Merge pull request #23 from PandaTechAM/development

Secure token generate method added
PandaTechAM · Oct 18, 2024 · 24683b3 · 24683b3
2 parents 62a959e + 233f932
commit 24683b3
Show file tree

Hide file tree

Showing 5 changed files with 36 additions and 9 deletions.
diff --git a/Readme.md b/Readme.md
@@ -152,6 +152,7 @@ var isPasswordValid = _argon2Id.VerifyHash("yourPassword", hashedPassword);
 ```csharp
 var randomBytes = Random.GenerateBytes(16);
 var aesKey = Random.GenerateAes256KeyString();
+var unimaginableUniqueAndRandomToken = Random.GenerateSecureToken() //256-bit token in string format
 ```
 
 ### 1.4.5. Password Class

diff --git a/src/Pandatech.Crypto/Pandatech.Crypto.csproj b/src/Pandatech.Crypto/Pandatech.Crypto.csproj
@@ -8,12 +8,12 @@
         <Copyright>MIT</Copyright>
         <PackageIcon>pandatech.png</PackageIcon>
         <PackageReadmeFile>Readme.md</PackageReadmeFile>
-        <Version>2.5.0</Version>
+        <Version>2.5.1</Version>
         <Title>Pandatech.Crypto</Title>
         <PackageTags>Pandatech, library, encryption, hash, algorythms, security</PackageTags>
         <Description>PandaTech.Crypto is a .NET library simplifying common cryptograhic functions.</Description>
         <RepositoryUrl>https://github.com/PandaTechAM/be-lib-pandatech-crypto</RepositoryUrl>
-        <PackageReleaseNotes>RandomId generator logic change</PackageReleaseNotes>
+        <PackageReleaseNotes>Secure token generate method added</PackageReleaseNotes>
     </PropertyGroup>
 
     <ItemGroup>
@@ -24,8 +24,8 @@
     <ItemGroup>
       <PackageReference Include="BouncyCastle.NetCore" Version="2.2.1" />
       <PackageReference Include="Konscious.Security.Cryptography.Argon2" Version="1.3.1" />
-      <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
-      <PackageReference Include="Pandatech.RegexBox" Version="1.2.4" />
+      <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
+      <PackageReference Include="Pandatech.RegexBox" Version="2.0.1" />
     </ItemGroup>
 
 </Project>
diff --git a/src/Pandatech.Crypto/Random.cs b/src/Pandatech.Crypto/Random.cs
@@ -25,6 +25,20 @@ public static long GenerateIdWithVariableSequence(long previousId, int approxima
         var minimumRandRange = approximateSequenceVariability / 25;
         var random = System.Random.Shared.NextInt64(minimumRandRange, approximateSequenceVariability + 1);
 
-        return (previousId + random);
+        return previousId + random;
+    }
+
+    public static string GenerateSecureToken()
+    {
+       const int length = 32; // 32 bytes = 256 bits
+       var bytes = new byte[length];
+       using (var rng = RandomNumberGenerator.Create())
+       {
+          rng.GetBytes(bytes);
+       }
+       return Convert.ToBase64String(bytes)
+                     .Replace("+", "-")  // Make URL-safe
+                     .Replace("/", "_")  // Make URL-safe
+                     .TrimEnd('=');      // Remove padding
     }
 }
diff --git a/test/Pandatech.Crypto.Tests/Pandatech.Crypto.Tests.csproj b/test/Pandatech.Crypto.Tests/Pandatech.Crypto.Tests.csproj
@@ -10,10 +10,10 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="FluentAssertions" Version="6.12.0" />
-        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
-        <PackageReference Include="xunit" Version="2.8.1" />
-        <PackageReference Include="xunit.runner.visualstudio" Version="2.8.1">
+        <PackageReference Include="FluentAssertions" Version="6.12.1" />
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
+        <PackageReference Include="xunit" Version="2.9.2" />
+        <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
             <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
             <PrivateAssets>all</PrivateAssets>
         </PackageReference>

diff --git a/test/Pandatech.Crypto.Tests/RandomTests.cs b/test/Pandatech.Crypto.Tests/RandomTests.cs
@@ -37,4 +37,16 @@ public void GeneratePandaId_WithinReasonableIterations_DoesNotProduceDuplicates(
             previousId = id;
         }
     }
+
+    [Fact]
+    public void GenerateSecureToken_ShouldReturnValidUrlSafeString()
+    {
+       var token = Random.GenerateSecureToken();
+
+       Assert.NotNull(token);
+       Assert.Equal(43, token.Length); // 32 bytes => 43 Base64 characters (without padding)
+       Assert.DoesNotContain("+", token);
+       Assert.DoesNotContain("/", token);
+       Assert.DoesNotContain("=", token);
+    }
 }