From b804cef08f15a95bd3c52d822af90bc9c2fc1770 Mon Sep 17 00:00:00 2001
From: pulak-opti <pulak.bhowmick@episerver.com>
Date: Thu, 3 Oct 2024 23:37:21 +0600
Subject: [PATCH 1/5] add doc in config.yaml for secure env datafileURL
 template

---
 config.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config.yaml b/config.yaml
index 431ddd6c..d6d3c401 100644
--- a/config.yaml
+++ b/config.yaml
@@ -170,6 +170,7 @@ client:
     ## the maximum time between events being dispatched
     flushInterval: 30s
     ## Template URL for SDK datafile location. The template should specify a "%s" token for SDK key substitution.
+    ## For secure environments, the datafileURLTemplate should be set to "https://config.optimizely.com/datafiles/auth/%s.json"
     datafileURLTemplate: "https://cdn.optimizely.com/datafiles/%s.json"
     ## URL for dispatching events.
     eventURL: "https://logx.optimizely.com/v1/events"

From 789c59e7c2922ce215443faa7b93027f274359a4 Mon Sep 17 00:00:00 2001
From: pulak-opti <pulak.bhowmick@episerver.com>
Date: Fri, 4 Oct 2024 13:22:56 +0600
Subject: [PATCH 2/5] update regex to allow special characters

---
 config.yaml      | 2 +-
 config/config.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/config.yaml b/config.yaml
index d6d3c401..46919209 100644
--- a/config.yaml
+++ b/config.yaml
@@ -177,7 +177,7 @@ client:
     ## Validation Regex on the request SDK Key
     ## By default Agent assumes only alphanumeric characters as part of the SDK Key string.
     ## https://github.com/google/re2/wiki/Syntax
-    sdkKeyRegex: "^\\w+(:\\w+)?$"
+    SdkKeyRegex: "^[a-zA-Z0-9=-]+(:[a-zA-Z0-9=-]+)?$"
     ## configure optional User profile service
     userProfileService:
       default: ""
diff --git a/config/config.go b/config/config.go
index 67234cf8..8b739220 100644
--- a/config/config.go
+++ b/config/config.go
@@ -82,7 +82,7 @@ func NewDefaultConfig() *AgentConfig {
 			DatafileURLTemplate: "https://cdn.optimizely.com/datafiles/%s.json",
 			EventURL:            "https://logx.optimizely.com/v1/events",
 			// https://github.com/google/re2/wiki/Syntax
-			SdkKeyRegex: "^\\w+(:\\w+)?$",
+			SdkKeyRegex: "^[a-zA-Z0-9=-]+(:[a-zA-Z0-9=-]+)?$",
 			UserProfileService: UserProfileServiceConfigs{
 				"default":  "",
 				"services": map[string]interface{}{},

From d2545286c90f6a88544b1a67ac8c49916181a748 Mon Sep 17 00:00:00 2001
From: pulak-opti <pulak.bhowmick@episerver.com>
Date: Fri, 4 Oct 2024 13:36:52 +0600
Subject: [PATCH 3/5] update unit test

---
 pkg/optimizely/cache_test.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkg/optimizely/cache_test.go b/pkg/optimizely/cache_test.go
index 2865f29a..222b7d06 100644
--- a/pkg/optimizely/cache_test.go
+++ b/pkg/optimizely/cache_test.go
@@ -780,6 +780,7 @@ func (s *DefaultLoaderTestSuite) TestDefaultRegexValidator() {
 		{":", false},
 		{"abc:def:hij", false},
 		{"abc:", false},
+		{"123sdkKey:accesTokenWith=", true},
 	}
 
 	conf := config.NewDefaultConfig()

From a07d393a192c2c5160a08ca81a2e76dee902c3e7 Mon Sep 17 00:00:00 2001
From: pulak-opti <pulak.bhowmick@episerver.com>
Date: Fri, 4 Oct 2024 13:41:28 +0600
Subject: [PATCH 4/5] update regex

---
 config.yaml      | 2 +-
 config/config.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/config.yaml b/config.yaml
index 46919209..2b237d7b 100644
--- a/config.yaml
+++ b/config.yaml
@@ -177,7 +177,7 @@ client:
     ## Validation Regex on the request SDK Key
     ## By default Agent assumes only alphanumeric characters as part of the SDK Key string.
     ## https://github.com/google/re2/wiki/Syntax
-    SdkKeyRegex: "^[a-zA-Z0-9=-]+(:[a-zA-Z0-9=-]+)?$"
+    sdkKeyRegex: "^[\\w=]+(:[\\w=]+)?$"
     ## configure optional User profile service
     userProfileService:
       default: ""
diff --git a/config/config.go b/config/config.go
index 8b739220..9e0eb059 100644
--- a/config/config.go
+++ b/config/config.go
@@ -82,7 +82,7 @@ func NewDefaultConfig() *AgentConfig {
 			DatafileURLTemplate: "https://cdn.optimizely.com/datafiles/%s.json",
 			EventURL:            "https://logx.optimizely.com/v1/events",
 			// https://github.com/google/re2/wiki/Syntax
-			SdkKeyRegex: "^[a-zA-Z0-9=-]+(:[a-zA-Z0-9=-]+)?$",
+			SdkKeyRegex: "^[\\w=]+(:[\\w=]+)?$",
 			UserProfileService: UserProfileServiceConfigs{
 				"default":  "",
 				"services": map[string]interface{}{},

From 164c8e5cf0c4deed4e03c3052557bacc61ff4816 Mon Sep 17 00:00:00 2001
From: pulak-opti <pulak.bhowmick@episerver.com>
Date: Fri, 4 Oct 2024 13:45:47 +0600
Subject: [PATCH 5/5] update config unit test

---
 config/config_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/config_test.go b/config/config_test.go
index 969e7748..4001828c 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -82,7 +82,7 @@ func TestDefaultConfig(t *testing.T) {
 	assert.Equal(t, 30*time.Second, conf.Client.FlushInterval)
 	assert.Equal(t, "https://cdn.optimizely.com/datafiles/%s.json", conf.Client.DatafileURLTemplate)
 	assert.Equal(t, "https://logx.optimizely.com/v1/events", conf.Client.EventURL)
-	assert.Equal(t, "^\\w+(:\\w+)?$", conf.Client.SdkKeyRegex)
+	assert.Equal(t, "^[\\w=]+(:[\\w=]+)?$", conf.Client.SdkKeyRegex)
 	assert.Equal(t, "", conf.Client.UserProfileService["default"])
 	assert.Equal(t, false, conf.Client.ODP.Disable)
 	assert.Equal(t, 1*time.Second, conf.Client.ODP.EventsFlushInterval)