fix(amplify-category-function): add length validation for secret value (

#9812)
aws-amplify · Mar 9, 2022 · 1779fa0 · 1779fa0
1 parent 6383260
commit 1779fa0
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/...s__/provider-utils/awscloudformation/service-walkthroughs/secretValuesWalkthrough.test.ts b/...s__/provider-utils/awscloudformation/service-walkthroughs/secretValuesWalkthrough.test.ts
@@ -0,0 +1,10 @@
+import { secretValueValidator } from '../../../../provider-utils/awscloudformation/service-walkthroughs/secretValuesWalkthrough';
+
+describe('Check not valid secret values', () => {
+  it('Empty value', () => {
+    expect(secretValueValidator('')).toEqual('Secret value must be between 1 and 2048 characters long');
+  });
+  it('Value over 2048 characters', () => {
+    expect(secretValueValidator('a'.repeat(2049))).toEqual('Secret value must be between 1 and 2048 characters long');
+  });
+});
diff --git a/...tion/src/provider-utils/awscloudformation/service-walkthroughs/secretValuesWalkthrough.ts b/...tion/src/provider-utils/awscloudformation/service-walkthroughs/secretValuesWalkthrough.ts
@@ -176,12 +176,20 @@ const enterSecretName = async (invalidNames: string[]) =>
 
 const secretValueDefaultMessage = (secretName: string) => `Enter the value for ${secretName}:`;
 
+export const secretValueValidator = (input?: string) => {
+  if (typeof input !== 'string' || input.length === 0 || input.length > 2048) {
+    return 'Secret value must be between 1 and 2048 characters long';
+  }
+  return true;
+};
+
 const enterSecretValue = async (message: string) =>
   (
     await inquirer.prompt<{ secretValue: string }>({
       type: 'password',
       name: 'secretValue',
       message,
+      validate: secretValueValidator,
     })
   ).secretValue;