Merge pull request #664 from lmiccini/password

stuggi · web-flow · commit 5c05ea64c324 · 2025-12-15T10:48:37.000+01:00
Add password generation helper function
diff --git a/modules/common/util/password.go b/modules/common/util/password.go
@@ -0,0 +1,34 @@
+/*
+Copyright 2020 Red Hat
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package util // nolint:revive
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+)
+
+// GeneratePassword generates a random password of the specified length.
+// The password is generated using cryptographically secure random bytes
+// and encoded using base64 URL encoding.
+func GeneratePassword(length int) (string, error) {
+	bytes := make([]byte, length)
+	_, err := rand.Read(bytes)
+	if err != nil {
+		return "", err
+	}
+	return base64.URLEncoding.EncodeToString(bytes)[:length], nil
+}
diff --git a/modules/common/util/password_test.go b/modules/common/util/password_test.go
@@ -0,0 +1,52 @@
+package util // nolint:revive
+
+import (
+	"testing"
+
+	. "github.com/onsi/gomega" // nolint:revive
+)
+
+func TestGeneratePassword(t *testing.T) {
+
+	tests := []struct {
+		name   string
+		length int
+	}{
+		{
+			name:   "Generate 16 character password",
+			length: 16,
+		},
+		{
+			name:   "Generate 32 character password",
+			length: 32,
+		},
+		{
+			name:   "Generate 64 character password",
+			length: 64,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+
+			password, err := GeneratePassword(tt.length)
+
+			g.Expect(err).ToNot(HaveOccurred())
+			g.Expect(password).To(HaveLen(tt.length))
+		})
+	}
+}
+
+func TestGeneratePasswordUniqueness(t *testing.T) {
+	g := NewWithT(t)
+
+	// Generate multiple passwords and ensure they're different
+	passwords := make(map[string]bool)
+	for i := 0; i < 100; i++ {
+		password, err := GeneratePassword(32)
+		g.Expect(err).ToNot(HaveOccurred())
+		g.Expect(passwords[password]).To(BeFalse(), "Generated duplicate password")
+		passwords[password] = true
+	}
+}
