From 5267d5286f834a569b53cd68812ea96e80ae4290 Mon Sep 17 00:00:00 2001
From: Saranya Jena <saranya.jena@harness.io>
Date: Mon, 15 Apr 2024 08:13:37 +0200
Subject: [PATCH] leveraging crypto/rand package to generate access keys
 (#4577)

Signed-off-by: Saranya-jena <saranya.jena@harness.io>
---
 .../server/pkg/chaos_infrastructure/service.go     |  5 ++++-
 chaoscenter/graphql/server/utils/misc.go           | 14 +++++++++++++-
 .../src/views/Login/__tests__/LoginPage.test.tsx   |  8 ++++----
 3 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go
index bcba2a1b9f6..f43d71d37d8 100644
--- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go
+++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go
@@ -1009,7 +1009,10 @@ func (in *infraService) ConfirmInfraRegistration(request model.InfraIdentity, r
 	}
 
 	if infra.AccessKey == request.AccessKey {
-		newKey := utils.RandomString(32)
+		newKey, err := utils.GenerateAccessKey(32)
+		if err != nil {
+			return &model.ConfirmInfraRegistrationResponse{IsInfraConfirmed: false}, err
+		}
 		time := time.Now().UnixMilli()
 		query := bson.D{{"infra_id", request.InfraID}}
 		update := bson.D{{"$unset", bson.D{{"token", ""}}}, {"$set", bson.D{{"access_key", newKey}, {"is_registered", true}, {"is_infra_confirmed", true}, {"updated_at", time}}}}
diff --git a/chaoscenter/graphql/server/utils/misc.go b/chaoscenter/graphql/server/utils/misc.go
index 62e326dd113..46151e875b5 100644
--- a/chaoscenter/graphql/server/utils/misc.go
+++ b/chaoscenter/graphql/server/utils/misc.go
@@ -2,6 +2,7 @@ package utils
 
 import (
 	"bytes"
+	crypto "crypto/rand"
 	"encoding/base64"
 	"fmt"
 	"math/rand"
@@ -25,7 +26,18 @@ func WriteHeaders(w *gin.ResponseWriter, statusCode int) {
 	(*w).WriteHeader(statusCode)
 }
 
-// RandomString generates random strings, can be used to create ids or random secrets
+// GenerateAccessKey generates an access key by leveraging crypto/rand package
+func GenerateAccessKey(length int) (string, error) {
+	b := make([]byte, length)
+	_, err := crypto.Read(b)
+	if err != nil {
+		return "", err
+	}
+
+	return base64.URLEncoding.EncodeToString(b), nil
+}
+
+// RandomString generates random strings, can be used to create ids
 func RandomString(n int) string {
 	if n > 0 {
 		var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-")
diff --git a/chaoscenter/web/src/views/Login/__tests__/LoginPage.test.tsx b/chaoscenter/web/src/views/Login/__tests__/LoginPage.test.tsx
index c021d411f42..0fb391ef015 100644
--- a/chaoscenter/web/src/views/Login/__tests__/LoginPage.test.tsx
+++ b/chaoscenter/web/src/views/Login/__tests__/LoginPage.test.tsx
@@ -40,8 +40,8 @@ describe('LoginPageView', () => {
   test('With Dex Login Disabled', async () => {
     const capabilitiesWithDexDisabled = {
       dex: {
-        enabled: false,
-      },
+        enabled: false
+      }
     };
 
     render(
@@ -55,8 +55,8 @@ describe('LoginPageView', () => {
   test('With Dex Login Enabled', async () => {
     const capabilitiesWithDexEnabled = {
       dex: {
-        enabled: true,
-      },
+        enabled: true
+      }
     };
     render(
       <TestWrapper>