Allow overriding the maximum length when parsing refresh tokens

Author: wcabus

access-token-management/src/AccessTokenManagement/RefreshToken.cs

@@ -11,8 +11,24 @@ namespace Duende.AccessTokenManagement;
 public readonly record struct RefreshToken : IStronglyTypedValue<RefreshToken>
 {
     public const int MaxLength = 4 * 1024;
+
     public override string ToString() => Value;
 
+    /// <summary>
+    /// Changes the maximum length for refresh tokens.
+    /// </summary>
+    /// <param name="maxLength">The new maximum length. Must be a strictly positive value.</param>
+    /// <exception cref="ArgumentOutOfRangeException">Thrown when <paramref name="maxLength"/> is zero or a negative value.</exception>
+    /// <remarks>
+    /// Note that this change is applied statically and will affect all instances of <see cref="RefreshToken"/> across the entire application.
+    /// </remarks>
+    public static void SetMaxLength(int maxLength)
+    {
+        ArgumentOutOfRangeException.ThrowIfNegativeOrZero(maxLength);
+
+        Validators[0] = ValidationRules.MaxLength(maxLength);
+    }
+
     private static readonly ValidationRule<string>[] Validators = [
         // Officially, there's no max length refresh tokens, but 4k is a good limit
         ValidationRules.MaxLength(MaxLength)

access-token-management/test/AccessTokenManagement.Tests/PublicApiVerificationTests.VerifyPublicApi.verified.txt

@@ -184,6 +184,7 @@
         public RefreshToken() { }
         public override string ToString() { }
         public static Duende.AccessTokenManagement.RefreshToken Parse(string value) { }
+        public static void SetMaxLength(int maxLength) { }
         public static bool TryParse(string value, [System.Diagnostics.CodeAnalysis.NotNullWhen(true)] out Duende.AccessTokenManagement.RefreshToken? parsed, out string[] errors) { }
         public static string op_Implicit(Duende.AccessTokenManagement.RefreshToken value) { }
     }

access-token-management/test/AccessTokenManagement.Tests/Types/RefreshTokenSetMaxLengthTests.cs

@@ -0,0 +1,119 @@
+// Copyright (c) Duende Software. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+namespace Duende.AccessTokenManagement.Types;
+
+/// <summary>
+/// Tests for <see cref="RefreshToken.SetMaxLength"/>. These are isolated into a separate
+/// non-parallel collection because <see cref="RefreshToken.SetMaxLength"/> mutates static state
+/// that would affect other tests running concurrently.
+/// </summary>
+[Collection(nameof(RefreshTokenTests))]
+public class RefreshTokenSetMaxLengthTests : IDisposable
+{
+    public void Dispose() =>
+        // Reset to the default max length after each test so static state doesn't leak.
+        RefreshToken.SetMaxLength(RefreshToken.MaxLength);
+
+    [Fact]
+    public void SetMaxLength_AllowsLargerTokens()
+    {
+        // Arrange
+        var largeMaxLength = 16 * 1024; // 16 KB, e.g. for ADFS tokens
+        var largeValue = new string('a', RefreshToken.MaxLength + 1); // Exceeds default, within new limit
+        RefreshToken.SetMaxLength(largeMaxLength);
+
+        // Act
+        var result = RefreshToken.Parse(largeValue);
+
+        // Assert
+        result.ToString().ShouldBe(largeValue);
+    }
+
+    [Fact]
+    public void SetMaxLength_StillRejectsTokensExceedingNewLimit()
+    {
+        // Arrange
+        var newMaxLength = 8 * 1024;
+        RefreshToken.SetMaxLength(newMaxLength);
+        var tooLargeValue = new string('a', newMaxLength + 1);
+
+        // Act & Assert
+        var exception = Should.Throw<InvalidOperationException>(() => RefreshToken.Parse(tooLargeValue));
+        exception.Message.ShouldContain("exceeds maximum length");
+    }
+
+    [Fact]
+    public void SetMaxLength_TryParse_AllowsLargerTokens()
+    {
+        // Arrange
+        var largeMaxLength = 16 * 1024;
+        var largeValue = new string('a', RefreshToken.MaxLength + 1);
+        RefreshToken.SetMaxLength(largeMaxLength);
+
+        // Act
+        var success = RefreshToken.TryParse(largeValue, out var result, out var errors);
+
+        // Assert
+        success.ShouldBeTrue();
+        result.ShouldNotBeNull();
+        result.ToString().ShouldBe(largeValue);
+        errors.ShouldBeEmpty();
+    }
+
+    [Fact]
+    public void SetMaxLength_TryParse_StillRejectsTokensExceedingNewLimit()
+    {
+        // Arrange
+        var newMaxLength = 8 * 1024;
+        RefreshToken.SetMaxLength(newMaxLength);
+        var tooLargeValue = new string('a', newMaxLength + 1);
+
+        // Act
+        var success = RefreshToken.TryParse(tooLargeValue, out var result, out var errors);
+
+        // Assert
+        success.ShouldBeFalse();
+        result.ShouldBeNull();
+        errors.ShouldNotBeEmpty();
+        errors[0].ShouldContain("exceeds maximum length");
+    }
+
+    [Fact]
+    public void SetMaxLength_CanReduceLimit()
+    {
+        // Arrange
+        var smallerMaxLength = 100;
+        RefreshToken.SetMaxLength(smallerMaxLength);
+        var value = new string('a', smallerMaxLength + 1);
+
+        // Act & Assert
+        var exception = Should.Throw<InvalidOperationException>(() => RefreshToken.Parse(value));
+        exception.Message.ShouldContain("exceeds maximum length");
+    }
+
+    [Fact]
+    public void SetMaxLength_AtExactNewLimit_Succeeds()
+    {
+        // Arrange
+        var newMaxLength = 8 * 1024;
+        RefreshToken.SetMaxLength(newMaxLength);
+        var value = new string('a', newMaxLength);
+
+        // Act
+        var result = RefreshToken.Parse(value);
+
+        // Assert
+        result.ToString().ShouldBe(value);
+    }
+
+    [Fact]
+    public void SetMaxLength_Zero_ThrowsArgumentOutOfRangeException() =>
+        // Act & Assert
+        Should.Throw<ArgumentOutOfRangeException>(() => RefreshToken.SetMaxLength(0));
+
+    [Fact]
+    public void SetMaxLength_Negative_ThrowsArgumentOutOfRangeException() =>
+        // Act & Assert
+        Should.Throw<ArgumentOutOfRangeException>(() => RefreshToken.SetMaxLength(-1));
+}

access-token-management/test/AccessTokenManagement.Tests/Types/RefreshTokenTests.cs

@@ -0,0 +1,118 @@
+// Copyright (c) Duende Software. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+namespace Duende.AccessTokenManagement.Types;
+
+/// <summary>
+/// Both the <see cref="RefreshTokenTests"/> and <see cref="RefreshTokenSetMaxLengthTests"/> classes share a collection to prevent parallel execution,
+/// since <see cref="RefreshToken.SetMaxLength"/> mutates static state.
+/// </summary>
+[Collection(nameof(RefreshTokenTests))]
+public class RefreshTokenTests
+{
+    [Fact]
+    public void Parse_ValidValue_ReturnsRefreshToken()
+    {
+        // Arrange
+        var validValue = "valid_refresh_token";
+
+        // Act
+        var result = RefreshToken.Parse(validValue);
+
+        // Assert
+        result.ToString().ShouldBe(validValue);
+    }
+
+    [Fact]
+    public void Parse_InvalidValue_ThrowsException()
+    {
+        // Arrange
+        var invalidValue = new string('a', RefreshToken.MaxLength + 1); // Exceeds max length
+
+        // Act & Assert
+        var exception = Should.Throw<InvalidOperationException>(() => RefreshToken.Parse(invalidValue));
+        exception.Message.ShouldContain("exceeds maximum length");
+    }
+
+    [Fact]
+    public void TryParse_ValidValue_ReturnsTrueAndRefreshToken()
+    {
+        // Arrange
+        var validValue = "valid_refresh_token";
+
+        // Act
+        var success = RefreshToken.TryParse(validValue, out var result, out var errors);
+
+        // Assert
+        success.ShouldBeTrue();
+        result.ShouldNotBeNull();
+        result.ToString().ShouldBe(validValue);
+        errors.ShouldBeEmpty();
+    }
+
+    [Fact]
+    public void TryParse_InvalidValue_ReturnsFalseAndErrors()
+    {
+        // Arrange
+        var invalidValue = new string('a', RefreshToken.MaxLength + 1); // Exceeds max length
+
+        // Act
+        var success = RefreshToken.TryParse(invalidValue, out var result, out var errors);
+
+        // Assert
+        success.ShouldBeFalse();
+        result.ShouldBeNull();
+        errors.ShouldNotBeEmpty();
+        errors[0].ShouldContain("exceeds maximum length");
+    }
+
+    [Fact]
+    public void Parse_AtExactMaxLength_ReturnsRefreshToken()
+    {
+        // Arrange
+        var value = new string('a', RefreshToken.MaxLength);
+
+        // Act
+        var result = RefreshToken.Parse(value);
+
+        // Assert
+        result.ToString().ShouldBe(value);
+    }
+
+    [Fact]
+    public void Parse_NullValue_ThrowsException() =>
+        // Act & Assert
+        Should.Throw<InvalidOperationException>(() => RefreshToken.Parse(null!));
+
+    [Fact]
+    public void Parse_EmptyValue_ThrowsException() =>
+        // Act & Assert
+        Should.Throw<InvalidOperationException>(() => RefreshToken.Parse(string.Empty));
+
+    [Fact]
+    public void Parse_WhitespaceValue_ThrowsException() =>
+        // Act & Assert
+        Should.Throw<InvalidOperationException>(() => RefreshToken.Parse("   "));
+
+    [Fact]
+    public void ParameterlessConstructor_ThrowsException()
+    {
+        // Act & Assert
+        var exception = Should.Throw<InvalidOperationException>(() => new RefreshToken());
+        exception.Message.ShouldContain("Can't create null value");
+    }
+
+    [Fact]
+    public void ImplicitStringConversion_ReturnsValue()
+    {
+        // Arrange
+        var value = "my_refresh_token";
+        var token = RefreshToken.Parse(value);
+
+        // Act
+        string converted = token;
+
+        // Assert
+        converted.ShouldBe(value);
+    }
+}