/
user_config_validator.go
86 lines (63 loc) · 1.57 KB
/
user_config_validator.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package config
import (
"regexp"
"github.com/yolo-sh/aws-cloud-provider/userconfig"
awsRegions "github.com/jsonmaur/aws-regions/v2"
)
const (
AWSAccessKeyIDPattern = "^[A-Z0-9]{20}$"
AWSSecretAccessKeyPattern = "^[A-Za-z0-9/+=]{40}$"
)
type UserConfigValidator struct{}
func NewUserConfigValidator() UserConfigValidator {
return UserConfigValidator{}
}
func (u UserConfigValidator) Validate(userConfig *userconfig.Config) error {
region := userConfig.Region
if err := u.validateRegion(region); err != nil {
return err
}
creds := userConfig.Credentials
accessKeyID := creds.AccessKeyID
secretAccessKey := creds.SecretAccessKey
if err := u.validateAccessKeyID(accessKeyID); err != nil {
return err
}
if err := u.validateSecretAccessKey(secretAccessKey); err != nil {
return err
}
return nil
}
func (UserConfigValidator) validateRegion(region string) error {
_, err := awsRegions.LookupByCode(region)
if err != nil {
return ErrInvalidRegion{
Region: region,
}
}
return nil
}
func (UserConfigValidator) validateAccessKeyID(accessKeyID string) error {
match, err := regexp.MatchString(AWSAccessKeyIDPattern, accessKeyID)
if err != nil {
return err
}
if !match {
return ErrInvalidAccessKeyID{
AccessKeyID: accessKeyID,
}
}
return nil
}
func (UserConfigValidator) validateSecretAccessKey(secretAccessKey string) error {
match, err := regexp.MatchString(AWSSecretAccessKeyPattern, secretAccessKey)
if err != nil {
return err
}
if !match {
return ErrInvalidSecretAccessKey{
SecretAccessKey: secretAccessKey,
}
}
return nil
}