refactor: suggestions from copilot

Author: peppescg

src/lib/__tests__/auth.test.ts

@@ -1,7 +1,10 @@
-import crypto from "crypto";
 import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
 import type { OidcTokenData } from "../auth";
-import { clearOidcProviderToken, getOidcProviderAccessToken } from "../auth";
+import {
+  clearOidcProviderToken,
+  encrypt,
+  getOidcProviderAccessToken,
+} from "../auth";
 
 // Mock next/headers
 const mockCookies = vi.hoisted(() => ({
@@ -27,36 +30,6 @@ vi.mock("better-auth/plugins", () => ({
   genericOAuth: vi.fn(() => ({})),
 }));
 
-// Encryption helper using same logic as auth.ts
-const ENCRYPTION_SALT = "oidc_token_salt";
-const KEY_LENGTH = 32;
-const IV_LENGTH = 12;
-
-// Cache derived key to match auth.ts behavior
-const TEST_DERIVED_KEY = crypto.scryptSync(
-  process.env.BETTER_AUTH_SECRET as string,
-  ENCRYPTION_SALT,
-  KEY_LENGTH,
-);
-
-function encryptTestData(text: string): string {
-  const iv = crypto.randomBytes(IV_LENGTH);
-  const cipher = crypto.createCipheriv("aes-256-gcm", TEST_DERIVED_KEY, iv);
-
-  const encrypted = Buffer.concat([
-    cipher.update(text, "utf8"),
-    cipher.final(),
-  ]);
-
-  const authTag = cipher.getAuthTag();
-
-  return [
-    iv.toString("hex"),
-    authTag.toString("hex"),
-    encrypted.toString("hex"),
-  ].join(":");
-}
-
 describe("auth.ts", () => {
   let consoleErrorSpy: ReturnType<typeof vi.spyOn>;
 
@@ -78,8 +51,8 @@ describe("auth.ts", () => {
         expiresAt: Date.now() + 3600000,
       });
 
-      // Encrypt using helper
-      const encryptedPayload = encryptTestData(originalData);
+      // Encrypt using exported function
+      const encryptedPayload = encrypt(originalData);
 
       // Verify format (iv:authTag:encrypted)
       const parts = encryptedPayload.split(":");
@@ -91,8 +64,8 @@ describe("auth.ts", () => {
     it("should create different ciphertext for same plaintext", () => {
       const data = "same plaintext";
 
-      const encrypted1 = encryptTestData(data);
-      const encrypted2 = encryptTestData(data);
+      const encrypted1 = encrypt(data);
+      const encrypted2 = encrypt(data);
 
       // Different IV should produce different ciphertext
       expect(encrypted1).not.toBe(encrypted2);
@@ -124,9 +97,7 @@ describe("auth.ts", () => {
         expiresAt: Date.now() - 1000, // Expired 1 second ago
       };
 
-      const encryptedPayload = encryptTestData(
-        JSON.stringify(expiredTokenData),
-      );
+      const encryptedPayload = encrypt(JSON.stringify(expiredTokenData));
       mockCookies.get.mockReturnValue({ value: encryptedPayload });
 
       const token = await getOidcProviderAccessToken("user-123");
@@ -142,7 +113,7 @@ describe("auth.ts", () => {
         expiresAt: Date.now() + 3600000,
       };
 
-      const encryptedPayload = encryptTestData(JSON.stringify(tokenData));
+      const encryptedPayload = encrypt(JSON.stringify(tokenData));
       mockCookies.get.mockReturnValue({ value: encryptedPayload });
 
       const token = await getOidcProviderAccessToken("user-123");
@@ -157,7 +128,7 @@ describe("auth.ts", () => {
         expiresAt: Date.now() + 3600000, // Valid for 1 hour
       };
 
-      const encryptedPayload = encryptTestData(JSON.stringify(tokenData));
+      const encryptedPayload = encrypt(JSON.stringify(tokenData));
       mockCookies.get.mockReturnValue({ value: encryptedPayload });
 
       const token = await getOidcProviderAccessToken("user-123");
@@ -172,7 +143,7 @@ describe("auth.ts", () => {
         // No userId, no expiresAt
       };
 
-      const encryptedPayload = encryptTestData(JSON.stringify(invalidData));
+      const encryptedPayload = encrypt(JSON.stringify(invalidData));
       mockCookies.get.mockReturnValue({ value: encryptedPayload });
 
       const token = await getOidcProviderAccessToken("user-123");
@@ -190,8 +161,9 @@ describe("auth.ts", () => {
       const token = await getOidcProviderAccessToken("user-123");
 
       expect(token).toBeNull();
+      expect(mockCookies.delete).toHaveBeenCalledWith("oidc_token");
       expect(consoleErrorSpy).toHaveBeenCalledWith(
-        "[Auth] Error reading OIDC token from cookie:",
+        "[Auth] Token decryption failed - possible tampering or key mismatch:",
         expect.any(Error),
       );
     });

src/lib/auth.ts

@@ -8,18 +8,27 @@ import { cookies } from "next/headers";
 const OIDC_PROVIDER_ID = process.env.OIDC_PROVIDER_ID || "oidc";
 const OIDC_ISSUER = process.env.OIDC_ISSUER || "";
 const BASE_URL = process.env.BETTER_AUTH_URL || "http://localhost:3000";
-const ENCRYPTION_KEY =
-  process.env.BETTER_AUTH_SECRET || "build-time-placeholder";
+const ENCRYPTION_KEY = process.env.BETTER_AUTH_SECRET;
 const IS_PRODUCTION = process.env.NODE_ENV === "production";
 
 // Encryption constants
-const ENCRYPTION_SALT = "oidc_token_salt";
 const KEY_LENGTH = 32;
 const IV_LENGTH = 12;
 
+/**
+ * Static salt for key derivation.
+ *
+ * NOTE: Using a constant salt is intentional and secure in this context.
+ * We're deriving an encryption key from a secret (BETTER_AUTH_SECRET), not hashing passwords.
+ * The salt ensures consistent key derivation from the same secret across restarts.
+ * Security comes from the secret itself, not from the salt.
+ * Each encryption operation uses a unique random IV for semantic security.
+ */
+const ENCRYPTION_SALT = "oidc_token_salt";
+
 // Derive encryption key once at module initialization to avoid blocking event loop
 const DERIVED_KEY = crypto.scryptSync(
-  ENCRYPTION_KEY,
+  ENCRYPTION_KEY as string,
   ENCRYPTION_SALT,
   KEY_LENGTH,
 );
@@ -71,8 +80,9 @@ function isOidcTokenData(data: unknown): data is OidcTokenData {
  * Encrypts data using AES-256-GCM (AEAD).
  * Provides both confidentiality and integrity/authentication.
  * Returns encrypted data in format: iv:authTag:encrypted (all hex-encoded).
+ * Exported for testing purposes.
  */
-function encrypt(text: string): string {
+export function encrypt(text: string): string {
   const iv = crypto.randomBytes(IV_LENGTH);
   const cipher = crypto.createCipheriv("aes-256-gcm", DERIVED_KEY, iv);
 
@@ -94,8 +104,9 @@ function encrypt(text: string): string {
  * Decrypts data encrypted with AES-256-GCM.
  * Verifies authenticity before decryption.
  * Expects data in format: iv:authTag:encrypted (all hex-encoded).
+ * Exported for testing purposes.
  */
-function decrypt(payload: string): string {
+export function decrypt(payload: string): string {
   const [ivHex, tagHex, encryptedHex] = payload.split(":");
 
   if (!ivHex || !tagHex || !encryptedHex) {
@@ -190,8 +201,31 @@ export async function getOidcProviderAccessToken(
       return null;
     }
 
-    const decrypted = decrypt(encryptedCookie.value);
-    const parsedData: unknown = JSON.parse(decrypted);
+    let decrypted: string;
+    try {
+      decrypted = decrypt(encryptedCookie.value);
+    } catch (error) {
+      // Decryption failure indicates tampering, corruption, or wrong secret
+      console.error(
+        "[Auth] Token decryption failed - possible tampering or key mismatch:",
+        error,
+      );
+      cookieStore.delete(COOKIE_NAME);
+      return null;
+    }
+
+    let parsedData: unknown;
+    try {
+      parsedData = JSON.parse(decrypted);
+    } catch (error) {
+      // JSON parsing failure indicates malformed data
+      console.error(
+        "[Auth] Token JSON parsing failed - malformed data:",
+        error,
+      );
+      cookieStore.delete(COOKIE_NAME);
+      return null;
+    }
 
     // Runtime validation using type guard
     if (!isOidcTokenData(parsedData)) {
@@ -208,14 +242,15 @@ export async function getOidcProviderAccessToken(
 
     // Check if token is expired
     const now = Date.now();
-    if (parsedData.expiresAt < now) {
+    if (parsedData.expiresAt <= now) {
       cookieStore.delete(COOKIE_NAME);
       return null;
     }
 
     return parsedData.accessToken;
   } catch (error) {
-    console.error("[Auth] Error reading OIDC token from cookie:", error);
+    // Unexpected error (e.g., cookie operations failure)
+    console.error("[Auth] Unexpected error reading OIDC token:", error);
     return null;
   }
 }