Skip to content

Commit 86246dc

Browse files
chore: add GTID to default IAS claims
1 parent 0c36e79 commit 86246dc

File tree

5 files changed

+15
-2
lines changed

5 files changed

+15
-2
lines changed

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[project]
22
name = "sap-cloud-sdk"
3-
version = "0.10.0"
3+
version = "0.10.1"
44
description = "SAP Cloud SDK for Python"
55
readme = "README.md"
66
license = "Apache-2.0"

src/sap_cloud_sdk/ias/_claims.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ class _IASClaim(str, Enum):
2424
NAME = "name"
2525
NONCE = "nonce"
2626
PREFERRED_USERNAME = "preferred_username"
27+
SAP_GTID = "sap_gtid"
2728
SAP_ID_TYPE = "sap_id_type"
2829
SCIM_ID = "scim_id"
2930
SID = "sid"

src/sap_cloud_sdk/ias/_token.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,10 @@ class IASClaims:
5656
nonce: String associated with the client session to mitigate replay
5757
attacks.
5858
preferred_username: Human-readable display name / username of the user.
59+
sap_gtid: SAP claim carrying the GTID of the application. Included in
60+
access tokens when a GTID is configured on the app or app reference,
61+
allowing downstream services to identify the originating application
62+
tenant without a full SCI lookup.
5963
sap_id_type: SAP claim identifying the type of token.
6064
``"app"`` for application credentials, ``"user"`` for user
6165
credentials.
@@ -89,6 +93,7 @@ class IASClaims:
8993
name: Optional[str] = None
9094
nonce: Optional[str] = None
9195
preferred_username: Optional[str] = None
96+
sap_gtid: Optional[str] = None
9297
sap_id_type: Optional[str] = None
9398
scim_id: Optional[str] = None
9499
sid: Optional[str] = None
@@ -157,6 +162,7 @@ def parse_token(token: str) -> IASClaims:
157162
name=payload.get(_IASClaim.NAME),
158163
nonce=payload.get(_IASClaim.NONCE),
159164
preferred_username=payload.get(_IASClaim.PREFERRED_USERNAME),
165+
sap_gtid=payload.get(_IASClaim.SAP_GTID),
160166
sap_id_type=payload.get(_IASClaim.SAP_ID_TYPE),
161167
scim_id=payload.get(_IASClaim.SCIM_ID),
162168
sid=payload.get(_IASClaim.SID),

tests/ias/unit/test_token.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@ def test_all_claims_mapped(self):
3434
"name": "Jane Marie Doe",
3535
"nonce": "random-nonce",
3636
"preferred_username": "jane.doe",
37+
"sap_gtid": "app-gtid-value",
3738
"sap_id_type": "user",
3839
"scim_id": "scim-user-id-xyz",
3940
"sid": "session-id-123",
@@ -62,6 +63,7 @@ def test_all_claims_mapped(self):
6263
assert claims.name == "Jane Marie Doe"
6364
assert claims.nonce == "random-nonce"
6465
assert claims.preferred_username == "jane.doe"
66+
assert claims.sap_gtid == "app-gtid-value"
6567
assert claims.sap_id_type == "user"
6668
assert claims.scim_id == "scim-user-id-xyz"
6769
assert claims.sid == "session-id-123"
@@ -115,6 +117,10 @@ def test_ias_apis_as_string(self):
115117
claims = parse_token(_make_token({"ias_apis": "ALL"}))
116118
assert claims.ias_apis == "ALL"
117119

120+
def test_sap_gtid_mapped(self):
121+
claims = parse_token(_make_token({"sap_gtid": "gtid-12345"}))
122+
assert claims.sap_gtid == "gtid-12345"
123+
118124
def test_sap_id_type_app(self):
119125
claims = parse_token(_make_token({"sap_id_type": "app"}))
120126
assert claims.sap_id_type == "app"

uv.lock

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)