Skip to content

Csp 1736/fix build token url#49

Open
fioreagui wants to merge 3 commits intomainfrom
csp-1736/fix-build-token-url
Open

Csp 1736/fix build token url#49
fioreagui wants to merge 3 commits intomainfrom
csp-1736/fix-build-token-url

Conversation

@fioreagui
Copy link
Contributor

@fioreagui fioreagui commented Mar 20, 2026

Description

Fixes the token URL construction in _refresh_bearer_token so that the OAuth scope uses the correct, environment-specific application ID instead of the client's own ID.

Type of Change

  • Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update
  • Refactoring (no functional changes)

Related Issues

Fixes #(issue number)

Changes Made

cogsol/core/constants.py

Added AUTH_SCOPE_IDS, a mapping from each COGSOL_ENV value (development, testing, implantation, production) to its corresponding Azure AD B2C application (scope) ID.

cogsol/core/api.py

  • Resolves the scope ID from AUTH_SCOPE_IDS using the current COGSOL_ENV before building the MSAL token request.

tests/test_api_key_errors.py

Updated TestMissingAuthSecret tests to set COGSOL_ENV=development so the new env validation passes and the existing COGSOL_AUTH_SECRET error path is still exercised.

Testing Done

  • Unit tests pass locally
  • Added new tests for new functionality
  • Tested manually

Checklist

  • My code follows the project's style guidelines
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • New and existing unit tests pass locally with my changes

fioreagui and others added 3 commits March 20, 2026 13:04
@fioreagui
fix: update scope creation
bd819a7
@fioreagui @claude
fix: update scope creation
d1ea7b6 
- Replace client_id with env-specific scope_id in token URL
- Add AUTH_SCOPE_IDS map to constants for all environments
- Validate COGSOL_ENV before attempting token acquisition
- Fix import order (ruff) and update tests to set COGSOL_ENV

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@fioreagui
test: add tests for CogSolClient._refresh_bearer_token with missing o…
7a53aa6 
…r invalid COGSOL_ENV
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fioreagui