Skip to content

Commit 67c50e7

Browse files
sharmagotsharmagot
committed
Improve TOTP validation: trim whitespace and standardize auth error logs
1 parent f5a2d64 commit 67c50e7

File tree

1 file changed

+15
-11
lines changed

1 file changed

+15
-11
lines changed

vertica_python/vertica/connection.py

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -313,13 +313,15 @@ def __init__(self, options: Optional[Dict[str, Any]] = None) -> None:
313313
if self.totp is not None:
314314
if not isinstance(self.totp, str):
315315
raise TypeError('The value of connection option "totp" should be a string')
316+
# Normalize: trim surrounding whitespace
317+
self.totp = self.totp.strip()
316318
# Validate TOTP format: must be 6 numeric digits, with explicit non-numeric error
317319
if not self.totp.isdigit():
318-
self._logger.error('Invalid TOTP: contains non-numeric characters')
319-
raise errors.ConnectionError('Invalid TOTP: contains non-numeric characters')
320+
self._logger.error('Authentication failed: Invalid TOTP: contains non-numeric characters')
321+
raise errors.ConnectionError('Authentication failed: Invalid TOTP: contains non-numeric characters')
320322
if len(self.totp) != 6:
321-
self._logger.error('Invalid TOTP format in connection options. Must be a 6-digit number.')
322-
raise errors.ConnectionError('Invalid TOTP format: Must be a 6-digit number.')
323+
self._logger.error('Authentication failed: Invalid TOTP: must be 6 digits')
324+
raise errors.ConnectionError('Authentication failed: Invalid TOTP: must be 6 digits')
323325
self._logger.info('TOTP received in connection options')
324326

325327
# OAuth authentication setup
@@ -981,10 +983,10 @@ def send_startup(totp_value=None):
981983
short_msg = match.group(1).strip() if match else error_msg.strip()
982984

983985
if "Invalid TOTP" in short_msg:
984-
print("Authentication failed: Invalid TOTP token.")
985-
self._logger.error("Authentication failed: Invalid TOTP token.")
986+
print("Authentication failed: Invalid TOTP")
987+
self._logger.error("Authentication failed: Invalid TOTP")
986988
self.close_socket()
987-
raise errors.ConnectionError("Authentication failed: Invalid TOTP token.")
989+
raise errors.ConnectionError("Authentication failed: Invalid TOTP")
988990

989991
# Generic error fallback
990992
print(f"Authentication failed: {short_msg}")
@@ -1012,14 +1014,16 @@ def send_startup(totp_value=None):
10121014
self._logger.error("Invalid TOTP: Cannot be empty.")
10131015
raise errors.ConnectionError("Invalid TOTP: Cannot be empty.")
10141016

1017+
# ❌ Normalize: trim whitespace
1018+
totp_input = totp_input.strip()
10151019
# ❌ Validate TOTP format: explicit non-numeric error, then length check
10161020
if not totp_input.isdigit():
1017-
self._logger.error("Invalid TOTP: contains non-numeric characters")
1018-
raise errors.ConnectionError("Invalid TOTP: contains non-numeric characters")
1021+
self._logger.error("Authentication failed: Invalid TOTP: contains non-numeric characters")
1022+
raise errors.ConnectionError("Authentication failed: Invalid TOTP: contains non-numeric characters")
10191023
if len(totp_input) != 6:
10201024
print("Invalid TOTP format. Please enter a 6-digit code.")
1021-
self._logger.error("Invalid TOTP format entered.")
1022-
raise errors.ConnectionError("Invalid TOTP format: Must be a 6-digit number.")
1025+
self._logger.error("Authentication failed: Invalid TOTP: must be 6 digits")
1026+
raise errors.ConnectionError("Authentication failed: Invalid TOTP: must be 6 digits")
10231027
# ✅ Valid TOTP — retry connection
10241028
totp = totp_input
10251029
self.close_socket()

0 commit comments

Comments
 (0)