function validate_azure_client_secret
Validates an Azure client secret by checking for placeholder values, minimum length requirements, and common invalid patterns.
/tf/active/vicechatdev/SPFCsync/validate_config.py
45 - 56
simple
Purpose
This function performs validation checks on an Azure AD application client secret to ensure it has been properly configured and is not using default/placeholder values. It helps catch common configuration errors before attempting to authenticate with Azure services. The function returns a tuple indicating validation success/failure along with a descriptive message.
Source Code
def validate_azure_client_secret(client_secret):
"""Validate Azure client secret."""
if not client_secret or client_secret == "your-azure-app-client-secret":
return False, "Please update AZURE_CLIENT_SECRET with your Azure AD app's client secret"
if len(client_secret) < 10:
return False, "Client secret seems too short. Make sure you copied the full secret value"
if "your-" in client_secret or "example" in client_secret.lower():
return False, "Please replace with your actual client secret value"
return True, "Azure Client Secret appears to be set"Parameters
| Name | Type | Default | Kind |
|---|---|---|---|
client_secret |
- | - | positional_or_keyword |
Parameter Details
client_secret: The Azure AD application client secret string to validate. Expected to be a non-empty string containing the actual secret value obtained from Azure portal. Should be at least 10 characters long and not contain placeholder text like 'your-' or 'example'.
Return Value
Returns a tuple of (bool, str). The first element is True if validation passes, False otherwise. The second element is a string message describing the validation result or error. Possible return values: (False, 'Please update AZURE_CLIENT_SECRET...') if empty or default value; (False, 'Client secret seems too short...') if less than 10 characters; (False, 'Please replace with your actual...') if contains placeholder text; (True, 'Azure Client Secret appears to be set') if all validations pass.
Usage Example
# Example 1: Invalid placeholder value
is_valid, message = validate_azure_client_secret('your-azure-app-client-secret')
print(f"Valid: {is_valid}, Message: {message}")
# Output: Valid: False, Message: Please update AZURE_CLIENT_SECRET with your Azure AD app's client secret
# Example 2: Too short
is_valid, message = validate_azure_client_secret('abc123')
print(f"Valid: {is_valid}, Message: {message}")
# Output: Valid: False, Message: Client secret seems too short. Make sure you copied the full secret value
# Example 3: Valid secret
is_valid, message = validate_azure_client_secret('a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6')
print(f"Valid: {is_valid}, Message: {message}")
# Output: Valid: True, Message: Azure Client Secret appears to be set
# Example 4: Using with environment variable
import os
client_secret = os.getenv('AZURE_CLIENT_SECRET', '')
is_valid, message = validate_azure_client_secret(client_secret)
if not is_valid:
print(f"Configuration error: {message}")
sys.exit(1)Best Practices
- Always validate the client secret before attempting Azure authentication to provide clear error messages
- Use this function during application startup or configuration loading to fail fast with helpful messages
- The function checks for common mistakes but does not verify if the secret is actually valid with Azure - actual authentication is still required
- Consider logging validation failures (without logging the actual secret value) for debugging purposes
- This validation is a first-line defense; always handle authentication errors gracefully in production code
- Never log or display the actual client secret value in error messages or logs
Tags
Similar Components
AI-powered semantic similarity - components with related functionality:
-
function validate_azure_client_id 78.7% similar
-
function test_azure_token 59.6% similar
-
function main_v19 59.1% similar
-
function test_sharepoint_connection 55.0% similar
-
function test_rest_client 53.4% similar