0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-27 01:44:10 -05:00
forgejo/modules/secret/secret_test.go
wxiaoguang 0bb52883eb
Improve decryption failure message (#24573)
Help some users like #16832 #1851

There are many users reporting similar problem: if the SECRET_KEY
mismatches, some operations (like 2FA login) only reports unclear 500
error and unclear "base64 decode error" log (some maintainers ever spent
a lot of time on debugging such problem)

The SECRET_KEY was not well-designed and it is also a kind of technical
debt. Since it couldn't be fixed easily, it's good to add clearer error
messages, then at least users could know what the real problem is.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-05-07 19:29:43 +08:00

31 lines
933 B
Go

// Copyright 2019 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package secret
import (
"testing"
"github.com/stretchr/testify/assert"
)
func TestEncryptDecrypt(t *testing.T) {
hex, err := EncryptSecret("foo", "baz")
assert.NoError(t, err)
str, _ := DecryptSecret("foo", hex)
assert.Equal(t, "baz", str)
hex, err = EncryptSecret("bar", "baz")
assert.NoError(t, err)
str, _ = DecryptSecret("foo", hex)
assert.NotEqual(t, "baz", str)
_, err = DecryptSecret("a", "b")
assert.ErrorContains(t, err, "invalid hex string")
_, err = DecryptSecret("a", "bb")
assert.ErrorContains(t, err, "the key (maybe SECRET_KEY?) might be incorrect: AesDecrypt ciphertext too short")
_, err = DecryptSecret("a", "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
assert.ErrorContains(t, err, "the key (maybe SECRET_KEY?) might be incorrect: AesDecrypt invalid decrypted base64 string")
}