fix: Update SDK key validation to follow dotnet pattern

- Rename validate_sdk_key to is_valid_sdk_key_format
- Use dotnet regex pattern ^[-a-zA-Z0-9._]+$ instead of HTTP header validation
- Add maximum length validation of 8192 characters
- Change from raising ValueError to silently not setting invalid keys
- Update all tests to expect silent failure instead of exceptions
- Update documentation to reflect new behavior

Co-Authored-By: jbailey@launchdarkly.com <accounts@sidewaysgravity.com>

Author: devin-ai-integration[bot]

ldclient/config.py

@@ -9,7 +9,7 @@
 
 from ldclient.feature_store import InMemoryFeatureStore
 from ldclient.hook import Hook
-from ldclient.impl.util import log, validate_application_info, validate_sdk_key
+from ldclient.impl.util import log, validate_application_info, is_valid_sdk_key_format
 from ldclient.interfaces import (
     BigSegmentStore,
     DataSourceUpdateSink,
@@ -261,10 +261,10 @@ def __init__(
         :param omit_anonymous_contexts: Sets whether anonymous contexts should be omitted from index and identify events.
         :param payload_filter_key: The payload filter is used to selectively limited the flags and segments delivered in the data source payload.
         """
-        if sdk_key and not validate_sdk_key(sdk_key, log):
-            raise ValueError("SDK key contains invalid characters")
-        
-        self.__sdk_key = sdk_key
+        if is_valid_sdk_key_format(sdk_key):
+            self.__sdk_key = sdk_key
+        else:
+            self.__sdk_key = None
 
         self.__base_uri = base_uri.rstrip('/')
         self.__events_uri = events_uri.rstrip('/')
@@ -305,6 +305,7 @@ def __init__(
 
     def copy_with_new_sdk_key(self, new_sdk_key: str) -> 'Config':
         """Returns a new ``Config`` instance that is the same as this one, except for having a different SDK key.
+        The key will not be updated if the provided key contains invalid characters.
 
         :param new_sdk_key: the new SDK key
         """

ldclient/impl/util.py

@@ -53,20 +53,21 @@ def validate_application_value(value: Any, name: str, logger: logging.Logger) ->
     return value
 
 
-def validate_sdk_key(sdk_key: str, logger: logging.Logger) -> bool:
+def is_valid_sdk_key_format(sdk_key: str) -> bool:
     """
-    Validate that an SDK key contains only characters that are valid for HTTP headers.
-    Returns True if valid, False if invalid. Logs a generic error message for invalid keys.
+    Validates that a string does not contain invalid characters and is not too long for our systems.
+    Returns True if the SDK key format is valid, otherwise False.
     """
+    if sdk_key is None or sdk_key == '':
+        return True
+    
     if not isinstance(sdk_key, str):
-        logger.warning("SDK key must be a string")
         return False
 
-    if sdk_key == '':
-        return True  # Empty keys are handled separately in _validate()
+    if len(sdk_key) > 8192:
+        return False
 
-    if re.search(r"[^\x21-\x7E]", sdk_key):
-        logger.warning("SDK key contains invalid characters")
+    if not re.match(r'^[-a-zA-Z0-9._]+$', sdk_key):
         return False
 
     return True

ldclient/testing/impl/test_util.py

@@ -1,56 +1,53 @@
-import logging
-from unittest.mock import Mock
-from ldclient.impl.util import validate_sdk_key
+from ldclient.impl.util import is_valid_sdk_key_format
 
 
-def test_validate_sdk_key_valid():
+def test_is_valid_sdk_key_format_valid():
     """Test validation of valid SDK keys"""
-    logger = Mock(spec=logging.Logger)
-    
     valid_keys = [
         "sdk-12345678-1234-1234-1234-123456789012",
         "valid-sdk-key-123",
-        "VALID_SDK_KEY_456"
+        "VALID_SDK_KEY_456",
+        "test.key_with.dots",
+        "test-key-with-hyphens"
     ]
 
     for key in valid_keys:
-        assert validate_sdk_key(key, logger) is True
-        logger.warning.assert_not_called()
-        logger.reset_mock()
+        assert is_valid_sdk_key_format(key) is True
 
 
-def test_validate_sdk_key_invalid():
+def test_is_valid_sdk_key_format_invalid():
     """Test validation of invalid SDK keys"""
-    logger = Mock(spec=logging.Logger)
-    
     invalid_keys = [
         "sdk-key-with-\x00-null",
         "sdk-key-with-\n-newline", 
-        "sdk-key-with-\t-tab"
+        "sdk-key-with-\t-tab",
+        "sdk key with spaces",
+        "sdk@key#with$special%chars",
+        "sdk/key\\with/slashes"
     ]
 
     for key in invalid_keys:
-        assert validate_sdk_key(key, logger) is False
-        logger.warning.assert_called_with("SDK key contains invalid characters")
-        logger.reset_mock()
+        assert is_valid_sdk_key_format(key) is False
 
 
-def test_validate_sdk_key_non_string():
+def test_is_valid_sdk_key_format_non_string():
     """Test validation of non-string SDK keys"""
-    logger = Mock(spec=logging.Logger)
-    
-    non_string_values = [123, None, object(), [], {}]
+    non_string_values = [123, object(), [], {}]
 
     for value in non_string_values:
-        result = validate_sdk_key(value, logger)
-        assert result is False
-        logger.warning.assert_called_with("SDK key must be a string")
-        logger.reset_mock()
+        assert is_valid_sdk_key_format(value) is False
+
+
+def test_is_valid_sdk_key_format_empty_and_none():
+    """Test validation of empty and None SDK keys"""
+    assert is_valid_sdk_key_format("") is True
+    assert is_valid_sdk_key_format(None) is True
 
 
-def test_validate_sdk_key_empty():
-    """Test validation of empty SDK keys"""
-    logger = Mock(spec=logging.Logger)
+def test_is_valid_sdk_key_format_max_length():
+    """Test validation of SDK key maximum length"""
+    valid_key = "a" * 8192
+    assert is_valid_sdk_key_format(valid_key) is True
 
-    assert validate_sdk_key("", logger) is True
-    logger.warning.assert_not_called()
+    invalid_key = "a" * 8193
+    assert is_valid_sdk_key_format(invalid_key) is False

ldclient/testing/test_config.py

@@ -50,7 +50,9 @@ def test_sdk_key_validation_valid_keys():
     valid_keys = [
         "sdk-12345678-1234-1234-1234-123456789012",
         "valid-sdk-key-123",
-        "VALID_SDK_KEY_456"
+        "VALID_SDK_KEY_456",
+        "test.key_with.dots",
+        "test-key-with-hyphens"
     ]
 
     for key in valid_keys:
@@ -59,25 +61,55 @@ def test_sdk_key_validation_valid_keys():
 
 
 def test_sdk_key_validation_invalid_keys():
-    """Test that invalid SDK keys are rejected"""
+    """Test that invalid SDK keys are not set"""
     invalid_keys = [
         "sdk-key-with-\x00-null",
         "sdk-key-with-\n-newline",
         "sdk-key-with-\t-tab",
-        "sdk-key-with-\x7F-del"
+        "sdk key with spaces",
+        "sdk@key#with$special%chars",
+        "sdk/key\\with/slashes"
     ]
 
     for key in invalid_keys:
-        with pytest.raises(ValueError, match="SDK key contains invalid characters"):
-            Config(sdk_key=key)
+        config = Config(sdk_key=key)
+        assert config.sdk_key is None
 
 
 def test_sdk_key_validation_empty_key():
-    """Test that empty SDK keys don't trigger format validation"""
+    """Test that empty SDK keys are accepted"""
     config = Config(sdk_key="")
     assert config.sdk_key == ""
 
 
+def test_sdk_key_validation_none_key():
+    """Test that None SDK keys are accepted"""
+    config = Config(sdk_key=None)
+    assert config.sdk_key is None
+
+
+def test_sdk_key_validation_max_length():
+    """Test SDK key maximum length validation"""
+    valid_key = "a" * 8192
+    config = Config(sdk_key=valid_key)
+    assert config.sdk_key == valid_key
+    
+    invalid_key = "a" * 8193
+    config = Config(sdk_key=invalid_key)
+    assert config.sdk_key is None
+
+
+def test_copy_with_new_sdk_key_validation():
+    """Test that copy_with_new_sdk_key validates the new key"""
+    original_config = Config(sdk_key="valid-key")
+    
+    new_config = original_config.copy_with_new_sdk_key("another-valid-key")
+    assert new_config.sdk_key == "another-valid-key"
+    
+    invalid_config = original_config.copy_with_new_sdk_key("invalid key with spaces")
+    assert invalid_config.sdk_key is None
+
+
 def application_can_be_set_and_read():
     application = {"id": "my-id", "version": "abcdef"}
     config = Config(sdk_key="SDK_KEY", application=application)