From 4ee41725f7abf10ffbbd452b871e3b4d7364cab5 Mon Sep 17 00:00:00 2001 From: Claude Date: Sat, 13 Jun 2026 20:52:22 +0000 Subject: [PATCH] Narrow handshake_status with isinstance instead of int() coercion getattr returns an untyped value off an arbitrary exception, so the prior int(code)/int(status) coercion would raise on a non-numeric .code rather than falling through to None. Guard each membership test with isinstance(..., int) so the value is provably an int before returning it, dropping the redundant int() call. Adds a non-auth (500) response-shape assertion to pin that only 401/403 qualify on either shape. --- aai_cli/core/ws.py | 11 +++++++---- tests/test_ws.py | 3 +++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/aai_cli/core/ws.py b/aai_cli/core/ws.py index 32d11a0c..8156fd46 100644 --- a/aai_cli/core/ws.py +++ b/aai_cli/core/ws.py @@ -50,12 +50,15 @@ def handshake_status(exc: object) -> int | None: ``.response.status_code`` — never the message text. The single classifier for every realtime path (stream, agent, speak), so 401-vs-403 handling can't drift. """ + # Both attributes come off an arbitrary exception via getattr, so they're untyped + # and may be anything (or absent → None); narrow to int before the membership test + # rather than coercing with int(), which would raise on a non-numeric .code. code = getattr(exc, "code", None) - if code in _HANDSHAKE_AUTH_STATUSES: - return int(code) + if isinstance(code, int) and code in _HANDSHAKE_AUTH_STATUSES: + return code status = getattr(getattr(exc, "response", None), "status_code", None) - if status in _HANDSHAKE_AUTH_STATUSES: - return int(status) + if isinstance(status, int) and status in _HANDSHAKE_AUTH_STATUSES: + return status return None diff --git a/tests/test_ws.py b/tests/test_ws.py index ddfe310e..4ffceb50 100644 --- a/tests/test_ws.py +++ b/tests/test_ws.py @@ -58,6 +58,9 @@ def test_handshake_status_reads_both_structured_shapes(): assert handshake_status(RuntimeError("network unreachable")) is None # A WebSocket close code (e.g. 1008 policy violation) is not a handshake status. assert handshake_status(types.SimpleNamespace(code=1008)) is None + # A structured but non-auth HTTP status (e.g. a 500 on the response shape) is not a + # handshake auth status either — only 401/403 qualify, on either shape. + assert handshake_status(_HandshakeRejected(500)) is None def test_is_rejected_key_true_for_handshake_401():