Christian Nennemann
3a139dfc7e
Strategic work for IETF submission of draft-nennemann-act-01 and
draft-nennemann-wimse-ect-02:
Package restructure:
- move ACT and ECT refimpls to workspace/packages/{act,ect}/
- ietf-act and ietf-ect distribution names (sibling packages)
- cross-spec interop test plan (INTEROP-TEST-PLAN.md)
ACT draft -01 revisions:
- rename 'par' claim to 'pred' (align with ECT)
- rename 'Agent Compact Token' to 'Agent Context Token' (semantic
alignment with ECT family)
- add Applicability section (MCP, OpenAI, LangGraph, A2A, CrewAI)
- add DAG vs Linear Delegation Chains section (differentiator vs
txn-tokens-for-agents actchain, Agentic JWT, AIP/IBCTs)
- add Related Work: AIP, SentinelAgent, Agentic JWT, txn-tokens-for-agents,
HDP, SCITT-AI-agent-execution
- pin SCITT arch to -22, note AUTH48 status
Outreach drafts:
- Emirdag liaison email (SCITT-AI coordination)
- OAuth ML response on txn-tokens-for-agents-06
Strategy document:
- STRATEGY.md with phased action plan, risk register, timeline
Submodule:
- update workspace/drafts/ietf-wimse-ect pointer to -02 commit
75 lines
1.7 KiB
Python
75 lines
1.7 KiB
Python
"""Tests for ECT creation and roundtrip."""
|
|
|
|
import json
|
|
import os
|
|
import time
|
|
|
|
import pytest
|
|
|
|
from ect import (
|
|
Payload,
|
|
create,
|
|
generate_key,
|
|
CreateOptions,
|
|
verify,
|
|
VerifyOptions,
|
|
)
|
|
|
|
|
|
def test_create_roundtrip():
|
|
key = generate_key()
|
|
now = int(time.time())
|
|
payload = Payload(
|
|
iss="spiffe://example.com/agent/a",
|
|
aud=["spiffe://example.com/agent/b"],
|
|
iat=now,
|
|
exp=now + 600,
|
|
jti="e4f5a6b7-c8d9-0123-ef01-234567890abc",
|
|
exec_act="review_spec",
|
|
pred=[],
|
|
)
|
|
compact = create(payload, key, CreateOptions(key_id="agent-a-key-1"))
|
|
assert compact
|
|
|
|
def resolver(kid):
|
|
if kid == "agent-a-key-1":
|
|
return key.public_key()
|
|
return None
|
|
|
|
opts = VerifyOptions(
|
|
verifier_id="spiffe://example.com/agent/b",
|
|
resolve_key=resolver,
|
|
now=now,
|
|
)
|
|
parsed = verify(compact, opts)
|
|
assert parsed.payload.jti == payload.jti
|
|
assert parsed.payload.exec_act == payload.exec_act
|
|
|
|
|
|
def test_create_with_test_vector():
|
|
path = os.path.join(os.path.dirname(__file__), "..", "testdata", "valid_root_ect_payload.json")
|
|
if not os.path.exists(path):
|
|
pytest.skip(f"test vector not found: {path}")
|
|
with open(path) as f:
|
|
data = json.load(f)
|
|
payload = Payload.from_claims(data)
|
|
key = generate_key()
|
|
now = int(time.time())
|
|
payload.iat = now
|
|
payload.exp = now + 600
|
|
|
|
compact = create(payload, key, CreateOptions(key_id="test-kid"))
|
|
assert compact
|
|
|
|
def resolver(kid):
|
|
if kid == "test-kid":
|
|
return key.public_key()
|
|
return None
|
|
|
|
opts = VerifyOptions(
|
|
verifier_id=payload.aud[0],
|
|
resolve_key=resolver,
|
|
now=now,
|
|
)
|
|
verify(compact, opts)
|