feat: client validation (#238)

Author: Quentin Brosse

api/instance/v1/server_utils.go

@@ -10,15 +10,15 @@ import (
 	"github.com/scaleway/scaleway-sdk-go/api/marketplace/v1"
 	"github.com/scaleway/scaleway-sdk-go/internal/async"
 	"github.com/scaleway/scaleway-sdk-go/internal/errors"
-	"github.com/scaleway/scaleway-sdk-go/internal/uuid"
+	"github.com/scaleway/scaleway-sdk-go/internal/validation"
 	"github.com/scaleway/scaleway-sdk-go/scw"
 )
 
 // CreateServer creates a server.
 func (s *API) CreateServer(req *CreateServerRequest, opts ...scw.RequestOption) (*CreateServerResponse, error) {
 
 	// If image is not a UUID we try to fetch it from marketplace.
-	if req.Image != "" && !uuid.IsUUID(req.Image) {
+	if req.Image != "" && !validation.IsUUID(req.Image) {
 		apiMarketplace := marketplace.NewAPI(s.client)
 		imageId, err := apiMarketplace.GetLocalImageIDByLabel(&marketplace.GetLocalImageIDByLabelRequest{
 			ImageLabel:     req.Image,

internal/uuid/uuid.go

@@ -0,0 +1,49 @@
+package validation
+
+import (
+	"net/url"
+	"regexp"
+)
+
+var (
+	isUUIDRegexp  = regexp.MustCompile(`[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}`)
+	isRegionRegex = regexp.MustCompile("^[a-z]{2}-[a-z]{3}$")
+	isZoneRegex   = regexp.MustCompile("^[a-z]{2}-[a-z]{3}-[1-9]$")
+	isAccessKey   = regexp.MustCompile("^SCW[A-Z0-9]{17}$")
+)
+
+// IsUUID returns true if the given string has a valid UUID format.
+func IsUUID(s string) bool {
+	return isUUIDRegexp.MatchString(s)
+}
+
+// IsAccessKey returns true if the given string has a valid Scaleway access key format.
+func IsAccessKey(s string) bool {
+	return isAccessKey.MatchString(s)
+}
+
+// IsSecretKey returns true if the given string has a valid Scaleway secret key format.
+func IsSecretKey(s string) bool {
+	return IsUUID(s)
+}
+
+// IsOrganizationID returns true if the given string has a valid Scaleway organization ID format.
+func IsOrganizationID(s string) bool {
+	return IsUUID(s)
+}
+
+// IsRegion returns true if the given string has a valid region format.
+func IsRegion(s string) bool {
+	return isRegionRegex.MatchString(s)
+}
+
+// IsZone returns true if the given string has a valid zone format.
+func IsZone(s string) bool {
+	return isZoneRegex.MatchString(s)
+}
+
+// IsURL returns true if the given string has a valid URL format.
+func IsURL(s string) bool {
+	_, err := url.Parse(s)
+	return err == nil
+}

internal/validation/is.go

@@ -2,10 +2,11 @@ package scw
 
 import (
 	"net/http"
-	"net/url"
+	"strings"
 
 	"github.com/scaleway/scaleway-sdk-go/internal/auth"
 	"github.com/scaleway/scaleway-sdk-go/internal/errors"
+	"github.com/scaleway/scaleway-sdk-go/internal/validation"
 )
 
 // ClientOption is a function which applies options to a settings object.
@@ -170,40 +171,70 @@ func (s *settings) apply(opts []ClientOption) {
 }
 
 func (s *settings) validate() error {
-	var err error
+	// Auth.
 	if s.token == nil {
 		// It should not happen, WithoutAuth option is used by default.
 		panic(errors.New("no credential option provided"))
 	}
-
 	if token, isToken := s.token.(*auth.Token); isToken {
 		if token.AccessKey == "" {
-			return &ClientCredentialError{errorType: clientCredentialError_EmptyAccessKey}
+			return NewInvalidClientOptionError("access key cannot be empty")
+		}
+		if !validation.IsAccessKey(token.AccessKey) {
+			return NewInvalidClientOptionError("invalid access key format '%s', expected SCWXXXXXXXXXXXXXXXXX format", token.AccessKey)
 		}
 		if token.SecretKey == "" {
-			return &ClientCredentialError{errorType: clientCredentialError_EmptySecreyKey}
+			return NewInvalidClientOptionError("secret key cannot be empty")
+		}
+		if !validation.IsSecretKey(token.SecretKey) {
+			return NewInvalidClientOptionError("invalid secret key format '%s', expected a UUID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", token.SecretKey)
 		}
 	}
 
-	_, err = url.Parse(s.apiURL)
-	if err != nil {
-		return errors.Wrap(err, "invalid url %s", s.apiURL)
+	// Default Organization ID.
+	if s.defaultOrganizationID != nil {
+		if *s.defaultOrganizationID == "" {
+			return NewInvalidClientOptionError("default organization ID cannot be empty")
+		}
+		if !validation.IsOrganizationID(*s.defaultOrganizationID) {
+			return NewInvalidClientOptionError("invalid organization ID format '%s', expected a UUID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", *s.defaultOrganizationID)
+		}
 	}
 
-	// TODO: Check OrganizationID format
-	if s.defaultOrganizationID != nil && *s.defaultOrganizationID == "" {
-		return errors.New("default organization id cannot be empty")
+	// Default Region.
+	if s.defaultRegion != nil {
+		if *s.defaultRegion == "" {
+			return NewInvalidClientOptionError("default region cannot be empty")
+		}
+		if !validation.IsRegion(string(*s.defaultRegion)) {
+			regions := []string(nil)
+			for _, r := range AllRegions {
+				regions = append(regions, string(r))
+			}
+			return NewInvalidClientOptionError("invalid default region format '%s', available regions are: %s", *s.defaultRegion, strings.Join(regions, ", "))
+		}
 	}
 
-	// TODO: Check Region format
-	if s.defaultRegion != nil && *s.defaultRegion == "" {
-		return errors.New("default region cannot be empty")
+	// Default Zone.
+	if s.defaultZone != nil {
+		if *s.defaultZone == "" {
+			return NewInvalidClientOptionError("default zone cannot be empty")
+		}
+		if !validation.IsZone(string(*s.defaultZone)) {
+			zones := []string(nil)
+			for _, z := range AllZones {
+				zones = append(zones, string(z))
+			}
+			return NewInvalidClientOptionError("invalid default zone format '%s', available zones are: %s", *s.defaultZone, strings.Join(zones, ", "))
+		}
 	}
 
-	// TODO: Check Zone format
-	if s.defaultZone != nil && *s.defaultZone == "" {
-		return errors.New("default zone cannot be empty")
+	// API URL.
+	if !validation.IsURL(s.apiURL) {
+		return NewInvalidClientOptionError("invalid url %s", s.apiURL)
 	}
 
+	// TODO: check for max s.defaultPageSize
+
 	return nil
 }

scw/client_option.go

@@ -29,45 +29,64 @@ func TestClientOptions(t *testing.T) {
 		{
 			name: "Create a valid client option",
 			clientOption: func(s *settings) {
-				s.token = auth.NewToken(testAccessKey, testSecretKey)
-				s.apiURL = apiURL
+				s.token = auth.NewToken(v2ValidAccessKey, v2ValidSecretKey)
+				s.apiURL = v2ValidAPIURL
 				s.defaultOrganizationID = &defaultOrganizationID
 				s.defaultRegion = &defaultRegion
 				s.defaultZone = &defaultZone
 			},
 		},
 		{
-			name: "Should throw an access key error",
+			name: "Should throw an empty access key error",
 			clientOption: func(s *settings) {
-				s.apiURL = apiURL
-				s.token = auth.NewToken("", testSecretKey)
+				s.token = auth.NewToken("", v2ValidSecretKey)
 			},
 			errStr: "scaleway-sdk-go: access key cannot be empty",
 		},
 		{
-			name: "Should throw a secret key error",
+			name: "Should throw a bad access key error",
 			clientOption: func(s *settings) {
-				s.apiURL = apiURL
-				s.token = auth.NewToken(testSecretKey, "")
+				s.token = auth.NewToken(v2InvalidAccessKey, v2ValidSecretKey)
+			},
+			errStr: "scaleway-sdk-go: invalid access key format 'invalid', expected SCWXXXXXXXXXXXXXXXXX format",
+		},
+		{
+			name: "Should throw an empty secret key error",
+			clientOption: func(s *settings) {
+				s.token = auth.NewToken(v2ValidAccessKey, "")
 			},
 			errStr: "scaleway-sdk-go: secret key cannot be empty",
 		},
+		{
+			name: "Should throw a bad secret key error",
+			clientOption: func(s *settings) {
+				s.token = auth.NewToken(v2ValidAccessKey, v2InvalidSecretKey)
+			},
+			errStr: "scaleway-sdk-go: invalid secret key format 'invalid', expected a UUID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
+		},
 		{
 			name: "Should throw an url error",
 			clientOption: func(s *settings) {
 				s.apiURL = ":test"
-				s.token = auth.NewToken(testAccessKey, testSecretKey)
+				s.token = auth.NewToken(v2ValidAccessKey, v2ValidSecretKey)
 			},
-			errStr: "scaleway-sdk-go: invalid url :test: parse :test: missing protocol scheme",
+			errStr: "scaleway-sdk-go: invalid url :test",
 		},
 		{
-			name: "Should throw a organization id error",
+			name: "Should throw an empty organization ID error",
 			clientOption: func(s *settings) {
-				v := ""
-				s.token = auth.NewToken(testAccessKey, testSecretKey)
-				s.defaultOrganizationID = &v
+				s.token = auth.NewToken(v2ValidAccessKey, v2ValidSecretKey)
+				s.defaultOrganizationID = StringPtr("")
 			},
-			errStr: "scaleway-sdk-go: default organization id cannot be empty",
+			errStr: "scaleway-sdk-go: default organization ID cannot be empty",
+		},
+		{
+			name: "Should throw a bad organization ID error",
+			clientOption: func(s *settings) {
+				s.token = auth.NewToken(v2ValidAccessKey, v2ValidSecretKey)
+				s.defaultOrganizationID = StringPtr(v2InvalidDefaultOrganizationID)
+			},
+			errStr: "scaleway-sdk-go: invalid organization ID format 'invalid', expected a UUID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
 		},
 		{
 			name: "Should throw a region error",
@@ -78,6 +97,15 @@ func TestClientOptions(t *testing.T) {
 			},
 			errStr: "scaleway-sdk-go: default region cannot be empty",
 		},
+		{
+			name: "Should throw a bad region error",
+			clientOption: func(s *settings) {
+				v := Region(v2InvalidDefaultRegion)
+				s.token = auth.NewToken(testAccessKey, testSecretKey)
+				s.defaultRegion = &v
+			},
+			errStr: "scaleway-sdk-go: invalid default region format 'invalid', available regions are: fr-par, nl-ams",
+		},
 		{
 			name: "Should throw a zone error",
 			clientOption: func(s *settings) {
@@ -87,6 +115,15 @@ func TestClientOptions(t *testing.T) {
 			},
 			errStr: "scaleway-sdk-go: default zone cannot be empty",
 		},
+		{
+			name: "Should throw a bad zone error",
+			clientOption: func(s *settings) {
+				v := Zone(v2InvalidDefaultZone)
+				s.token = auth.NewToken(testAccessKey, testSecretKey)
+				s.defaultZone = &v
+			},
+			errStr: "scaleway-sdk-go: invalid default zone format 'invalid', available zones are: fr-par-1, fr-par-2, nl-ams-1",
+		},
 	}
 
 	for _, c := range testCases {

scw/client_option_test.go

@@ -15,7 +15,7 @@ import (
 const (
 	testAPIURL                = "https://api.example.com/"
 	defaultAPIURL             = "https://api.scaleway.com"
-	testAccessKey             = "ACCESS_KEY"
+	testAccessKey             = "SCW1234567890ABCDEFG"
 	testSecretKey             = "7363616c-6577-6573-6862-6f7579616161" // hint: | xxd -ps -r
 	testDefaultOrganizationID = "6170692e-7363-616c-6577-61792e636f6d" // hint: | xxd -ps -r
 	testDefaultRegion         = RegionFrPar

scw/client_test.go

@@ -404,15 +404,15 @@ const emptyFile = ""
 
 // v2 config
 var (
-	v2ValidAccessKey2             = "ACCESS_KEY2"
+	v2ValidAccessKey2             = "SCW234567890ABCDEFGH"
 	v2ValidSecretKey2             = "6f6e6574-6f72-756c-6c74-68656d616c6c" // hint: | xxd -ps -r
 	v2ValidAPIURL2                = "api-fr-par.scaleway.com"
 	v2ValidInsecure2              = "true"
 	v2ValidDefaultOrganizationID2 = "6d6f7264-6f72-6772-6561-74616761696e" // hint: | xxd -ps -r
 	v2ValidDefaultRegion2         = string(RegionFrPar)
 	v2ValidDefaultZone2           = string(ZoneFrPar2)
 
-	v2ValidAccessKey             = "ACCESS_KEY"
+	v2ValidAccessKey             = "SCW1234567890ABCDEFG"
 	v2ValidSecretKey             = "7363616c-6577-6573-6862-6f7579616161" // hint: | xxd -ps -r
 	v2ValidAPIURL                = "api.scaleway.com"
 	v2ValidInsecure              = "false"
@@ -421,6 +421,12 @@ var (
 	v2ValidDefaultZone           = string(ZoneNlAms1)
 	v2ValidProfile               = "flantier"
 
+	v2InvalidAccessKey             = "invalid"
+	v2InvalidSecretKey             = "invalid"
+	v2InvalidDefaultOrganizationID = "invalid"
+	v2InvalidDefaultRegion         = "invalid"
+	v2InvalidDefaultZone           = "invalid"
+
 	v2SimpleValidConfig = &Config{
 		Profile: Profile{
 			AccessKey:             &v2ValidAccessKey,
@@ -500,19 +506,19 @@ func TestConfigString(t *testing.T) {
 		},
 	}
 
-	testhelpers.Equals(t, `access_key: ACCESS_KEY
+	testhelpers.Equals(t, `access_key: SCW1234567890ABCDEFG
 secret_key: 7363616c-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 active_profile: flantier
 profiles:
   flantier:
-    access_key: ACCESS_KEY2
+    access_key: SCW234567890ABCDEFGH
     secret_key: 6f6e6574-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 `, c.String())
 	testhelpers.Equals(t, v2ValidSecretKey, *c.SecretKey)
 
 	p, err := c.GetActiveProfile()
 	testhelpers.AssertNoError(t, err)
-	testhelpers.Equals(t, `access_key: ACCESS_KEY2
+	testhelpers.Equals(t, `access_key: SCW234567890ABCDEFGH
 secret_key: 6f6e6574-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 `, p.String())
 	testhelpers.Equals(t, v2ValidSecretKey2, *p.SecretKey)

scw/config_test.go

@@ -256,20 +256,17 @@ func (e *OutOfStockError) GetRawBody() json.RawMessage {
 	return e.RawBody
 }
 
-type clientCredentialErrorType string
-
-const (
-	clientCredentialError_EmptyAccessKey = clientCredentialErrorType("access key cannot be empty")
-	clientCredentialError_EmptySecreyKey = clientCredentialErrorType("secret key cannot be empty")
-)
+// InvalidClientOptionError indicates that at least one of client data has been badly provided for the client creation.
+type InvalidClientOptionError struct {
+	errorType string
+}
 
-// clientCredentialError indicates that credentials have been badly provided for the client creation.
-type ClientCredentialError struct {
-	errorType clientCredentialErrorType
+func NewInvalidClientOptionError(format string, a ...interface{}) *InvalidClientOptionError {
+	return &InvalidClientOptionError{errorType: fmt.Sprintf(format, a...)}
 }
 
 // IsScwSdkError implements the SdkError interface
-func (e ClientCredentialError) IsScwSdkError() {}
-func (e ClientCredentialError) Error() string {
+func (e InvalidClientOptionError) IsScwSdkError() {}
+func (e InvalidClientOptionError) Error() string {
 	return fmt.Sprintf("scaleway-sdk-go: %s", e.errorType)
 }