@@ -62,7 +62,6 @@ async def test_claims_validation(self):
6262 # No validator should pass.
6363 await JwtTokenValidation .validate_claims (default_auth_config , claims )
6464
65- # ClaimsValidator configured but no exception should pass.
6665 mock_validator = Mock ()
6766 auth_with_validator = AuthenticationConfiguration (
6867 claims_validator = mock_validator
@@ -75,6 +74,34 @@ async def test_claims_validation(self):
7574
7675 assert "Invalid claims." in str (excinfo .value )
7776
77+ # No validator with not skill cliams should pass.
78+ default_auth_config .claims_validator = None
79+ claims : List [Dict ] = {
80+ AuthenticationConstants .VERSION_CLAIM : "1.0" ,
81+ AuthenticationConstants .AUDIENCE_CLAIM : "this_bot_id" ,
82+ AuthenticationConstants .APP_ID_CLAIM : "this_bot_id" , # Skill claims aud!=azp
83+ }
84+
85+ await JwtTokenValidation .validate_claims (default_auth_config , claims )
86+
87+ # No validator with skill cliams should fail.
88+ claims : List [Dict ] = {
89+ AuthenticationConstants .VERSION_CLAIM : "1.0" ,
90+ AuthenticationConstants .AUDIENCE_CLAIM : "this_bot_id" ,
91+ AuthenticationConstants .APP_ID_CLAIM : "not_this_bot_id" , # Skill claims aud!=azp
92+ }
93+
94+ mock_validator .side_effect = PermissionError (
95+ "Unauthorized Access. Request is not authorized. Skill Claims require validation."
96+ )
97+ with pytest .raises (PermissionError ) as excinfo_skill :
98+ await JwtTokenValidation .validate_claims (auth_with_validator , claims )
99+
100+ assert (
101+ "Unauthorized Access. Request is not authorized. Skill Claims require validation."
102+ in str (excinfo_skill .value )
103+ )
104+
78105 @pytest .mark .asyncio
79106 async def test_connector_auth_header_correct_app_id_and_service_url_should_validate (
80107 self ,
0 commit comments