Skip to content

fix management token validation function #703

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
guyp-descope merged 1 commit into from
Dec 7, 2025
Merged

fix management token validation function #703

guyp-descope merged 1 commit into from
Dec 7, 2025

Conversation

@guyp-descope
Copy link
Contributor

@guyp-descope guyp-descope commented Dec 7, 2025

Copilot AI reviewed Dec 7, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes the management token validation by ensuring JWT responses generated through the management API use the proper token validation function. The key changes involve threading the Auth instance through the MGMT and JWT classes to enable proper token validation.

  • Adds Auth dependency to the MGMT and JWT management classes
  • Updates generate_jwt_response calls to use the Auth.validate_token method
  • Exposes a public validate_token method in the Auth class

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
descope/mgmt.py Adds auth parameter to MGMT.__init__ and passes it to the JWT instance
descope/management/jwt.py Adds auth parameter to JWT.__init__ and updates generate_jwt_response calls to use auth.validate_token
descope/descope_client.py Passes auth instance when instantiating MGMT
descope/auth.py Adds public validate_token method that wraps the private _validate_token method
Comments suppressed due to low confidence (1)

descope/mgmt.py:37

  • The docstring's Args section is incomplete. It documents http_client but is missing documentation for the newly added auth parameter and the existing fga_cache_url parameter.
    def __init__(
        self, http_client: HTTPClient, auth: Auth, fga_cache_url: Optional[str] = None
    ):
        """Create a management API facade.

        Args:
            http_client: HTTP client to use for all management HTTP calls.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link

github-actions bot commented Dec 7, 2025

Coverage report

The coverage rate went from 98.19% to 98.12% ⬇️

92.3% of new lines are covered.

Diff Coverage details (click to unfold)

descope/management/jwt.py

100% of new lines are covered (100% of the complete file).

descope/auth.py

50% of new lines are covered (97.7% of the complete file).
Missing lines: 390

descope/mgmt.py

100% of new lines are covered (100% of the complete file).

@guyp-descope guyp-descope merged commit e5e5602 into main Dec 7, 2025
29 checks passed
@guyp-descope guyp-descope deleted the fix-mgmt-token-validation branch December 7, 2025 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@itaihanski itaihanski itaihanski approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@guyp-descope @itaihanski