Add validation where GUIDs are expected

Question

Add validation where GUIDs are expected

Closed this issue 3 years ago · 3 comments

Seeing some confusion between integer app IDs and GUIDs among users of the library. Should look into properly validating when one vs the other is expected.

Answer 1 · 2022-04-14T15:45:03.000Z

Sample GUID validation method by a Veracoder. Is there a better way?

def is_guid(str):
    # Regex to check valid
    # GUID (Globally Unique Identifier)
    regex = "^[{]?[0-9a-fA-F]{8}" + "-([0-9a-fA-F]{4}-)" + "{3}[0-9a-fA-F]{12}[}]?$"
         
    # Compile the ReGex
    p = re.compile(regex)
 
    # If the string is empty
    # return false
    if (str == None):
        return False
 
    # Return if the string
    # matched the ReGex
    if(re.search(p, str)):
        return True
    else:
        return False

Answer 2 · 2022-04-14T16:01:14.000Z

Hah, I already wrote a method for this, at the cost of an additional import:

from uuid import UUID

def is_valid_uuid(uuid_to_test, version=4):
    try:
        uuid_obj = UUID(uuid_to_test, version=version)
    except ValueError:
        return False
    return str(uuid_obj) == uuid_to_test

Source: https://github.com/tjarrettveracode/veracode-pipeline-mitigation/blob/5fe6d1e97e32d9692c91884aa53e8e3a1a0ecc44/vcpipemit.py#L56

Answer 3 · 2022-04-14T16:23:48.000Z

Instead of validation, going to use argument typing as it's cleaner…