fix: review fixes

CHANGELOG.md

@@ -7,7 +7,8 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## Unreleased
 
-- Adds validation to firstFactors name while creating tenants/apps/etc. to not allow special chars.
+- Adds validation to firstFactors and requiredSecondaryFactors names while creating tenants/apps/etc. to not allow 
+  special chars.
 
 ## [9.2.2] - 2024-09-04
 

src/main/java/io/supertokens/webserver/api/multitenancy/BaseCreateOrUpdate.java

@@ -102,7 +102,7 @@ protected void handle(HttpServletRequest req, HttpServletResponse resp, TenantId
 
             // Apply updates based on CDI version
             tenantConfig = applyTenantUpdates(tenantConfig, getVersionFromRequest(req), isV2, input);
-            validateFirstFactorsName(tenantConfig);
+            validateFactorsName(tenantConfig);
 
             // Write tenant config to db
             createOrUpdate(req, sourceTenantIdentifier, tenantConfig);
@@ -939,15 +939,25 @@ private static TenantConfig applyTenantUpdates_5_0(TenantConfig tenantConfig, Js
         return tenantConfig;
     }
 
-    private static void validateFirstFactorsName(TenantConfig tenantConfig) throws ServletException {
-        if(tenantConfig.firstFactors != null && tenantConfig.firstFactors.length > 0) {
-            String allowedPattern = "^[0-9a-z-]+$";
-            for(String firstFactor: tenantConfig.firstFactors){
-                if(firstFactor != null && !firstFactor.matches(allowedPattern)){
-                    throw new ServletException(new BadRequestException("firstFactors should not contain only 0-9,a-z,- characters"));
+    private static void validateFactorsName(TenantConfig tenantConfig) throws ServletException{
+        if(!areFactorNamesValid(tenantConfig.firstFactors)){
+            throw new ServletException(new BadRequestException("firstFactors should contain only 0-9,a-z,A-Z,_,- characters"));
+        }
+        if(!areFactorNamesValid(tenantConfig.requiredSecondaryFactors)){
+            throw new ServletException(new BadRequestException("requiredSecondaryFactors should contain only 0-9,a-z,A-Z,_,- characters"));
+        }
+    }
+
+    private static boolean areFactorNamesValid(String[] factors) {
+        if(factors != null && factors.length > 0) {
+            String allowedPattern = "^[0-9a-zA-Z_-]+$";
+            for(String factor: factors){
+                if(factor != null && !factor.matches(allowedPattern)){
+                    return false;
                 }
             }
         }
+        return true;
     }
 
     private static TenantConfig applyV2TenantUpdates_5_1(TenantConfig tenantConfig, JsonObject input)