incorporate the errors property from verification result and renamed the signature verification package inside security

Author: sufyankhanrao

README.md

@@ -71,7 +71,6 @@ pip install apimatic-core
 | [`OneOfValidationException`](apimatic_core/exceptions/oneof_validation_exception.py)     | Thrown on failed validation of oneOf union-type cases   |
 | [`AnyOfValidationException`](apimatic_core/exceptions/anyof_validation_exception.py)     | Thrown on failed validation of anyOf union-type cases   |
 | [`AuthValidationException`](apimatic_core/exceptions/auth_validation_exception.py)       | Thrown when authentication scheme validation fails      |
-| [`SignatureVerificationError`](apimatic_core/exceptions/signature_verification_error.py) | Thrown when HMAC or custom signature verification fails |
 
 ---
 
@@ -169,10 +168,10 @@ pip install apimatic-core
 
 | Name                                                                                                 | Description                                                                          |
 |------------------------------------------------------------------------------------------------------| ------------------------------------------------------------------------------------ |
-| [`HmacSignatureVerifier`](apimatic_core/security/signature_verification/hmac_signature_verifier.py)  | Verifies HMAC signatures using configurable templates, hash algorithms, and encoders |
-| [`HexEncoder`](apimatic_core/security/signature_verification/hmac_signature_verifier.py)             | Encodes digest as lowercase hex                                                      |
-| [`Base64Encoder`](apimatic_core/security/signature_verification/hmac_signature_verifier.py)          | Encodes digest as Base64                                                             |
-| [`Base64UrlEncoder`](apimatic_core/security/signature_verification/hmac_signature_verifier.py)       | Encodes digest as URL-safe Base64 without padding                                    |
+| [`HmacSignatureVerifier`](apimatic_core/security/signature_verifiers/hmac_signature_verifier.py)  | Verifies HMAC signatures using configurable templates, hash algorithms, and encoders |
+| [`HexEncoder`](apimatic_core/security/signature_verifiers/hmac_signature_verifier.py)             | Encodes digest as lowercase hex                                                      |
+| [`Base64Encoder`](apimatic_core/security/signature_verifiers/hmac_signature_verifier.py)          | Encodes digest as Base64                                                             |
+| [`Base64UrlEncoder`](apimatic_core/security/signature_verifiers/hmac_signature_verifier.py)       | Encodes digest as URL-safe Base64 without padding                                    |
 
 This layer enables secure handling of webhooks, callbacks, and API integrations that rely on HMAC or other signing strategies.
 

apimatic_core/exceptions/signature_verification_error.py

@@ -1,3 +1,3 @@
 __all__=[
-    'signature_verification'
+    'signature_verifiers'
 ]

apimatic_core/security/__init__.py

@@ -5,7 +5,6 @@
 from apimatic_core_interfaces.http.request import Request
 from apimatic_core_interfaces.security.signature_verifier import SignatureVerifier
 from apimatic_core_interfaces.types.signature_verification_result import SignatureVerificationResult
-from apimatic_core.exceptions.signature_verification_error import SignatureVerificationError
 
 
 class DigestEncoder:
@@ -83,7 +82,7 @@ def verify(self, request: Request) -> SignatureVerificationResult:
             provided = self._read_signature_header(request)
             if provided is None:
                 return SignatureVerificationResult.failed(
-                    ValueError(f"Signature header '{self._signature_header_lc}' is missing")
+                    [f"Signature header '{self._signature_header_lc}' is missing"]
                 )
 
             message_bytes = self._resolve_message_bytes(request)
@@ -93,11 +92,11 @@ def verify(self, request: Request) -> SignatureVerificationResult:
 
             is_match = hmac.compare_digest(provided, expected)
             return SignatureVerificationResult.passed() if is_match else SignatureVerificationResult.failed(
-                SignatureVerificationError("Signature mismatch")
+                ["Signature mismatch"]
             )
         except Exception as exc:
             return SignatureVerificationResult.failed(
-                SignatureVerificationError(f"Signature Verification Failed: {exc}")
+                [f"Signature Verification Failed: {exc}"]
             )
 
     # ------------- internal helpers -------------

…urity/signature_verification/__init__.py …security/signature_verifiers/__init__.pyapimatic_core/security/signature_verification/__init__.py renamed to apimatic_core/security/signature_verifiers/__init__.py apimatic_core/security/signature_verification/__init__.py renamed to apimatic_core/security/signature_verifiers/__init__.py

@@ -5,7 +5,7 @@
 import pytest
 from apimatic_core_interfaces.http.request import Request
 
-from apimatic_core.security.signature_verification.hmac_signature_verifier import (
+from apimatic_core.security.signature_verifiers.hmac_signature_verifier import (
     HmacSignatureVerifier,
     HexEncoder,
     Base64Encoder,
@@ -265,7 +265,7 @@ def test_missing_signature_header_fails(self, req_base, enc_hex):
             encoder=enc_hex,
         )
         result = verifier.verify(req_base)
-        assert not result.ok and isinstance(result.error, Exception)
+        assert not result.ok and "Signature header 'x-missing' is missing" == result.errors[0]
 
     def test_blank_signature_header_fails(self, req_base, enc_hex):
         verifier = HmacSignatureVerifier(
@@ -288,7 +288,7 @@ def test_signature_mismatch_fails(self, req_base, enc_hex):
         )
         req_wrong = _with_header(req_base, "X-Sig", "wrong")
         result = verifier.verify(req_wrong)
-        assert not result.ok and "Signature mismatch" in str(result.error)
+        assert not result.ok and "Signature mismatch" in str(result.errors[0])
 
     # ---------- Negative: resolver returns wrong type / None ----------
     @pytest.mark.parametrize("bad_resolver, error_message", [
@@ -303,7 +303,7 @@ def test_resolver_returning_invalid_leads_to_failed_result(self, bad_resolver, e
         )
         req_seeded = _with_header(req_base, "X-Sig", "does-not-matter")
         result = verifier.verify(req_seeded)
-        assert not result.ok and error_message in str(result.error)
+        assert not result.ok and error_message in str(result.errors[0])
 
     # ---------- Negative: encoder misconfigured (None) ----------
     def test_encoder_none_causes_failed_result(self, req_base):
@@ -315,7 +315,7 @@ def test_encoder_none_causes_failed_result(self, req_base):
         )
         req_seeded = _with_header(req_base, "X-Sig", "whatever")
         result = verifier.verify(req_seeded)
-        assert not result.ok and "Signature Verification Failed" in str(result.error)
+        assert not result.ok and "Signature Verification Failed" in str(result.errors[0])
 
     # ---------- Negative: fallback path with builder=None and raw_body=None ----------
     def test_builder_none_and_no_raw_body_causes_failed_result(self, req_base):
@@ -326,7 +326,7 @@ def test_builder_none_and_no_raw_body_causes_failed_result(self, req_base):
             canonical_message_builder=None,
         )
         result = verifier.verify(req)
-        assert not result.ok and "Signature mismatch" in str(result.error)
+        assert not result.ok and "Signature mismatch" in str(result.errors[0])
 
     # ---------- Negative: custom hash that raises ----------
     class BoomHash:
@@ -342,4 +342,4 @@ def test_hash_function_raises_produces_failed_result(self, req_base):
         )
         req_seeded = _with_header(req_base, "X-Sig", "anything")
         result = verifier.verify(req_seeded)
-        assert not result.ok and "Signature Verification Failed" in str(result.error)
+        assert not result.ok and "Signature Verification Failed" in str(result.errors[0])