zulip/zerver/lib/redis_utils.py

import re
import secrets
from typing import Any, Dict, Mapping, Optional

import orjson
import redis
from django.conf import settings

# Redis accepts keys up to 512MB in size, but there's no reason for us to use such size,
# so we want to stay limited to 1024 characters.
MAX_KEY_LENGTH = 1024


class ZulipRedisError(Exception):
    pass


class ZulipRedisKeyTooLongError(ZulipRedisError):
    pass


class ZulipRedisKeyOfWrongFormatError(ZulipRedisError):
    pass


def get_redis_client() -> "redis.StrictRedis[bytes]":
    return redis.StrictRedis(
        host=settings.REDIS_HOST,
        port=settings.REDIS_PORT,
        password=settings.REDIS_PASSWORD,
        db=0,
        decode_responses=False,
    )


def put_dict_in_redis(
    redis_client: "redis.StrictRedis[bytes]",
    key_format: str,
    data_to_store: Mapping[str, Any],
    expiration_seconds: int,
    token_length: int = 64,
    token: Optional[str] = None,
) -> str:
    key_length = len(key_format) - len("{token}") + token_length
    if key_length > MAX_KEY_LENGTH:
        raise ZulipRedisKeyTooLongError(
            f"Requested key too long in put_dict_in_redis. Key format: {key_format}, token length: {token_length}",
        )
    if token is None:
        token = secrets.token_hex(token_length // 2)
    key = key_format.format(token=token)
    with redis_client.pipeline() as pipeline:
        pipeline.set(key, orjson.dumps(data_to_store))
        pipeline.expire(key, expiration_seconds)
        pipeline.execute()

    return key


def get_dict_from_redis(
    redis_client: "redis.StrictRedis[bytes]",
    key_format: str,
    key: str,
) -> Optional[Dict[str, Any]]:
    # This function requires inputting the intended key_format to validate
    # that the key fits it, as an additionally security measure. This protects
    # against bugs where a caller requests a key based on user input and doesn't
    # validate it - which could potentially allow users to poke around arbitrary Redis keys.
    if len(key) > MAX_KEY_LENGTH:
        raise ZulipRedisKeyTooLongError(
            f"Requested key too long in get_dict_from_redis: {key}",
        )
    validate_key_fits_format(key, key_format)

    data = redis_client.get(key)
    if data is None:
        return None
    return orjson.loads(data)


def validate_key_fits_format(key: str, key_format: str) -> None:
    assert "{token}" in key_format
    regex = key_format.format(token=r"[a-zA-Z0-9]+")

    if not re.fullmatch(regex, key):
        raise ZulipRedisKeyOfWrongFormatError(f"{key} does not match format {key_format}")
python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-06-11 00:54:34 +02:00			`import re`
python: Use standard secrets module to generate random tokens. There are three functional side effects: • Correct an insignificant but mathematically offensive bias toward repeated characters in generate_api_key introduced in commit 47b4283c4b4c70ecde4d3c8de871c90ee2506d87; its entropy is increased from 190.52864 bits to 190.53428 bits. • Use the base32 alphabet in confirmation.models.generate_key; its entropy is reduced from 124.07820 bits to the documented 120 bits, but now it uses 1 syscall instead of 24. • Use the base32 alphabet in get_bigbluebutton_url; its entropy is reduced from 51.69925 bits to 50 bits, but now it uses 1 syscall instead of 10. (The base32 alphabet is A-Z 2-7. We could probably replace all of these with plain secrets.token_urlsafe, since I expect most callers can handle the full urlsafe_b64 alphabet A-Z a-z 0-9 - _ without problems.) Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-09-05 04:02:13 +02:00			`import secrets`
auth: Avoid unchecked casts. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-06-23 00:39:19 +02:00			`from typing import Any, Dict, Mapping, Optional`
Add helper function for returning a Redis client (imported from commit 47f87d388d24343ac6b631181a55287eb8cd4a6d) 2014-02-05 00:35:32 +01:00
python: Replace ujson with orjson. Fixes #6507. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-08-07 01:09:47 +02:00			`import orjson`
Add helper function for returning a Redis client (imported from commit 47f87d388d24343ac6b631181a55287eb8cd4a6d) 2014-02-05 00:35:32 +01:00			`import redis`
python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-06-11 00:54:34 +02:00			`from django.conf import settings`

redis_utils: Validate requested key length in helper functions. 2020-01-26 17:01:23 +01:00			`# Redis accepts keys up to 512MB in size, but there's no reason for us to use such size,`
			`# so we want to stay limited to 1024 characters.`
			`MAX_KEY_LENGTH = 1024`

python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00			`class ZulipRedisError(Exception):`
			`pass`

python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00			`class ZulipRedisKeyTooLongError(ZulipRedisError):`
			`pass`

python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00			`class ZulipRedisKeyOfWrongFormatError(ZulipRedisError):`
redis_utils: Validate requested key length in helper functions. 2020-01-26 17:01:23 +01:00			`pass`

python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
requirements: Upgrade Python requirements. 2021-01-26 22:14:36 +01:00			`def get_redis_client() -> "redis.StrictRedis[bytes]":`
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00			`return redis.StrictRedis(`
			`host=settings.REDIS_HOST,`
			`port=settings.REDIS_PORT,`
			`password=settings.REDIS_PASSWORD,`
			`db=0,`
			`decode_responses=False,`
			`)`


			`def put_dict_in_redis(`
			`redis_client: "redis.StrictRedis[bytes]",`
			`key_format: str,`
			`data_to_store: Mapping[str, Any],`
			`expiration_seconds: int,`
			`token_length: int = 64,`
			`token: Optional[str] = None,`
			`) -> str:`
python: Normalize quotes with Black. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:20:45 +01:00			`key_length = len(key_format) - len("{token}") + token_length`
redis_utils: Validate requested key length in helper functions. 2020-01-26 17:01:23 +01:00			`if key_length > MAX_KEY_LENGTH:`
redis_utils: Convert percent formatting to f-strings. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-01-26 20:40:34 +01:00			`raise ZulipRedisKeyTooLongError(`
			`f"Requested key too long in put_dict_in_redis. Key format: {key_format}, token length: {token_length}",`
			`)`
redis_utils: Extend `put_dict_in_redis` to accept token as param. This extends `put_dict_in_redis` to take token as an argument and return that with the as a `key` with following key format. Also, edit regex for token to include uppercase letters as a token sent during apple authentication contains uppercase letters. Useful for Adding "Sign in with Apple" support. 2020-04-26 23:00:54 +02:00			`if token is None:`
python: Use standard secrets module to generate random tokens. There are three functional side effects: • Correct an insignificant but mathematically offensive bias toward repeated characters in generate_api_key introduced in commit 47b4283c4b4c70ecde4d3c8de871c90ee2506d87; its entropy is increased from 190.52864 bits to 190.53428 bits. • Use the base32 alphabet in confirmation.models.generate_key; its entropy is reduced from 124.07820 bits to the documented 120 bits, but now it uses 1 syscall instead of 24. • Use the base32 alphabet in get_bigbluebutton_url; its entropy is reduced from 51.69925 bits to 50 bits, but now it uses 1 syscall instead of 10. (The base32 alphabet is A-Z 2-7. We could probably replace all of these with plain secrets.token_urlsafe, since I expect most callers can handle the full urlsafe_b64 alphabet A-Z a-z 0-9 - _ without problems.) Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-09-05 04:02:13 +02:00			`token = secrets.token_hex(token_length // 2)`
redis_utils: Validate requested key length in helper functions. 2020-01-26 17:01:23 +01:00			`key = key_format.format(token=token)`
redis: Extract put_dict_in_redis and get_dict_from_redis helpers. 2020-01-20 14:17:53 +01:00			`with redis_client.pipeline() as pipeline:`
python: Replace ujson with orjson. Fixes #6507. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-08-07 01:09:47 +02:00			`pipeline.set(key, orjson.dumps(data_to_store))`
redis: Extract put_dict_in_redis and get_dict_from_redis helpers. 2020-01-20 14:17:53 +01:00			`pipeline.expire(key, expiration_seconds)`
			`pipeline.execute()`

			`return key`

python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
			`def get_dict_from_redis(`
			`redis_client: "redis.StrictRedis[bytes]",`
			`key_format: str,`
			`key: str,`
			`) -> Optional[Dict[str, Any]]:`
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00			`# This function requires inputting the intended key_format to validate`
			`# that the key fits it, as an additionally security measure. This protects`
			`# against bugs where a caller requests a key based on user input and doesn't`
docs: Fix more capitalization issues. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-10-23 02:43:28 +02:00			`# validate it - which could potentially allow users to poke around arbitrary Redis keys.`
redis_utils: Validate requested key length in helper functions. 2020-01-26 17:01:23 +01:00			`if len(key) > MAX_KEY_LENGTH:`
redis_utils: Convert percent formatting to f-strings. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-01-26 20:40:34 +01:00			`raise ZulipRedisKeyTooLongError(`
			`f"Requested key too long in get_dict_from_redis: {key}",`
			`)`
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00			`validate_key_fits_format(key, key_format)`

redis: Extract put_dict_in_redis and get_dict_from_redis helpers. 2020-01-20 14:17:53 +01:00			`data = redis_client.get(key)`
			`if data is None:`
			`return None`
python: Replace ujson with orjson. Fixes #6507. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-08-07 01:09:47 +02:00			`return orjson.loads(data)`
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00			`def validate_key_fits_format(key: str, key_format: str) -> None:`
			`assert "{token}" in key_format`
redis_utils: Extend `put_dict_in_redis` to accept token as param. This extends `put_dict_in_redis` to take token as an argument and return that with the as a `key` with following key format. Also, edit regex for token to include uppercase letters as a token sent during apple authentication contains uppercase letters. Useful for Adding "Sign in with Apple" support. 2020-04-26 23:00:54 +02:00			`regex = key_format.format(token=r"[a-zA-Z0-9]+")`
redis_utils: Require key_format argument in get_dict_from_redis. 2020-01-26 19:01:56 +01:00
			`if not re.fullmatch(regex, key):`
python: Convert percent formatting to Python 3.6 f-strings. Generated by pyupgrade --py36-plus. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-06-10 06:41:04 +02:00			`raise ZulipRedisKeyOfWrongFormatError(f"{key} does not match format {key_format}")`