fix(ggclient): check API key encoding early

agateau-gg · agateau-gg · commit 3265c052548c · 2022-01-25T11:27:47.000+01:00
diff --git a/pygitguardian/client.py b/pygitguardian/client.py
@@ -81,7 +81,7 @@ def __init__(
         :param user_agent: user agent to identify requests, defaults to ""
         :param timeout: request timeout, defaults to 20s
 
-        :raises ValueError: if the protocol is invalid
+        :raises ValueError: if the protocol or the api_key is invalid
         """
 
         if isinstance(base_uri, str):
@@ -93,6 +93,18 @@ def __init__(
         if not isinstance(api_key, str):
             raise TypeError("api_key is not a string")
 
+        try:
+            # The requests module encodes headers in latin-1, if api_key contains
+            # characters which cannot be encoded in latin-1, the raised exception is
+            # going to be very obscure. Catch the problem early to raise a clearer
+            # exception.
+            # See https://github.com/GitGuardian/ggshield/issues/101
+            api_key.encode("latin-1")
+        except UnicodeEncodeError:
+            raise ValueError(
+                "Invalid value for API Key: must be only latin-1 characters."
+            )
+
         self.base_uri = base_uri
         self.api_key = api_key
         self.session = session if isinstance(session, Session) else Session()
diff --git a/tests/test_client.py b/tests/test_client.py
@@ -179,6 +179,14 @@
             None,
             id="Custom headers",
         ),
+        pytest.param(
+            "–––––––FILL-ME–––––––––",
+            "https://api.gitguardian.com/",
+            "None",
+            30.0,
+            ValueError,
+            id="U+2013 dash characters in API key",
+        ),
     ],
 )
 def test_client_creation(
