry-wrapper";
-import { webviewCmdLinkHandler } from "../utils";
+import { getNonce, webviewCmdLinkHandler } from "../utils";
 
 const WEBVIEW_ID = "java.gettingStarted";
 const WEBVIEW_TITLE = "Tips for Beginners";
@@ -127,12 +127,3 @@ class BeginnerTipsPage {
 			</html>`;
 	}
 }
-
-function getNonce() {
-	let text = "";
-	const possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-	for (let i = 0; i < 32; i++) {
-		text += possible.charAt(Math.floor(Math.random() * possible.length));
-	}
-	return text;
-}
diff --git a/src/utils/adoptiumApi.ts b/src/utils/adoptiumApi.ts
@@ -104,7 +104,7 @@ export async function latestCompatibleAsset(featureVersion: string, jvmImpl: str
         os = "linux";
     }
 
-    let arch = process.arch;
+    let arch = process.arch as string;
     if (arch === "arm64") {
         arch = "aarch64";
     }
diff --git a/src/utils/index.ts b/src/utils/index.ts
@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT license.
 
+import * as crypto from "crypto"; 
 import * as vscode from "vscode";
 import { readFile as fsReadFile } from "fs";
 import * as util from "util";
@@ -79,10 +80,8 @@ export function isInsiders() {
 }
 
 export function getNonce() {
-  let text = "";
-  const possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-  for (let i = 0; i < 32; i++) {
-    text += possible.charAt(Math.floor(Math.random() * possible.length));
-  }
-  return text;
+  let array = new Uint32Array(16);
+  array = crypto.getRandomValues(array);
+  const buffer = Buffer.from(array);
+  return buffer.toString('base64');
 }

Original file line number	Diff line number	Diff line change
`@@ -104,7 +104,7 @@ export async function latestCompatibleAsset(featureVersion: string, jvmImpl: str`
`104`	`104`	`os = "linux";`
`105`	`105`	`}`
`106`	`106`
`107`		`- let arch = process.arch;`
	`107`	`+ let arch = process.arch as string;`
`108`	`108`	`if (arch === "arm64") {`
`109`	`109`	`arch = "aarch64";`
`110`	`110`	`}`