From cc314690f49273b9d64349371c50f33d95cab8d7 Mon Sep 17 00:00:00 2001
From: Kazumasa Kohtaka <kkotaka@zlab.co.jp>
Date: Thu, 6 Jul 2017 21:28:48 +0900
Subject: [PATCH] Avoid generating an identifer which starts with a number
 because it may be used as a SAML's ID attribute

---
 storage/storage.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/storage/storage.go b/storage/storage.go
index 8ea5ab2c..893fb100 100644
--- a/storage/storage.go
+++ b/storage/storage.go
@@ -30,8 +30,8 @@ func NewID() string {
 	if _, err := io.ReadFull(rand.Reader, buff); err != nil {
 		panic(err)
 	}
-	// Trim padding
-	return strings.TrimRight(encoding.EncodeToString(buff), "=")
+	// Avoid the identifier to begin with number and trim padding
+	return string(buff[0]%26+'a') + strings.TrimRight(encoding.EncodeToString(buff[1:]), "=")
 }
 
 // GCResult returns the number of objects deleted by garbage collection.
-- 
GitLab