Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ANCHOR-328] Add homeDomain and webAuthDomain length validation #942

Conversation

lijamie98
Copy link
Collaborator

@lijamie98 lijamie98 commented Jun 13, 2023

PR Checklist

PR Structure

  • This PR has reasonably narrow scope (if not, break it down into smaller PRs).
  • This PR avoids mixing refactoring changes with feature changes (split into two PRs
    otherwise).
  • This PR's title starts with name of package that is most changed in the PR, ex.
    paymentservice.stellar, or all or doc if the changes are broad or impact many
    packages.

Thoroughness

  • This PR adds tests for the most critical parts of the new functionality or fixes.

What

Add validation that calls ManageDataOperation.Builder to validate the homeDomain and webAuthDomain.

Why

Cath the errors early.

try {
new ManageDataOperation.Builder(String.format("%s %s", homeDomain, "auth"), nonce).build();
} catch (IllegalArgumentException iaex) {
errors.rejectValue(
Copy link
Contributor

@Ifropc Ifropc Jun 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we have a special error for when domains are too long? Current error message is hard to debug for outside developer.

Copy link
Collaborator Author

@lijamie98 lijamie98 Jun 13, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey Gleb, thanks for commenting. Just a reminder that this is still a draft.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will modify the error messages.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah sorry about that, I thought it wasn't a draft. Sounds good, thank you

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No problem. 💯

@stellar-jenkins
Copy link

Reference Server Preview is available here:
https://anchor-ref-pr942.previews.kube001.services.stellar-ops.com/
SEP Server Preview is available here:
https://anchor-sep-pr942.previews.kube001.services.stellar-ops.com/

@lijamie98 lijamie98 marked this pull request as draft June 13, 2023 23:56
@stellar-jenkins
Copy link

Reference Server Preview is available here:
https://anchor-ref-pr942.previews.kube001.services.stellar-ops.com/
SEP Server Preview is available here:
https://anchor-sep-pr942.previews.kube001.services.stellar-ops.com/

1 similar comment
@stellar-jenkins
Copy link

Reference Server Preview is available here:
https://anchor-ref-pr942.previews.kube001.services.stellar-ops.com/
SEP Server Preview is available here:
https://anchor-sep-pr942.previews.kube001.services.stellar-ops.com/

@lijamie98 lijamie98 marked this pull request as ready for review June 14, 2023 00:20
@stellar-jenkins
Copy link

Reference Server Preview is available here:
https://anchor-ref-pr942.previews.kube001.services.stellar-ops.com/
SEP Server Preview is available here:
https://anchor-sep-pr942.previews.kube001.services.stellar-ops.com/

@lijamie98 lijamie98 removed the request for review from JiahuiWho June 14, 2023 00:24
@lijamie98 lijamie98 force-pushed the feature/anchor-328-fix-sep-10-domain-validation branch from 700de57 to 73989f1 Compare June 14, 2023 00:24
@stellar-jenkins
Copy link

Reference Server Preview is available here:
https://anchor-ref-pr942.previews.kube001.services.stellar-ops.com/
SEP Server Preview is available here:
https://anchor-sep-pr942.previews.kube001.services.stellar-ops.com/

@@ -87,6 +87,18 @@ void validateConfig(Errors errors) {
errors.rejectValue(
"homeDomain", "home-domain-empty", "The sep10.home_domain is not defined.");
} else {
try {
new ManageDataOperation.Builder(String.format("%s %s", homeDomain, "auth"), new byte[64])
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we make the length check more explicit? Something like:

byte[] bytes = homeDomain.getBytes(StandardCharsets.US_ASCII);
if (bytes.length > 64) {
     errors.reject( ... )
}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a good alternative. However, the size check (<=64) happens in the ManageDataOperation constructor. It would be more robust if we call the ManageDataOperation.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if I'm convinced that is more robust. For example, if there are new validations added to the ManageDataOperation constructor, we will fail with a message complaining about the size. Or if the allowed since increases from 64, we will need to update the message here.

Copy link
Collaborator Author

@lijamie98 lijamie98 Jun 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is actually intended if there is a new validation added to ManageDataOperation, the validation should fail because AP uses ManageDataOperation to create SEP-10 challenge.

If the size is changed in ManageDataOperation is changed, we should change the message as well. One option is to remove the size 64. But this seems to cause more harm than benefits because the ManageDataOperation change requires XDR change which is not very likely.

If there is no strong reason, I think we can stay with the current approach and change it in the future PR if necessary.

@lijamie98 lijamie98 merged commit 6cbaa48 into stellar:develop Jun 14, 2023
@lijamie98 lijamie98 self-assigned this Jun 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants