Skip to content

feat: Introduce identifying used authz token getters #221

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
May 12, 2025
Merged

feat: Introduce identifying used authz token getters #221

merged 6 commits into from
May 12, 2025

Conversation

anubhav756
Copy link
Contributor

This PR adds the feature in identify_required_authn_params helper to determine which of the provided auth token getters are actively used to satisfy a tool's authorization requirements (as defined by the authRequired key in its manifest).

This is a foundational step towards future validation in ToolboxTool.add_auth_token_getters, which will ensure no configured auth token getters remain unused, thereby preventing potential misconfigurations.

@anubhav756 anubhav756 self-assigned this May 6, 2025
@anubhav756 anubhav756 requested a review from a team as a code owner May 6, 2025 07:49
kurtisvg
kurtisvg approved these changes May 8, 2025
View reviewed changes
Base automatically changed from anubhav-error to main May 12, 2025 13:42
anubhav756 added 6 commits May 12, 2025 19:14
@anubhav756
chore: Add unit test coverage.
40e995a
@anubhav756
chore: Consolidate auth header creation logic
a48389a 
Post adding the feature of adding client-level auth headers (#178), we have the logic for creating an auth header, from the given auth token getter name, in 3 different places.

This PR unifies all of that logic into a single helper to improve maintenance, and make it easier to change the way we add suffix/prefix, and reduces WET code.
@anubhav756
docs: Add names to return values for better readability
bf10677
@anubhav756
chore: Improve readability
1e8d265
@anubhav756
chore: Remove redundant tests
2795b7a
@anubhav756
feat: Introduce identifying used authz token getters
8149616 
This PR adds the feature in `identify_required_authn_params` helper to determine which of the provided auth token getters are actively used to satisfy a tool's authorization requirements (as defined by the `authRequired` key in its manifest).

This is a foundational step towards future validation in `ToolboxTool.add_auth_token_getters`, which will ensure no configured auth token getters remain unused, thereby preventing potential misconfigurations.
@anubhav756 anubhav756 force-pushed the anubhav-authz-required branch from c7dbc3c to 8149616 Compare May 12, 2025 14:05
@anubhav756 anubhav756 merged commit 5d49936 into main May 12, 2025
19 checks passed
@anubhav756 anubhav756 deleted the anubhav-authz-required branch May 12, 2025 14:16
@release-please release-please bot mentioned this pull request May 12, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kurtisvg kurtisvg kurtisvg approved these changes

@twishabansal twishabansal Awaiting requested review from twishabansal

Assignees

@anubhav756 anubhav756

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anubhav756 @kurtisvg