fix: require authentication for sync_creatives and update_media_buy #721
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…pal_id Problem: - sync_creatives was allowing calls without authentication - This resulted in principal_id=None being passed to database insert - Database rejected with NOT NULL constraint violation on creatives.principal_id - Error: "(psycopg2.errors.NotNullViolation) null value in column \"principal_id\"" Root Cause: - get_principal_id_from_context() can return None if auth header missing/invalid - Code didn't check for None before proceeding with database operations - list_creatives already had this check, but sync_creatives was missing it Fix: - Add explicit check for None principal_id after authentication - Raise ToolError with clear message about missing x-adcp-auth header - Matches existing pattern in list_creatives_impl (line 1791-1792) Impact: - sync_creatives now fails fast with clear error message - No more database constraint violations - Better user experience with actionable error Related: - Database schema: creatives.principal_id is NOT NULL (required field) - Authentication flow: src/core/auth.py::get_principal_from_context() - Similar fix already exists in list_creatives_impl 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Added unit tests to verify that sync_creatives properly enforces authentication: 1. test_sync_creatives_requires_authentication: - Verifies ToolError is raised when called without context (no auth header) - Confirms error message mentions "Authentication required" and "x-adcp-auth" 2. test_sync_creatives_with_invalid_auth: - Verifies ToolError is raised when principal_id is None (invalid token) - Tests the case where token is provided but invalid These tests ensure the fix prevents the NOT NULL constraint violation by catching missing/invalid auth before database operations. Coverage: - Tests the new check added in src/core/tools/creatives.py line 88-92 - Validates error messaging is clear and actionable Related to: fix-sync-creatives-principal-id 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Problem: - update_media_buy used assert for principal_id check (line 82) - Asserts are removed when Python runs with -O (optimize flag) - This is a SECURITY check, not a developer assertion - Could allow unauthorized updates in optimized production Changes: 1. Added early auth check after get_principal_id_from_context (lines 62-66) 2. Replaced assert with explicit if/raise at security violation check (lines 82-83) 3. Added comprehensive AUTH_AUDIT_FINDINGS.md document Root Cause: - Python asserts disappear with optimization: python -O script.py - Security checks MUST use explicit if/raise, not assert - Assert should only be used for "this should never happen" developer checks - Security boundary checks need to work in all environments Impact: - update_media_buy now fails fast on missing auth (before DB access) - Security check works even with Python optimization flags - Matches pattern used in other tools (create_media_buy, sync_creatives) Documentation: - Added AUTH_AUDIT_FINDINGS.md with: - Complete audit of all 8 AdCP tools - Why tests didn't catch this (all tests provide mock auth) - Recommendations for negative auth tests - Testing principles learned Related: - Similar fix in sync_creatives (commit ab3121c) - Pattern: get principal_id → check not None → raise ToolError 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Added 13 unit tests covering authentication requirements across all AdCP tools. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Removed temporary investigation document. Key findings documented in: - Commit messages (ab3121c, ab456e6, 9ee01e2) - Test files (test_sync_creatives_auth.py, test_auth_requirements.py) - Code comments in affected files 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
bokelley
added a commit
that referenced
this pull request
Nov 8, 2025
Resolved conflicts in schema metadata files: - schemas/v1/_schemas_v1_core_format_json.json.meta - schemas/v1/_schemas_v1_core_product_json.json.meta - schemas/v1/index.json.meta All conflicts were timestamp/etag updates from schema downloads. Used main's versions (more recent timestamps). Merged changes from main: - fix: require authentication for sync_creatives and update_media_buy (#721) - fix: signals agent test endpoint async handling (#718) - fix: remove inventory sync requirement for mock adapter (#719) - fix: remove /a2a suffix from A2A endpoint URLs and add name field to configs - Migrate agent registries to adcp v1.0.1 library (#712)
danf-newton
pushed a commit
to Newton-Research-Inc/salesagent
that referenced
this pull request
Nov 24, 2025
…dcontextprotocol#721) * fix: require authentication for sync_creatives to prevent NULL principal_id Problem: - sync_creatives was allowing calls without authentication - This resulted in principal_id=None being passed to database insert - Database rejected with NOT NULL constraint violation on creatives.principal_id - Error: "(psycopg2.errors.NotNullViolation) null value in column \"principal_id\"" Root Cause: - get_principal_id_from_context() can return None if auth header missing/invalid - Code didn't check for None before proceeding with database operations - list_creatives already had this check, but sync_creatives was missing it Fix: - Add explicit check for None principal_id after authentication - Raise ToolError with clear message about missing x-adcp-auth header - Matches existing pattern in list_creatives_impl (line 1791-1792) Impact: - sync_creatives now fails fast with clear error message - No more database constraint violations - Better user experience with actionable error Related: - Database schema: creatives.principal_id is NOT NULL (required field) - Authentication flow: src/core/auth.py::get_principal_from_context() - Similar fix already exists in list_creatives_impl 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * test: add authentication requirement tests for sync_creatives Added unit tests to verify that sync_creatives properly enforces authentication: 1. test_sync_creatives_requires_authentication: - Verifies ToolError is raised when called without context (no auth header) - Confirms error message mentions "Authentication required" and "x-adcp-auth" 2. test_sync_creatives_with_invalid_auth: - Verifies ToolError is raised when principal_id is None (invalid token) - Tests the case where token is provided but invalid These tests ensure the fix prevents the NOT NULL constraint violation by catching missing/invalid auth before database operations. Coverage: - Tests the new check added in src/core/tools/creatives.py line 88-92 - Validates error messaging is clear and actionable Related to: fix-sync-creatives-principal-id 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * fix: replace assert with explicit auth check in update_media_buy Problem: - update_media_buy used assert for principal_id check (line 82) - Asserts are removed when Python runs with -O (optimize flag) - This is a SECURITY check, not a developer assertion - Could allow unauthorized updates in optimized production Changes: 1. Added early auth check after get_principal_id_from_context (lines 62-66) 2. Replaced assert with explicit if/raise at security violation check (lines 82-83) 3. Added comprehensive AUTH_AUDIT_FINDINGS.md document Root Cause: - Python asserts disappear with optimization: python -O script.py - Security checks MUST use explicit if/raise, not assert - Assert should only be used for "this should never happen" developer checks - Security boundary checks need to work in all environments Impact: - update_media_buy now fails fast on missing auth (before DB access) - Security check works even with Python optimization flags - Matches pattern used in other tools (create_media_buy, sync_creatives) Documentation: - Added AUTH_AUDIT_FINDINGS.md with: - Complete audit of all 8 AdCP tools - Why tests didn't catch this (all tests provide mock auth) - Recommendations for negative auth tests - Testing principles learned Related: - Similar fix in sync_creatives (commit ab3121c) - Pattern: get principal_id → check not None → raise ToolError 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * test: add comprehensive auth requirement tests for all tools Added 13 unit tests covering authentication requirements across all AdCP tools. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * chore: remove temporary AUTH_AUDIT_FINDINGS.md Removed temporary investigation document. Key findings documented in: - Commit messages (ab3121c, ab456e6, 9ee01e2) - Test files (test_sync_creatives_auth.py, test_auth_requirements.py) - Code comments in affected files 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes authentication enforcement in
sync_creativesandupdate_media_buyto prevent database constraint violations and potential security issues.Problem
Original Issue:
sync_creativesfailing with:null value in column "principal_id" violates not-null constraintprincipal_id=None(missing/invalid auth)Why Tests Didn't Catch This:
Changes
1. sync_creatives (src/core/tools/creatives.py)
get_principal_id_from_context()x-adcp-authheader for actionable debugging2. update_media_buy (src/core/tools/media_buy_update.py)
assertwith explicitif/raisecheckassertstatements are removed when Python runs with-Oflag3. Comprehensive Test Coverage
test_sync_creatives_auth.py- Specific tests for sync_creativestest_auth_requirements.py- 13 tests covering all 8 AdCP toolsTesting
Local Tests (Quick Mode):
Test Coverage:
Security Review
Code Reviewer Agent Analysis:
Impact
User Experience:
null value in column "principal_id"Authentication required: Missing or invalid x-adcp-auth headerSecurity:
python -O)Maintainability:
Related Issues
Fixes the issue reported by user where
sync_creativeswas failing with database constraint violation.Checklist
🤖 Generated with Claude Code