This is an automated email from the ASF dual-hosted git repository.
dimas pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/main by this push:
new 7bd71e07a Remove client_id, client_secret regex/pattern validation on
reset endpoint call (#3276)
7bd71e07a is described below
commit 7bd71e07a8666f4c82276a94cac04e9371d551ad
Author: Romain Manni-Bucau <[email protected]>
AuthorDate: Tue Jan 20 00:56:51 2026 +0100
Remove client_id, client_secret regex/pattern validation on reset endpoint
call (#3276)
client_id/client_secret patterns are validated when calling reset endpoint
but the pattern is hardcoded which can be too rigid.
---
CHANGELOG.md | 1 +
.../polaris/service/admin/PolarisServiceImpl.java | 18 ------------------
2 files changed, 1 insertion(+), 18 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 93e51deab..ae2240881 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -66,6 +66,7 @@ request adding CHANGELOG notes for breaking (!) changes and
possibly other secti
- Added `hierarchical` flag to `AzureStorageConfigInfo` to allow more precise
SAS token down-scoping in ADLS when
the [hierarchical
namespace](https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-namespace)
feature is enabled in Azure.
+- Relaxed `client_id`, `client_secret` regex/pattern validation on reset
endpoint call
### Changes
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java
b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java
index eebd3aa16..ce94470b6 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java
@@ -136,18 +136,6 @@ public class PolarisServiceImpl
return Response.status(Response.Status.CREATED).entity(newCatalog).build();
}
- private void validateClientId(String clientId) {
- if (!clientId.matches("^[0-9a-f]{16}$")) {
- throw new IllegalArgumentException("Invalid clientId format");
- }
- }
-
- private void validateClientSecret(String clientSecret) {
- if (!clientSecret.matches("^[0-9a-f]{32}$")) {
- throw new IllegalArgumentException("Invalid clientSecret format");
- }
- }
-
private void validateStorageConfig(StorageConfigInfo storageConfigInfo) {
List<String> allowedStorageTypes =
realmConfig.getConfig(FeatureConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES);
@@ -304,12 +292,6 @@ public class PolarisServiceImpl
? resetPrincipalRequest
: new ResetPrincipalRequest(null, null);
- if (safeResetPrincipalRequest.getClientId() != null) {
- validateClientId(safeResetPrincipalRequest.getClientId());
- }
- if (safeResetPrincipalRequest.getClientSecret() != null) {
- validateClientSecret(safeResetPrincipalRequest.getClientSecret());
- }
return Response.ok(adminService.resetCredentials(principalName,
safeResetPrincipalRequest))
.build();
}
