From 41c649a2e10297b54ae66eec162ef2905da1978c Mon Sep 17 00:00:00 2001
From: "EPAM\\Felipe_Hernandez" <ingeingero@gmail.com>
Date: Wed, 28 Feb 2024 14:15:21 -0500
Subject: [PATCH] fix: fix max lenght file secret issue

---
 README.md              | 6 +++++-
 TestClient.go          | 5 +++--
 api/secrets/secrets.go | 2 +-
 api/utils/validator.go | 4 +++-
 4 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index da51d05..04226e9 100644
--- a/README.md
+++ b/README.md
@@ -58,6 +58,10 @@ The library supports retrieval of secrets from BeyondInsight/Password Safe versi
   - type: int
   - default: 2 minutes
   - required: False
+- maxFileSecretSize
+  - description: Max file secret size
+  - type: int
+  - required: True
 
 ## Methods
 
@@ -141,7 +145,7 @@ In order to use Release Please App, we need to use conventional commits, but [he
 Some of the more important and common commit types are:
 
 | Type     | Description                                                   | Triggers Release Please |
-|:---------|:--------------------------------------------------------------|:-------------------------|
+| :------- | :------------------------------------------------------------ | :---------------------- |
 | feat!    | Introduce a major change e.g. v1.0.0 to v2.0.0                | Yes                     |
 | feat     | Introduce a minor change e.g. v1.0.0 to v1.1.0                | Yes                     |
 | fix      | Introduce a patch change e.g. v1.0.0 to v1.0.1                | Yes                     |
diff --git a/TestClient.go b/TestClient.go
index 05ad0ef..ace004c 100644
--- a/TestClient.go
+++ b/TestClient.go
@@ -31,9 +31,10 @@ func main() {
 	clientTimeOutInSeconds := 30
 	verifyCa := true
 	retryMaxElapsedTimeMinutes := 2
+	maxFileSecretSize := 4000
 
 	// validate inputs
-	errorsInInputs := utils.ValidateInputs(clientId, clientSecret, apiUrl, clientTimeOutInSeconds, &separator, verifyCa, zapLogger, certificate, certificateKey, &retryMaxElapsedTimeMinutes)
+	errorsInInputs := utils.ValidateInputs(clientId, clientSecret, apiUrl, clientTimeOutInSeconds, &separator, verifyCa, zapLogger, certificate, certificateKey, &retryMaxElapsedTimeMinutes, maxFileSecretSize)
 
 	if errorsInInputs != nil {
 		return
@@ -52,7 +53,7 @@ func main() {
 	}
 
 	// instantiating secret obj
-	secretObj, _ := secrets.NewSecretObj(*authenticate, zapLogger, 4000)
+	secretObj, _ := secrets.NewSecretObj(*authenticate, zapLogger, maxFileSecretSize)
 
 	paths := "fake/text1,fake/text2"
 	errors_in_path := utils.ValidatePath(paths)
diff --git a/api/secrets/secrets.go b/api/secrets/secrets.go
index 958350f..0c68f2e 100644
--- a/api/secrets/secrets.go
+++ b/api/secrets/secrets.go
@@ -77,7 +77,7 @@ func (secretObj *SecretObj) GetSecretFlow(secretsToRetrieve []string, separator
 			secretInBytes := []byte(fileSecretContent)
 
 			if len(secretInBytes) > secretObj.maxFileSecretSize {
-				secretObj.log.Debug(fmt.Sprintf("%v%v%v: %v %v %v", secretPath, separator, secretTitle, "Secret Size:", len(secretInBytes), "is greater than allowed one", secretObj.maxFileSecretSize))
+				secretObj.log.Error(fmt.Sprintf("%v%v%v: %v %v %v", secretPath, separator, secretTitle, "Secret file Size:", len(secretInBytes), "is greater than the maximum allowed size:", secretObj.maxFileSecretSize))
 			} else {
 				secretDictionary[secretToRetrieve] = fileSecretContent
 			}
diff --git a/api/utils/validator.go b/api/utils/validator.go
index c7443c2..269b7b1 100644
--- a/api/utils/validator.go
+++ b/api/utils/validator.go
@@ -19,12 +19,13 @@ type UserInputValidaton struct {
 	ClientTimeOutinSeconds int    `validate:"gte=1,lte=300"`
 	Separator              string `validate:"required,min=1,max=1"`
 	VerifyCa               bool   `validate:"required"`
+	MaxFileSecretSize      int    `validate:"gte=1,lte=5000"`
 }
 
 var validate *validator.Validate
 
 // ValidateInputs is responsible for validating end-user inputs.
-func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientTimeOutinSeconds int, separator *string, verifyCa bool, logger logging.Logger, certificate string, certificate_key string, retryMaxElapsedTimeMinutes *int) error {
+func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientTimeOutinSeconds int, separator *string, verifyCa bool, logger logging.Logger, certificate string, certificate_key string, retryMaxElapsedTimeMinutes *int, maxFileSecretSize int) error {
 
 	if clientTimeOutinSeconds == 0 {
 		clientTimeOutinSeconds = 30
@@ -45,6 +46,7 @@ func ValidateInputs(clientId string, clientSecret string, apiUrl string, clientT
 		ClientTimeOutinSeconds: clientTimeOutinSeconds,
 		Separator:              *separator,
 		VerifyCa:               verifyCa,
+		MaxFileSecretSize:      maxFileSecretSize,
 	}
 
 	if strings.TrimSpace(*separator) == "" {