Skip to content

Commit 711b4ec

Browse files
gjtorikianclaude
gjtorikian
and
claude
committed
style: format hand-maintained files with ruff
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 30f14e8 commit 711b4ec

File tree

6 files changed

+272
-83
lines changed

6 files changed

+272
-83
lines changed

src/workos/actions.py

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,10 @@ def verify_header(
8383
) -> None:
8484
"""Verify the signature of an Actions request."""
8585
_verify_signature(
86-
payload=payload, sig_header=sig_header, secret=secret, tolerance=tolerance,
86+
payload=payload,
87+
sig_header=sig_header,
88+
secret=secret,
89+
tolerance=tolerance,
8790
)
8891

8992
def construct_action(
@@ -96,7 +99,10 @@ def construct_action(
9699
) -> Dict[str, Any]:
97100
"""Verify and deserialize an Actions request payload."""
98101
self.verify_header(
99-
payload=payload, sig_header=sig_header, secret=secret, tolerance=tolerance,
102+
payload=payload,
103+
sig_header=sig_header,
104+
secret=secret,
105+
tolerance=tolerance,
100106
)
101107
body = payload.decode("utf-8") if isinstance(payload, bytes) else payload
102108
return json.loads(body)
@@ -143,7 +149,10 @@ def verify_header(
143149
) -> None:
144150
"""Verify the signature of an Actions request."""
145151
_verify_signature(
146-
payload=payload, sig_header=sig_header, secret=secret, tolerance=tolerance,
152+
payload=payload,
153+
sig_header=sig_header,
154+
secret=secret,
155+
tolerance=tolerance,
147156
)
148157

149158
def construct_action(
@@ -156,7 +165,10 @@ def construct_action(
156165
) -> Dict[str, Any]:
157166
"""Verify and deserialize an Actions request payload."""
158167
self.verify_header(
159-
payload=payload, sig_header=sig_header, secret=secret, tolerance=tolerance,
168+
payload=payload,
169+
sig_header=sig_header,
170+
secret=secret,
171+
tolerance=tolerance,
160172
)
161173
body = payload.decode("utf-8") if isinstance(payload, bytes) else payload
162174
return json.loads(body)

tests/test_actions.py

Lines changed: 47 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -38,47 +38,63 @@ def setup_method(self):
3838
def test_verify_header_valid(self):
3939
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET)
4040
self.actions.verify_header(
41-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET,
41+
payload=SAMPLE_ACTION_PAYLOAD,
42+
sig_header=sig,
43+
secret=SECRET,
4244
)
4345

4446
def test_verify_header_invalid_signature(self):
4547
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET)
4648
with pytest.raises(ValueError, match="does not match"):
4749
self.actions.verify_header(
48-
payload='{"tampered": true}', sig_header=sig, secret=SECRET,
50+
payload='{"tampered": true}',
51+
sig_header=sig,
52+
secret=SECRET,
4953
)
5054

5155
def test_verify_header_stale_timestamp(self):
5256
old_ts = int((time.time() - 60) * 1000)
5357
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET, old_ts)
5458
with pytest.raises(ValueError, match="tolerance zone"):
5559
self.actions.verify_header(
56-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET, tolerance=30,
60+
payload=SAMPLE_ACTION_PAYLOAD,
61+
sig_header=sig,
62+
secret=SECRET,
63+
tolerance=30,
5764
)
5865

5966
def test_verify_header_custom_tolerance(self):
6067
old_ts = int((time.time() - 10) * 1000)
6168
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET, old_ts)
6269
self.actions.verify_header(
63-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET, tolerance=60,
70+
payload=SAMPLE_ACTION_PAYLOAD,
71+
sig_header=sig,
72+
secret=SECRET,
73+
tolerance=60,
6474
)
6575

6676
def test_verify_header_malformed_header(self):
6777
with pytest.raises(ValueError, match="Unable to extract"):
6878
self.actions.verify_header(
69-
payload=SAMPLE_ACTION_PAYLOAD, sig_header="invalid-header", secret=SECRET,
79+
payload=SAMPLE_ACTION_PAYLOAD,
80+
sig_header="invalid-header",
81+
secret=SECRET,
7082
)
7183

7284
def test_verify_header_bytes_payload(self):
7385
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET)
7486
self.actions.verify_header(
75-
payload=SAMPLE_ACTION_PAYLOAD.encode("utf-8"), sig_header=sig, secret=SECRET,
87+
payload=SAMPLE_ACTION_PAYLOAD.encode("utf-8"),
88+
sig_header=sig,
89+
secret=SECRET,
7690
)
7791

7892
def test_construct_action_valid(self):
7993
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET)
8094
result = self.actions.construct_action(
81-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET,
95+
payload=SAMPLE_ACTION_PAYLOAD,
96+
sig_header=sig,
97+
secret=SECRET,
8298
)
8399
assert result["type"] == "authentication"
84100
assert result["user"]["id"] == "user_01"
@@ -87,12 +103,16 @@ def test_construct_action_invalid_signature(self):
87103
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, "wrong_secret")
88104
with pytest.raises(ValueError):
89105
self.actions.construct_action(
90-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET,
106+
payload=SAMPLE_ACTION_PAYLOAD,
107+
sig_header=sig,
108+
secret=SECRET,
91109
)
92110

93111
def test_sign_response_authentication_allow(self):
94112
result = self.actions.sign_response(
95-
action_type="authentication", verdict="Allow", secret=SECRET,
113+
action_type="authentication",
114+
verdict="Allow",
115+
secret=SECRET,
96116
)
97117
assert result["object"] == "authentication_action_response"
98118
assert result["payload"]["verdict"] == "Allow"
@@ -101,22 +121,27 @@ def test_sign_response_authentication_allow(self):
101121

102122
def test_sign_response_user_registration_deny(self):
103123
result = self.actions.sign_response(
104-
action_type="user_registration", verdict="Deny",
105-
error_message="Account suspended", secret=SECRET,
124+
action_type="user_registration",
125+
verdict="Deny",
126+
error_message="Account suspended",
127+
secret=SECRET,
106128
)
107129
assert result["object"] == "user_registration_action_response"
108130
assert result["payload"]["verdict"] == "Deny"
109131
assert result["payload"]["error_message"] == "Account suspended"
110132

111133
def test_sign_response_signature_is_verifiable(self):
112134
result = self.actions.sign_response(
113-
action_type="authentication", verdict="Allow", secret=SECRET,
135+
action_type="authentication",
136+
verdict="Allow",
137+
secret=SECRET,
114138
)
115139
ts = result["payload"]["timestamp"]
116140
payload_json = json.dumps(result["payload"], separators=(",", ":"))
117141
signed_payload = f"{ts}.{payload_json}"
118142
expected = hmac.new(
119-
SECRET.encode("utf-8"), signed_payload.encode("utf-8"),
143+
SECRET.encode("utf-8"),
144+
signed_payload.encode("utf-8"),
120145
digestmod=hashlib.sha256,
121146
).hexdigest()
122147
assert result["signature"] == expected
@@ -129,18 +154,24 @@ def setup_method(self):
129154
def test_verify_header_valid(self):
130155
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET)
131156
self.actions.verify_header(
132-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET,
157+
payload=SAMPLE_ACTION_PAYLOAD,
158+
sig_header=sig,
159+
secret=SECRET,
133160
)
134161

135162
def test_construct_action_valid(self):
136163
sig = _make_sig_header(SAMPLE_ACTION_PAYLOAD, SECRET)
137164
result = self.actions.construct_action(
138-
payload=SAMPLE_ACTION_PAYLOAD, sig_header=sig, secret=SECRET,
165+
payload=SAMPLE_ACTION_PAYLOAD,
166+
sig_header=sig,
167+
secret=SECRET,
139168
)
140169
assert result["type"] == "authentication"
141170

142171
def test_sign_response(self):
143172
result = self.actions.sign_response(
144-
action_type="authentication", verdict="Allow", secret=SECRET,
173+
action_type="authentication",
174+
verdict="Allow",
175+
secret=SECRET,
145176
)
146177
assert result["object"] == "authentication_action_response"

0 commit comments

Comments
 (0)