Skip to content

feat(auth): add token time restriction validation#3888

Open
ChrisPC-39 wants to merge 11 commits intomainfrom
fix_token_time_restrictions
Open

feat(auth): add token time restriction validation#3888
ChrisPC-39 wants to merge 11 commits intomainfrom
fix_token_time_restrictions

Conversation

@ChrisPC-39
Copy link
Copy Markdown
Collaborator

@ChrisPC-39 ChrisPC-39 commented Mar 27, 2026
edited
Loading

🔗 Related Issue

Fixes part of #2393

📝 Summary

When generating an API Token with time restrictions, the days list, start_time and end_time were not validated. This PR fixes the issue and adds unit tests.

🏷️ Type of Change

  • Bug fix
  • Feature / Enhancement
  • Documentation
  • Refactor
  • Chore (deps, CI, tooling)
  • Other (describe below)

🧪 Verification

Check Command Status
Lint suite make lint passed
Unit tests make test passed
Coverage ≥ 80% make coverage 99%

✅ Checklist

  • Code formatted (make black isort pre-commit)
  • Tests added/updated for changes
  • Documentation updated (if applicable)
  • No secrets or credentials committed

Chris PC added 6 commits March 26, 2026 14:40
Fix time restriction validation and add comprehensive unit tests
2217919 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
update verify credentials with new time restrictions validation
34a47db 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
Add pytz for time restriction validation
29f02e5 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
Merge remote-tracking branch 'origin' into fix_token_time_restrictions
62d6a13
Lint
e91151e 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
Pytz in uv.lock
23704b5 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
Chris PC and others added 5 commits March 27, 2026 11:53
Typo
bf8e732 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
Unit test typo
0681c11 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
@ChrisPC-39
Merge branch 'main' into fix_token_time_restrictions
2076d68
Fix linter errors
cdd482c 
Signed-off-by: Chris PC <chrispc@li-4dc2bf4c-325d-11b2-a85c-b68e8b1fc307.ibm.com>
Merge branch 'fix_token_time_restrictions' of https://github.com/IBM/…
b9bd42e 
…mcp-context-forge into fix_token_time_restrictions
@crivetimihai crivetimihai changed the title [BUG] Fix token time restriction validation feat(auth): add token time restriction validation Mar 29, 2026
@crivetimihai crivetimihai added enhancement New feature or request security Improves security COULD P3: Nice-to-have features with minimal impact if left out; included if time permits rbac Role-based Access Control labels Mar 29, 2026
@crivetimihai crivetimihai added this to the Release 1.2.0 milestone Mar 29, 2026
@crivetimihai
Copy link
Copy Markdown
Member

crivetimihai commented Mar 29, 2026

Thanks @ChrisPC-39. This is a nice addition — time-windowed token access is a useful RBAC feature. A few notes:

  1. This is a new feature, not a bug fix — I've re-categorized accordingly.
  2. The commit needs a Signed-off-by line (DCO requirement — use git commit --amend -s).
  3. Please link the issue this addresses, or open one if there isn't one.
  4. Consider whether pytz is the right choice — the stdlib zoneinfo module (Python 3.9+) is preferred for new code.

Let me know if you have questions!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crivetimihai crivetimihai Awaiting requested review from crivetimihai crivetimihai is a code owner

@kevalmahajan kevalmahajan Awaiting requested review from kevalmahajan kevalmahajan is a code owner

@madhav165 madhav165 Awaiting requested review from madhav165 madhav165 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

COULD P3: Nice-to-have features with minimal impact if left out; included if time permits enhancement New feature or request rbac Role-based Access Control security Improves security

Projects

None yet

Milestone

Release 1.2.0

Development

Successfully merging this pull request may close these issues.

2 participants

@ChrisPC-39 @crivetimihai