giteadmin/gh-celebs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: add GitHub token format validation

Browse Source
This commit is contained in:
Jonathan Agmon
2026-03-23 17:47:10 +02:00
parent 1dbf7e33f9
commit 9b31be5457
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/github.rs
View File

@@ -11,6 +11,22 @@ pub struct GitHubClient {
impl GitHubClient { impl GitHubClient {
pub fn new(token: Option<String>) -> Result<Self> { pub fn new(token: Option<String>) -> Result<Self> {
// Validate token format if provided
if let Some(ref t) = token {
if !t.is_empty() {
// GitHub classic tokens start with 'ghp_'
// Fine-grained tokens start with 'github_pat_'
// OAuth tokens don't have a specific prefix
let is_valid_format = t.starts_with("ghp_") ||
t.starts_with("github_pat_") ||
t.len() >= 20; // Generic check for reasonable token length
if !is_valid_format {
anyhow::bail!("Invalid GitHub token format. Token should start with 'ghp_' (classic) or 'github_pat_' (fine-grained)");
}
}
}
let mut headers = HeaderMap::new(); let mut headers = HeaderMap::new();
headers.insert(USER_AGENT, HeaderValue::from_static("gh-celebs")); headers.insert(USER_AGENT, HeaderValue::from_static("gh-celebs"));
headers.insert(ACCEPT, HeaderValue::from_static("application/vnd.github.v3+json")); headers.insert(ACCEPT, HeaderValue::from_static("application/vnd.github.v3+json"));