Type hints and validation improvements. (#9321)

* Adds type hints to the groups servlet and stringutils code. * Assert the maximum length of some input values for spec compliance.
author: Patrick Cloke <clokep@users.noreply.github.com> 2021-02-08 13:59:54 -0500
committer: GitHub <noreply@github.com> 2021-02-08 13:59:54 -0500
commit: 3f58fc848d0002de4605bed91603a1f9f245d128 (patch)
tree: c34cffdce8e7b037f0c1f7114c53c51f24bb113f /synapse/util
parent: Handle additional errors when previewing URLs. (#9333) (diff)
download: synapse-3f58fc848d0002de4605bed91603a1f9f245d128.tar.xz
1 files changed, 18 insertions, 15 deletions
diff --git a/synapse/util/stringutils.py b/synapse/util/stringutils.py
index f8038bf861..9ce7873ab5 100644
--- a/synapse/util/stringutils.py
+++ b/synapse/util/stringutils.py
@@ -25,7 +25,7 @@ from synapse.api.errors import Codes, SynapseError
 _string_with_symbols = string.digits + string.ascii_letters + ".,;:^&*-_+=#~@"
 
 # https://matrix.org/docs/spec/client_server/r0.6.0#post-matrix-client-r0-register-email-requesttoken
-client_secret_regex = re.compile(r"^[0-9a-zA-Z\.\=\_\-]+$")
+CLIENT_SECRET_REGEX = re.compile(r"^[0-9a-zA-Z\.=_\-]+$")
 
 # https://matrix.org/docs/spec/client_server/r0.6.1#matrix-content-mxc-uris,
 # together with https://github.com/matrix-org/matrix-doc/issues/2177 which basically
@@ -42,28 +42,31 @@ MXC_REGEX = re.compile("^mxc://([^/]+)/([^/#?]+)$")
 rand = random.SystemRandom()
 
 
-def random_string(length):
+def random_string(length: int) -> str:
     return "".join(rand.choice(string.ascii_letters) for _ in range(length))
 
 
-def random_string_with_symbols(length):
+def random_string_with_symbols(length: int) -> str:
     return "".join(rand.choice(_string_with_symbols) for _ in range(length))
 
 
-def is_ascii(s):
-    if isinstance(s, bytes):
-        try:
-            s.decode("ascii").encode("ascii")
-        except UnicodeDecodeError:
-            return False
-        except UnicodeEncodeError:
-            return False
-        return True
+def is_ascii(s: bytes) -> bool:
+    try:
+        s.decode("ascii").encode("ascii")
+    except UnicodeDecodeError:
+        return False
+    except UnicodeEncodeError:
+        return False
+    return True
 
 
-def assert_valid_client_secret(client_secret):
-    """Validate that a given string matches the client_secret regex defined by the spec"""
-    if client_secret_regex.match(client_secret) is None:
+def assert_valid_client_secret(client_secret: str) -> None:
+    """Validate that a given string matches the client_secret defined by the spec"""
+    if (
+        len(client_secret) <= 0
+        or len(client_secret) > 255
+        or CLIENT_SECRET_REGEX.match(client_secret) is None
+    ):
         raise SynapseError(
             400, "Invalid client_secret parameter", errcode=Codes.INVALID_PARAM
         )
author	Patrick Cloke <clokep@users.noreply.github.com>	2021-02-08 13:59:54 -0500
committer	GitHub <noreply@github.com>	2021-02-08 13:59:54 -0500
commit	3f58fc848d0002de4605bed91603a1f9f245d128 (patch)
tree	c34cffdce8e7b037f0c1f7114c53c51f24bb113f /synapse/util
parent	Handle additional errors when previewing URLs. (#9333) (diff)
download	synapse-3f58fc848d0002de4605bed91603a1f9f245d128.tar.xz