From 46f33f77a40e64f73cbc749163a6f3a39620c97b Mon Sep 17 00:00:00 2001
From: Andrew Morgan <andrew@amorgan.xyz>
Date: Mon, 17 Aug 2020 16:22:26 +0100
Subject: [PATCH 1/3] Remove : from allowed client_secret chars

---
 sydent/util/stringutils.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/sydent/util/stringutils.py b/sydent/util/stringutils.py
index fbcd7984..e41ff662 100644
--- a/sydent/util/stringutils.py
+++ b/sydent/util/stringutils.py
@@ -15,9 +15,7 @@
 import re
 
 # https://matrix.org/docs/spec/client_server/r0.6.0#post-matrix-client-r0-register-email-requesttoken
-# Note: The : character is allowed here for older clients, but will be removed in a
-# future release. Context: https://github.com/matrix-org/sydent/issues/247
-client_secret_regex = re.compile(r"^[0-9a-zA-Z\.\=\_\-\:]+$")
+client_secret_regex = re.compile(r"^[0-9a-zA-Z\.\=\_\-]+$")
 
 
 def is_valid_client_secret(client_secret):

From af0e4b2c2696e4ff639f42db7ba387cb4bc3587a Mon Sep 17 00:00:00 2001
From: Andrew Morgan <andrew@amorgan.xyz>
Date: Mon, 17 Aug 2020 16:30:00 +0100
Subject: [PATCH 2/3] Changelog

---
 changelog.d/309.removal | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/309.removal

diff --git a/changelog.d/309.removal b/changelog.d/309.removal
new file mode 100644
index 00000000..ebb3882c
--- /dev/null
+++ b/changelog.d/309.removal
@@ -0,0 +1 @@
+Disallow `:` characters from being included in `client_secret` parameters across all related endpoints to match the spec. This is a breaking change.
\ No newline at end of file

From 87df1bfc21b54c35435a90d48cb97ed9b74aea27 Mon Sep 17 00:00:00 2001
From: Andrew Morgan <andrew@amorgan.xyz>
Date: Tue, 18 Aug 2020 11:30:04 +0100
Subject: [PATCH 3/3] removal -> bugfix, update wording

---
 changelog.d/309.bugfix  | 1 +
 changelog.d/309.removal | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 changelog.d/309.bugfix
 delete mode 100644 changelog.d/309.removal

diff --git a/changelog.d/309.bugfix b/changelog.d/309.bugfix
new file mode 100644
index 00000000..d776e409
--- /dev/null
+++ b/changelog.d/309.bugfix
@@ -0,0 +1 @@
+Sydent now correctly enforces the valid characters in the `client_secret` parameter used in various endpoints.
diff --git a/changelog.d/309.removal b/changelog.d/309.removal
deleted file mode 100644
index ebb3882c..00000000
--- a/changelog.d/309.removal
+++ /dev/null
@@ -1 +0,0 @@
-Disallow `:` characters from being included in `client_secret` parameters across all related endpoints to match the spec. This is a breaking change.
\ No newline at end of file