feat(tasks): add skill-templated task graph execution

2026-06-23 10:22:58 +08:00
parent 6843d89b2c
commit 53b13e8eac
53 changed files with 4773 additions and 756 deletions
--- a/authz-service/src/tests/test_oauth_token_validation.py
+++ b/authz-service/src/tests/test_oauth_token_validation.py
@ -0,0 +1,61 @@
+from __future__ import annotations
+
+import importlib
+
+from fastapi.testclient import TestClient
+
+
+def _client(tmp_path, monkeypatch) -> TestClient:
+    monkeypatch.setenv("AUTHZ_DATA_DIR", str(tmp_path))
+    monkeypatch.setenv("AUTHZ_PRIVATE_KEY_PATH", str(tmp_path / "signing_key.pem"))
+    monkeypatch.setenv("AUTHZ_INTERNAL_TOKEN", "test-internal-token")
+    import app.main as main
+
+    main = importlib.reload(main)
+    return TestClient(main.app, raise_server_exceptions=False)
+
+
+def _register_backend(client: TestClient) -> dict:
+    response = client.post(
+        "/backends/register",
+        json={"backend_id": "alice", "name": "Alice", "base_url": "http://alice.local"},
+    )
+    assert response.status_code == 200
+    return response.json()
+
+
+def test_json_token_request_accepts_audience_alias(tmp_path, monkeypatch) -> None:
+    with _client(tmp_path, monkeypatch) as client:
+        backend = _register_backend(client)
+        response = client.post(
+            "/oauth/token",
+            json={
+                "grant_type": "client_credentials",
+                "client_id": backend["client_id"],
+                "client_secret": backend["client_secret"],
+                "audience": "mcp:outlook_mcp",
+                "scopes": ["list_tools", "tool:auth_status"],
+            },
+        )
+
+    assert response.status_code == 200
+    body = response.json()
+    assert body["access_token"]
+    assert body["token_type"] == "bearer"
+
+
+def test_json_token_request_validation_errors_return_422(tmp_path, monkeypatch) -> None:
+    with _client(tmp_path, monkeypatch) as client:
+        backend = _register_backend(client)
+        response = client.post(
+            "/oauth/token",
+            json={
+                "grant_type": "client_credentials",
+                "client_id": backend["client_id"],
+                "client_secret": backend["client_secret"],
+                "scopes": ["list_tools"],
+            },
+        )
+
+    assert response.status_code == 422
+    assert response.json()["detail"]