Don't allow bad tokens to create tokens in the db

2025-10-15 22:13:00 +00:00 · 2016-04-15 12:42:52 +02:00
parent fa4b666693
commit 094ac451c7
3 changed files with 23 additions and 1 deletions
--- a/jupyterhub/app.py
+++ b/jupyterhub/app.py
@@ -813,13 +813,22 @@ class JupyterHub(Application):
            orm_token = orm.APIToken.find(db, token)
            if orm_token is None:
                user = orm.User.find(db, username)
+                user_created = False
                if user is None:
+                    user_created = True
                    self.log.debug("Adding user %r to database", username)
                    user = orm.User(name=username)
                    db.add(user)
                    db.commit()
                self.log.info("Adding API token for %s", username)
+                try:
                    user.new_api_token(token)
+                except Exception:
+                    if user_created:
+                        # don't allow bad tokens to create users
+                        db.delete(user)
+                        db.commit()
+                        raise
            else:
                self.log.debug("Not duplicating token %s", orm_token)
        db.commit()
--- a/jupyterhub/orm.py
+++ b/jupyterhub/orm.py
@@ -313,6 +313,8 @@ class User(Base):
        if token is None:
            token = new_token()
        else:
+            if len(token) < 8:
+                raise ValueError("Tokens must be at least 8 characters, got %r" % token)
            found = APIToken.find(db, token)
            if found:
                raise ValueError("Collision on token: %s..." % token[:4])
--- a/jupyterhub/tests/test_app.py
+++ b/jupyterhub/tests/test_app.py
@@ -5,6 +5,9 @@ import re
 import sys
 from subprocess import check_output, Popen, PIPE
 from tempfile import NamedTemporaryFile, TemporaryDirectory
+
+import pytest
+
 from .mocking import MockHub
 from .. import orm

@@ -50,6 +53,7 @@ def test_generate_config():
    assert 'Spawner.cmd' in cfg_text
    assert 'Authenticator.whitelist' in cfg_text

+
 def test_init_tokens():
    with TemporaryDirectory() as td:
        db_file = os.path.join(td, 'jupyterhub.sqlite')
@@ -76,3 +80,10 @@ def test_init_tokens():
            assert api_token is not None
            user = api_token.user
            assert user.name == username
+        
+        # don't allow failed token insertion to create users:
+        tokens['short'] = 'gman'
+        app = MockHub(db_file=db_file, api_tokens=tokens)
+        # with pytest.raises(ValueError):
+        app.initialize([])
+        assert orm.User.find(app.db, 'gman') is None