From 233f932617f749722f79c416d28002349fac5b16 Mon Sep 17 00:00:00 2001
From: Haik <haik.asatryan.95@gmail.com>
Date: Fri, 18 Oct 2024 19:07:57 +0400
Subject: [PATCH] Secure token generate method added

---
 Readme.md                                        |  1 +
 src/Pandatech.Crypto/Pandatech.Crypto.csproj     |  8 ++++----
 src/Pandatech.Crypto/Random.cs                   | 16 +++++++++++++++-
 .../Pandatech.Crypto.Tests.csproj                |  8 ++++----
 test/Pandatech.Crypto.Tests/RandomTests.cs       | 12 ++++++++++++
 5 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/Readme.md b/Readme.md
index dd25898..5c8747e 100644
--- a/Readme.md
+++ b/Readme.md
@@ -152,6 +152,7 @@ var isPasswordValid = _argon2Id.VerifyHash("yourPassword", hashedPassword);
 ```csharp
 var randomBytes = Random.GenerateBytes(16);
 var aesKey = Random.GenerateAes256KeyString();
+var unimaginableUniqueAndRandomToken = Random.GenerateSecureToken() //256-bit token in string format
 ```
 
 ### 1.4.5. Password Class
diff --git a/src/Pandatech.Crypto/Pandatech.Crypto.csproj b/src/Pandatech.Crypto/Pandatech.Crypto.csproj
index f464668..cede8cf 100644
--- a/src/Pandatech.Crypto/Pandatech.Crypto.csproj
+++ b/src/Pandatech.Crypto/Pandatech.Crypto.csproj
@@ -8,12 +8,12 @@
         <Copyright>MIT</Copyright>
         <PackageIcon>pandatech.png</PackageIcon>
         <PackageReadmeFile>Readme.md</PackageReadmeFile>
-        <Version>2.5.0</Version>
+        <Version>2.5.1</Version>
         <Title>Pandatech.Crypto</Title>
         <PackageTags>Pandatech, library, encryption, hash, algorythms, security</PackageTags>
         <Description>PandaTech.Crypto is a .NET library simplifying common cryptograhic functions.</Description>
         <RepositoryUrl>https://github.com/PandaTechAM/be-lib-pandatech-crypto</RepositoryUrl>
-        <PackageReleaseNotes>RandomId generator logic change</PackageReleaseNotes>
+        <PackageReleaseNotes>Secure token generate method added</PackageReleaseNotes>
     </PropertyGroup>
 
     <ItemGroup>
@@ -24,8 +24,8 @@
     <ItemGroup>
       <PackageReference Include="BouncyCastle.NetCore" Version="2.2.1" />
       <PackageReference Include="Konscious.Security.Cryptography.Argon2" Version="1.3.1" />
-      <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
-      <PackageReference Include="Pandatech.RegexBox" Version="1.2.4" />
+      <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
+      <PackageReference Include="Pandatech.RegexBox" Version="2.0.1" />
     </ItemGroup>
 
 </Project>
diff --git a/src/Pandatech.Crypto/Random.cs b/src/Pandatech.Crypto/Random.cs
index 5f8d506..5e7b7d8 100644
--- a/src/Pandatech.Crypto/Random.cs
+++ b/src/Pandatech.Crypto/Random.cs
@@ -25,6 +25,20 @@ public static long GenerateIdWithVariableSequence(long previousId, int approxima
         var minimumRandRange = approximateSequenceVariability / 25;
         var random = System.Random.Shared.NextInt64(minimumRandRange, approximateSequenceVariability + 1);
         
-        return (previousId + random);
+        return previousId + random;
+    }
+    
+    public static string GenerateSecureToken()
+    {
+       const int length = 32; // 32 bytes = 256 bits
+       var bytes = new byte[length];
+       using (var rng = RandomNumberGenerator.Create())
+       {
+          rng.GetBytes(bytes);
+       }
+       return Convert.ToBase64String(bytes)
+                     .Replace("+", "-")  // Make URL-safe
+                     .Replace("/", "_")  // Make URL-safe
+                     .TrimEnd('=');      // Remove padding
     }
 }
\ No newline at end of file
diff --git a/test/Pandatech.Crypto.Tests/Pandatech.Crypto.Tests.csproj b/test/Pandatech.Crypto.Tests/Pandatech.Crypto.Tests.csproj
index 463bd2b..f9d5af8 100644
--- a/test/Pandatech.Crypto.Tests/Pandatech.Crypto.Tests.csproj
+++ b/test/Pandatech.Crypto.Tests/Pandatech.Crypto.Tests.csproj
@@ -10,10 +10,10 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="FluentAssertions" Version="6.12.0" />
-        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
-        <PackageReference Include="xunit" Version="2.8.1" />
-        <PackageReference Include="xunit.runner.visualstudio" Version="2.8.1">
+        <PackageReference Include="FluentAssertions" Version="6.12.1" />
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
+        <PackageReference Include="xunit" Version="2.9.2" />
+        <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
             <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
             <PrivateAssets>all</PrivateAssets>
         </PackageReference>
diff --git a/test/Pandatech.Crypto.Tests/RandomTests.cs b/test/Pandatech.Crypto.Tests/RandomTests.cs
index 370ccd0..f76da8b 100644
--- a/test/Pandatech.Crypto.Tests/RandomTests.cs
+++ b/test/Pandatech.Crypto.Tests/RandomTests.cs
@@ -37,4 +37,16 @@ public void GeneratePandaId_WithinReasonableIterations_DoesNotProduceDuplicates(
             previousId = id;
         }
     }
+    
+    [Fact]
+    public void GenerateSecureToken_ShouldReturnValidUrlSafeString()
+    {
+       var token = Random.GenerateSecureToken();
+
+       Assert.NotNull(token);
+       Assert.Equal(43, token.Length); // 32 bytes => 43 Base64 characters (without padding)
+       Assert.DoesNotContain("+", token);
+       Assert.DoesNotContain("/", token);
+       Assert.DoesNotContain("=", token);
+    }
 }
\ No newline at end of file