Skip to content

fix: auto-forward CAPISCIO_SERVER_URL → CAPISCIO_REGISTRY_ENDPOINT#29

Merged
beonde merged 4 commits into
mainfrom
fix/auto-forward-registry-endpoint
May 12, 2026
Merged

fix: auto-forward CAPISCIO_SERVER_URL → CAPISCIO_REGISTRY_ENDPOINT#29
beonde merged 4 commits into
mainfrom
fix/auto-forward-registry-endpoint

Conversation

@beonde
Copy link
Copy Markdown
Member

@beonde beonde commented May 12, 2026

Problem

Users must set two env vars that point to the same registry URL:

CAPISCIO_SERVER_URL=https://registry.capisc.io          # Python SDK
CAPISCIO_REGISTRY_ENDPOINT=https://registry.capisc.io   # Go binary

The Go binary reads CAPISCIO_REGISTRY_ENDPOINT to build the JWKS URL for badge signature verification (mcp_service.go:61). Without it, BadgeVerifier is nil and all badge checks fail with ErrBadgeInvalid — even for valid badges.

Fix

Auto-forward CAPISCIO_SERVER_URL into CAPISCIO_REGISTRY_ENDPOINT before spawning the Go subprocess — same pattern already used for CAPISCIO_BUNDLE_URL (lines 361, 508).

if "CAPISCIO_REGISTRY_ENDPOINT" not in os.environ:
    os.environ["CAPISCIO_REGISTRY_ENDPOINT"] = server_url

Users can still override CAPISCIO_REGISTRY_ENDPOINT explicitly if needed (e.g., separate JWKS endpoint).

Impact

Once released, a2a-demos can drop CAPISCIO_REGISTRY_ENDPOINT from .env.example — one less env var for users to configure.

Closes #28

@beonde
fix: auto-forward CAPISCIO_SERVER_URL → CAPISCIO_REGISTRY_ENDPOINT
da4321c 
The Go binary reads CAPISCIO_REGISTRY_ENDPOINT for JWKS-based badge
verification. Without it, BadgeVerifier is nil and all badge checks
fail with ErrBadgeInvalid — even for valid badges.

Previously users had to set both CAPISCIO_SERVER_URL (Python SDK) and
CAPISCIO_REGISTRY_ENDPOINT (Go binary) to the same value. Now connect.py
auto-forwards SERVER_URL into REGISTRY_ENDPOINT before spawning the Go
subprocess, following the same pattern used for CAPISCIO_BUNDLE_URL.

Users can still override REGISTRY_ENDPOINT explicitly if needed.

Closes #28
Copilot AI review requested due to automatic review settings May 12, 2026 01:54
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 12, 2026

✅ Integration tests passed! capiscio-core gRPC tests working.

Copilot AI reviewed May 12, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR reduces configuration friction by automatically forwarding the registry base URL used by the Python SDK into the environment variable expected by the embedded Go core, so badge signature verification can build the correct JWKS URL without requiring users to set two equivalent env vars.

Changes:

  • Set CAPISCIO_REGISTRY_ENDPOINT from server_url when it’s not already present in the environment (before any Go core subprocess spawn paths).
  • Document the rationale inline (issue #28 / badge verification failure mode).

Comment thread capiscio_mcp/connect.py
Comment on lines +353 to +357
# Forward SERVER_URL so the Go binary can build its JWKS URL for
# badge verification. Without this, BadgeVerifier is nil and all
# badge checks fail with ErrBadgeInvalid. (See issue #28)
if "CAPISCIO_REGISTRY_ENDPOINT" not in os.environ:
os.environ["CAPISCIO_REGISTRY_ENDPOINT"] = server_url
Comment thread capiscio_mcp/connect.py
Comment on lines +353 to +357
# Forward SERVER_URL so the Go binary can build its JWKS URL for
# badge verification. Without this, BadgeVerifier is nil and all
# badge checks fail with ErrBadgeInvalid. (See issue #28)
if "CAPISCIO_REGISTRY_ENDPOINT" not in os.environ:
os.environ["CAPISCIO_REGISTRY_ENDPOINT"] = server_url
Copilot AI review requested due to automatic review settings May 12, 2026 05:38
Copilot AI reviewed May 12, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

Comment thread tests/test_connect.py Outdated
Comment on lines +399 to +403
server_url="http://localhost:8080",
keys_dir=tmp_keys_dir,
)

assert os.environ.get("CAPISCIO_REGISTRY_ENDPOINT") == "http://localhost:8080"
Comment thread tests/test_connect.py Outdated
Comment on lines +433 to +434
# Should retain the explicit value, not overwrite with server_url
assert os.environ.get("CAPISCIO_REGISTRY_ENDPOINT") == explicit_endpoint
Comment thread capiscio_mcp/connect.py
Comment on lines +354 to +358
# Forward SERVER_URL so the Go binary can build its JWKS URL for
# badge verification. Without this, BadgeVerifier is nil and all
# badge checks fail with ErrBadgeInvalid. (See issue #28)
if "CAPISCIO_REGISTRY_ENDPOINT" not in os.environ:
os.environ["CAPISCIO_REGISTRY_ENDPOINT"] = server_url
@beonde
fix: move test assertions inside patch.dict context + add mismatch wa…
c130bf3 
…rning

- Move assertions for registry endpoint tests inside the patch.dict
  context manager (fixes CI failures — patch.dict restores env on exit)
- Add warning log when CAPISCIO_REGISTRY_ENDPOINT differs from
  server_url (addresses multi-connect race concern from review)
@beonde
Copy link
Copy Markdown
Member Author

beonde commented May 12, 2026

Addressed the review comments in c130bf3:

Tests (comments 3 & 4): Moved both assertions inside the patch.dict context manager. The test_connect_does_not_overwrite_explicit_registry_endpoint test was failing because patch.dict restores os.environ on __exit__, reverting the explicit value before the assertion ran.

Multi-connect race (comment 1): Added a logger.warning() when CAPISCIO_REGISTRY_ENDPOINT is already set but differs from server_url. This surfaces the mismatch clearly without breaking the explicit override use case.

Env var semantics (comment 5): CAPISCIO_REGISTRY_ENDPOINT is used by the Go core (mcp_service.go:61) exclusively for constructing the JWKS URL ({endpoint}/.well-known/jwks.json) for badge signature verification — it's the registry base URL, not an evidence/events endpoint. The docs reference in evidence.md appears to be a different context (evidence forwarding). The forwarding here is correct: the Go binary needs the same base URL that the Python SDK uses for registration.

All 413 tests pass locally.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 12, 2026

✅ Integration tests passed! capiscio-core gRPC tests working.

@beonde beonde merged commit 721ffbf into main May 12, 2026
10 checks passed
@beonde beonde deleted the fix/auto-forward-registry-endpoint branch May 12, 2026 05:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Auto-forward CAPISCIO_SERVER_URL → CAPISCIO_REGISTRY_ENDPOINT before spawning Go binary

2 participants

@beonde