···
def _validate_did(cls, v: str) -> None:
"""Validate DID format"""
127
-
if not v.startswith("did:"):
128
-
raise ValueError("DID must start with 'did:'")
raise ValueError("DID too long, max 2048 chars")
129
+
if not re.match(r"^did:[a-z]+:[a-zA-Z0-9._:%-]*[a-zA-Z0-9._-]$", v):
130
+
raise ValueError("Invalid URI format")
def _validate_handle(cls, v: str) -> None:
"""Validate handle format"""
135
-
if not re.match(r"^[a-zA-Z0-9._-]+$", v):
135
+
if not re.match(r"^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?$", v):
raise ValueError("Handle contains invalid characters")
raise ValueError("Handle too long, max 253 chars")
···
def _validate_at_uri(cls, v: str) -> None:
153
-
"""Validate AT-URI format"""
154
+
Validate AT-URI format according to AT Protocol specification.
157
+
v: AT-URI string to validate
160
+
ValueError: If URI violates any of these rules:
161
+
- Must start with 'at://'
163
+
- No trailing slash
164
+
- Authority must be valid DID or handle
165
+
- Path segments must follow NSID/RKEY rules if present
if not v.startswith("at://"):
raise ValueError("AT-URI must start with 'at://'")
157
-
raise ValueError("AT-URI too long, max 8000 chars")
169
+
if len(v) > 8192: # 8KB
170
+
raise ValueError("AT-URI too long, max 8KB")
171
+
if v.endswith('/'):
172
+
raise ValueError("AT-URI cannot have trailing slash")
175
+
parts = v[5:].split('/') # Skip 'at://'
176
+
authority = parts[0]
178
+
# Validate authority (DID or handle)
180
+
raise ValueError("AT-URI must have authority")
182
+
if authority.startswith('did:'):
183
+
# Basic DID format check - actual DID validation is done elsewhere
184
+
if len(authority) > 2048:
185
+
raise ValueError("DID too long")
186
+
if ':' not in authority[4:]:
187
+
raise ValueError("Invalid DID format")
189
+
# Handle validation
190
+
if not re.match(r'^[a-z0-9.-]+$', authority):
191
+
raise ValueError("Invalid handle characters")
192
+
if len(authority) > 253:
193
+
raise ValueError("Handle too long")
195
+
# Validate path segments if present
198
+
raise ValueError("AT-URI path too deep")
200
+
collection = parts[1]
201
+
if not re.match(r'^[a-zA-Z0-9.-]+$', collection):
202
+
raise ValueError("Invalid collection NSID")
207
+
raise ValueError("Record key cannot be empty")
208
+
if not re.match(r'^[a-zA-Z0-9._:%-~]+$', rkey):
209
+
raise ValueError("Invalid record key characters")
def _validate_cid(cls, v: str) -> None:
···
"""Validate NSID format"""
raise ValueError("NSID too long, max 317 chars")
172
-
if not re.match(r"^[a-zA-Z0-9.-]+$", v):
224
+
if not re.match(r"^[a-zA-Z]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+(\.[a-zA-Z]([a-zA-Z0-9]{0,62})?)$", v):
raise ValueError("NSID contains invalid characters")
···
"""Validate TID format"""
raise ValueError("TID too long, max 13 chars")
180
-
if not re.match(r"^[234567abcdefghijklmnopqrstuvwxyz]+$", v):
232
+
if not re.match(r"^[234567abcdefghij][234567abcdefghijklmnopqrstuvwxyz]{12}$", v):
raise ValueError("TID contains invalid characters")
···
"""Validate record-key format"""
raise ValueError("Record key too long, max 512 chars")
240
+
if v == "." or v == "..":
241
+
raise ValueError(f"Record key is {v}, which is not allowed")
if not re.match(r"^[a-zA-Z0-9._:%-~]+$", v):
raise ValueError("Record key contains invalid characters")
dwn.poxiao-labs.work