Skip to content

feat: implement mock AP2 signature verification #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
0x8000-0000 wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: implement mock AP2 signature verification #10

0x8000-0000 wants to merge 3 commits into from

Conversation

@0x8000-0000
Copy link
Contributor

@0x8000-0000 0x8000-0000 commented Jan 17, 2026

Description

Why:
- To verify that the server correctly rejects invalid AP2 mandates with the appropriate error code.
- Required for conformance testing of the AP2 security flow.

What:
- Added 'Ap2VerificationError' to exceptions.
- Implemented '_verify_ap2_mandate' in 'CheckoutService' to reject mandates containing the substring 'invalid_signature'.
- Updated 'complete_checkout' to invoke this verification.

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Documentation update

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules; this change depends on feat: implement mock AP2 signature verification samples#26

@0x8000-0000 0x8000-0000 requested a review from a team January 17, 2026 00:14
@0x8000-0000
chore: add custom dictionary
ed9c779
@0x8000-0000
style: fix indentation in protocol_test.py
9734078
@0x8000-0000
feat: add conformance test for invalid AP2 signature
52d56d4 
Why:
- To verify that the server correctly validates AP2 mandates during checkout completion.
- Ensures that invalid signatures result in a 400 Bad Request with the specific error code 'mandate_invalid_signature'.

What:
- Added 'test_ap2_mandate_invalid_signature' to 'Ap2MandateTest'.
- Submits a completion request with a mandate string containing 'invalid_signature'.
- Asserts that the response status is 400 and the error code matches the spec.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@0x8000-0000