summary refs log tree commit diff
path: root/synapse/util/stringutils.py
diff options
context:
space:
mode:
Diffstat (limited to 'synapse/util/stringutils.py')
-rw-r--r--synapse/util/stringutils.py14
1 files changed, 14 insertions, 0 deletions
diff --git a/synapse/util/stringutils.py b/synapse/util/stringutils.py

index 982c6d81ca..6a2464cab3 100644 --- a/synapse/util/stringutils.py +++ b/synapse/util/stringutils.py
@@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- # Copyright 2014-2016 OpenMarket Ltd +# Copyright 2020 The Matrix.org Foundation C.I.C. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,12 +15,15 @@ # limitations under the License. import random +import re import string import six from six import PY2, PY3 from six.moves import range +from synapse.api.errors import Codes, SynapseError + _string_with_symbols = string.digits + string.ascii_letters + ".,;:^&*-_+=#~@" # random_string and random_string_with_symbols are used for a range of things, @@ -27,6 +31,8 @@ _string_with_symbols = string.digits + string.ascii_letters + ".,;:^&*-_+=#~@" # we get cryptographically-secure randoms. rand = random.SystemRandom() +client_secret_regex = re.compile(r"^[0-9a-zA-Z.=_-]+$") + def random_string(length): return "".join(rand.choice(string.ascii_letters) for _ in range(length)) @@ -109,3 +115,11 @@ def exception_to_unicode(e): return msg.decode("utf-8", errors="replace") else: return msg + + +def assert_valid_client_secret(client_secret): + """Validate that a given string matches the client_secret regex defined by the spec""" + if client_secret_regex.match(client_secret) is None: + raise SynapseError( + 400, "Invalid client_secret parameter", errcode=Codes.INVALID_PARAM + )