Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: limit thing name to 128 characters #428

Merged
merged 1 commit into from
Mar 21, 2024
Merged

fix: limit thing name to 128 characters #428

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions src/main/java/com/aws/greengrass/clientdevices/auth/iot/Thing.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ public final class Thing implements AttributeProvider, Cloneable {
public static final String NAMESPACE = "Thing";
private static final String THING_NAME_ATTRIBUTE = "ThingName";
private static final String thingNamePattern = "[a-zA-Z0-9\\-_:]+";
public static final int MAX_THING_NAME_LENGTH = 128;
private static final AtomicInteger metadataTrustDurationMinutes =
new AtomicInteger(DEFAULT_CLIENT_DEVICE_TRUST_DURATION_MINUTES);

Expand All @@ -58,6 +59,9 @@ public static Thing of(String thingName) {
* @throws IllegalArgumentException If the given ThingName contains illegal characters
*/
public static Thing of(String thingName, Map<String, Instant> certificateIds) {
if (thingName.length() > MAX_THING_NAME_LENGTH) {
throw new IllegalArgumentException("Invalid thing name. Thing name is too long.");
}
if (!Pattern.matches(thingNamePattern, thingName)) {
throw new IllegalArgumentException("Invalid thing name. The thing name must match \"[a-zA-Z0-9\\-_:]+\".");
}
Expand Down
4 changes: 3 additions & 1 deletion src/main/java/com/aws/greengrass/clientdevices/auth/iot/usecases/CreateIoTThingSession.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@

import javax.inject.Inject;

import static com.aws.greengrass.clientdevices.auth.iot.Thing.MAX_THING_NAME_LENGTH;

public class CreateIoTThingSession implements UseCases.UseCase<Session, CreateSessionDTO> {
private static final Logger logger = LogManager.getLogger(CreateIoTThingSession.class);
private final ThingRegistry thingRegistry;
Expand Down Expand Up @@ -51,7 +53,7 @@ public CreateIoTThingSession(ThingRegistry thingRegistry, CertificateRegistry ce
*/
@Override
public Session apply(CreateSessionDTO dto) throws AuthenticationException {
if (dto.getThingName() != null && dto.getThingName().length() > 65_535) {
if (dto.getThingName() != null && dto.getThingName().length() > MAX_THING_NAME_LENGTH) {
throw new AuthenticationException("Thing name is too long");
}

Expand Down
2 changes: 1 addition & 1 deletion src/test/java/com/aws/greengrass/clientdevices/auth/session/MqttSessionFactoryTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ void GIVEN_credentialsWithInvalidCertificate_WHEN_createSession_THEN_throwsAuthe
void GIVEN_credentialsWithLongClientId_WHEN_createSession_THEN_throwsAuthenticationException() {
AuthenticationException ex = Assertions.assertThrows(AuthenticationException.class,
() -> mqttSessionFactory.createSession(
ImmutableMap.of("certificatePem", "PEM", "clientId", new String(new byte[65536]), "username",
ImmutableMap.of("certificatePem", "PEM", "clientId", new String(new byte[130]), "username",
"", "password", "")));
assertThat(ex.getMessage(), containsString("too long"));
}
Expand Down
Loading