hardening(identity): align build_ucp_profile claims coalescing with node sibling

vvillait88 · claude · vvillait88 · commit acda9561cd7a · 2026-05-09T04:50:14.000-07:00
The API can return account_verification with either null or empty-string for
un-set fields depending on the row state. The python builder used
dict.get(k, DEFAULT) for age_bracket/jurisdiction, which returns None verbatim
when the key is present-but-null instead of falling through to the default.
The node sibling used `??` (collapse null/undefined only, pass empty-string
verbatim).

For the same AssessResult shape, that meant the two SDKs emitted different
canonical claims blocks, so a profile signed in one language failed verify in
the other.

Switch python to `dict.get(k) or DEFAULT` for age_bracket and jurisdiction so
null AND empty-string both fall through to the schema default. The kyc_level
and verified_at branches already used `or` semantics; verified and left
as-is. Node sibling switched to `||` in the same round.

Adds a data-driven-claims cross-lang fixture that, unlike the rest of the
corpus, exercises build_ucp_profile's actual data path (constructs a synthetic
AssessResult with the API "missing" sentinels and lets the builder coalesce).
Both languages now emit identical canonical bytes for the input.

Co-Authored-By: Claude Opus 4.7 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/agentscore_commerce/identity/ucp.py b/agentscore_commerce/identity/ucp.py
@@ -261,12 +261,18 @@ async def ucp_profile():
             operator_verification = {}
         if not isinstance(account_verification, dict):
             account_verification = {}
+        # `dict.get(k) or DEFAULT` (not `dict.get(k, DEFAULT)`) coerces both a
+        # missing key AND a present-but-falsy (None / "") value to the default,
+        # matching the node sibling's `||` semantics. The API can return
+        # `account_verification` with either null or `""` for un-set fields
+        # depending on the row state, and a profile signed in one language must
+        # verify in the other across both shapes.
         claims = {
             "operator_id": data.resolved_operator,
             "kyc_level": account_verification.get("kyc_level") or operator_verification.get("level") or "none",
             "sanctions_clear": account_verification.get("sanctions_clear") is True,
-            "age_bracket": account_verification.get("age_bracket", "unknown"),
-            "jurisdiction": account_verification.get("jurisdiction", ""),
+            "age_bracket": account_verification.get("age_bracket") or "unknown",
+            "jurisdiction": account_verification.get("jurisdiction") or "",
             "verified_at": account_verification.get("verified_at") or operator_verification.get("verified_at"),
             "verify_url": data.verify_url,
             "issuer": "https://agentscore.sh",
diff --git a/scripts/generate_data_driven_claims_fixture.py b/scripts/generate_data_driven_claims_fixture.py
@@ -0,0 +1,80 @@
+"""One-shot generator for the data-driven-claims cross-lang fixture (Python side).
+
+Writes ``tests/fixtures/cross-lang/py-data-driven-claims.json``. Unlike the
+other cross-lang fixtures (which hand-craft the ``agentscore-identity``
+capability), this one EXERCISES ``build_ucp_profile``'s data path: it
+constructs a synthetic ``AssessResult`` with the API-shape "missing" sentinels
+(empty string for kyc_level, None for age_bracket / jurisdiction /
+verified_at) and lets the builder coalesce them. Both languages MUST emit
+identical canonical bytes for this input or cross-lang verify drifts silently
+in production.
+"""
+
+from __future__ import annotations
+
+import json
+from pathlib import Path
+
+from agentscore_commerce.identity import (
+    AssessResult,
+    UCPService,
+    UCPSigningKey,
+    build_ucp_profile,
+)
+from agentscore_commerce.identity.ucp_jwks import (
+    build_jwks_response,
+    generate_ucp_signing_key,
+    sign_ucp_profile,
+)
+
+OUT = Path(__file__).resolve().parent.parent / "tests" / "fixtures" / "cross-lang" / "py-data-driven-claims.json"
+
+KID = "py-data-driven-claims-EdDSA"
+
+
+def main() -> None:
+    key = generate_ucp_signing_key(kid=KID)
+
+    result = AssessResult(
+        allow=True,
+        resolved_operator="op_data_driven",
+        verify_url="https://agentscore.sh/verify/op_data_driven",
+        raw={
+            "account_verification": {
+                # Empty string is the API's "set but unknown" shape for some
+                # columns; None is the shape for others. The builder must
+                # coerce both to the schema default identically across node
+                # and python.
+                "kyc_level": "",
+                "sanctions_clear": False,
+                "age_bracket": None,
+                "jurisdiction": None,
+                "verified_at": None,
+            },
+        },
+    )
+
+    profile = build_ucp_profile(
+        name="Data Driven Claims Merchant",
+        services=[UCPService(type="rest", url="https://d.example.com")],
+        payment_handlers=[],
+        signing_keys=[UCPSigningKey.from_jwk(key.public_jwk)],
+        data=result,
+    )
+
+    signed = sign_ucp_profile(profile.to_dict(), signing_key=key.private_key, kid=KID)
+
+    fixture = {
+        "profile": signed,
+        "jwks": build_jwks_response([key.public_jwk]),
+        "alg": "EdDSA",
+        "kid": KID,
+        "generator": "python",
+    }
+
+    OUT.write_text(json.dumps(fixture, indent=2) + "\n")
+    print(f"wrote {OUT}")
+
+
+if __name__ == "__main__":
+    main()
diff --git a/tests/fixtures/cross-lang/node-data-driven-claims.json b/tests/fixtures/cross-lang/node-data-driven-claims.json
@@ -0,0 +1,57 @@
+{
+  "profile": {
+    "version": "2026-04-17",
+    "spec": "https://ucp.dev/",
+    "services": [
+      {
+        "type": "rest",
+        "url": "https://d.example.com"
+      }
+    ],
+    "capabilities": [
+      {
+        "name": "agentscore-identity",
+        "version": "1",
+        "schema": "https://agentscore.sh/schemas/ucp/agentscore-identity.v1.json",
+        "claims": {
+          "operator_id": "op_data_driven",
+          "kyc_level": "none",
+          "sanctions_clear": false,
+          "age_bracket": "unknown",
+          "jurisdiction": "",
+          "verified_at": null,
+          "verify_url": "https://agentscore.sh/verify/op_data_driven",
+          "issuer": "https://agentscore.sh"
+        }
+      }
+    ],
+    "payment_handlers": [],
+    "signing_keys": [
+      {
+        "kid": "node-data-driven-claims-EdDSA",
+        "alg": "EdDSA",
+        "use": "sig",
+        "crv": "Ed25519",
+        "kty": "OKP",
+        "x": "1GQBzacuSLmz5l6LPHluSWLNI1xgcriiRdqs9sO22hY"
+      }
+    ],
+    "name": "Data Driven Claims Merchant",
+    "signature": "eyJhbGciOiJFZERTQSIsImtpZCI6Im5vZGUtZGF0YS1kcml2ZW4tY2xhaW1zLUVkRFNBIiwidHlwIjoidWNwLXByb2ZpbGUrandzIn0.eyJjYXBhYmlsaXRpZXMiOlt7ImNsYWltcyI6eyJhZ2VfYnJhY2tldCI6InVua25vd24iLCJpc3N1ZXIiOiJodHRwczovL2FnZW50c2NvcmUuc2giLCJqdXJpc2RpY3Rpb24iOiIiLCJreWNfbGV2ZWwiOiJub25lIiwib3BlcmF0b3JfaWQiOiJvcF9kYXRhX2RyaXZlbiIsInNhbmN0aW9uc19jbGVhciI6ZmFsc2UsInZlcmlmaWVkX2F0IjpudWxsLCJ2ZXJpZnlfdXJsIjoiaHR0cHM6Ly9hZ2VudHNjb3JlLnNoL3ZlcmlmeS9vcF9kYXRhX2RyaXZlbiJ9LCJuYW1lIjoiYWdlbnRzY29yZS1pZGVudGl0eSIsInNjaGVtYSI6Imh0dHBzOi8vYWdlbnRzY29yZS5zaC9zY2hlbWFzL3VjcC9hZ2VudHNjb3JlLWlkZW50aXR5LnYxLmpzb24iLCJ2ZXJzaW9uIjoiMSJ9XSwibmFtZSI6IkRhdGEgRHJpdmVuIENsYWltcyBNZXJjaGFudCIsInBheW1lbnRfaGFuZGxlcnMiOltdLCJzZXJ2aWNlcyI6W3sidHlwZSI6InJlc3QiLCJ1cmwiOiJodHRwczovL2QuZXhhbXBsZS5jb20ifV0sInNpZ25pbmdfa2V5cyI6W3siYWxnIjoiRWREU0EiLCJjcnYiOiJFZDI1NTE5Iiwia2lkIjoibm9kZS1kYXRhLWRyaXZlbi1jbGFpbXMtRWREU0EiLCJrdHkiOiJPS1AiLCJ1c2UiOiJzaWciLCJ4IjoiMUdRQnphY3VTTG16NWw2TFBIbHVTV0xOSTF4Z2NyaWlSZHFzOXNPMjJoWSJ9XSwic3BlYyI6Imh0dHBzOi8vdWNwLmRldi8iLCJ2ZXJzaW9uIjoiMjAyNi0wNC0xNyJ9.yBVx0_My6D8OAF-g6866FiM24IChFrfQqE5IPhhoxHiNO8qjgBRlE0MCGhUdW0i-3mF8TroUsnsaVv0NV_vbDw"
+  },
+  "jwks": {
+    "keys": [
+      {
+        "kid": "node-data-driven-claims-EdDSA",
+        "alg": "EdDSA",
+        "use": "sig",
+        "crv": "Ed25519",
+        "kty": "OKP",
+        "x": "1GQBzacuSLmz5l6LPHluSWLNI1xgcriiRdqs9sO22hY"
+      }
+    ]
+  },
+  "alg": "EdDSA",
+  "kid": "node-data-driven-claims-EdDSA",
+  "generator": "node"
+}
diff --git a/tests/fixtures/cross-lang/py-data-driven-claims.json b/tests/fixtures/cross-lang/py-data-driven-claims.json
@@ -0,0 +1,57 @@
+{
+  "profile": {
+    "version": "2026-04-17",
+    "spec": "https://ucp.dev/",
+    "services": [
+      {
+        "type": "rest",
+        "url": "https://d.example.com"
+      }
+    ],
+    "capabilities": [
+      {
+        "name": "agentscore-identity",
+        "schema": "https://agentscore.sh/schemas/ucp/agentscore-identity.v1.json",
+        "version": "1",
+        "claims": {
+          "operator_id": "op_data_driven",
+          "kyc_level": "none",
+          "sanctions_clear": false,
+          "age_bracket": "unknown",
+          "jurisdiction": "",
+          "verified_at": null,
+          "verify_url": "https://agentscore.sh/verify/op_data_driven",
+          "issuer": "https://agentscore.sh"
+        }
+      }
+    ],
+    "payment_handlers": [],
+    "signing_keys": [
+      {
+        "kid": "py-data-driven-claims-EdDSA",
+        "kty": "OKP",
+        "alg": "EdDSA",
+        "use": "sig",
+        "crv": "Ed25519",
+        "x": "e0tM2PG2SrWLVh2twzUQqc4wVi5isQJTWZLWe9Jceqg"
+      }
+    ],
+    "name": "Data Driven Claims Merchant",
+    "signature": "eyJhbGciOiJFZERTQSIsImtpZCI6InB5LWRhdGEtZHJpdmVuLWNsYWltcy1FZERTQSIsInR5cCI6InVjcC1wcm9maWxlK2p3cyJ9.eyJjYXBhYmlsaXRpZXMiOlt7ImNsYWltcyI6eyJhZ2VfYnJhY2tldCI6InVua25vd24iLCJpc3N1ZXIiOiJodHRwczovL2FnZW50c2NvcmUuc2giLCJqdXJpc2RpY3Rpb24iOiIiLCJreWNfbGV2ZWwiOiJub25lIiwib3BlcmF0b3JfaWQiOiJvcF9kYXRhX2RyaXZlbiIsInNhbmN0aW9uc19jbGVhciI6ZmFsc2UsInZlcmlmaWVkX2F0IjpudWxsLCJ2ZXJpZnlfdXJsIjoiaHR0cHM6Ly9hZ2VudHNjb3JlLnNoL3ZlcmlmeS9vcF9kYXRhX2RyaXZlbiJ9LCJuYW1lIjoiYWdlbnRzY29yZS1pZGVudGl0eSIsInNjaGVtYSI6Imh0dHBzOi8vYWdlbnRzY29yZS5zaC9zY2hlbWFzL3VjcC9hZ2VudHNjb3JlLWlkZW50aXR5LnYxLmpzb24iLCJ2ZXJzaW9uIjoiMSJ9XSwibmFtZSI6IkRhdGEgRHJpdmVuIENsYWltcyBNZXJjaGFudCIsInBheW1lbnRfaGFuZGxlcnMiOltdLCJzZXJ2aWNlcyI6W3sidHlwZSI6InJlc3QiLCJ1cmwiOiJodHRwczovL2QuZXhhbXBsZS5jb20ifV0sInNpZ25pbmdfa2V5cyI6W3siYWxnIjoiRWREU0EiLCJjcnYiOiJFZDI1NTE5Iiwia2lkIjoicHktZGF0YS1kcml2ZW4tY2xhaW1zLUVkRFNBIiwia3R5IjoiT0tQIiwidXNlIjoic2lnIiwieCI6ImUwdE0yUEcyU3JXTFZoMnR3elVRcWM0d1ZpNWlzUUpUV1pMV2U5SmNlcWcifV0sInNwZWMiOiJodHRwczovL3VjcC5kZXYvIiwidmVyc2lvbiI6IjIwMjYtMDQtMTcifQ.IRSaAW3aI_uT0YBakBlQ_DalJNlvmiID89pmeK2avjS1rZ1FWTjTnYv4fHYbkolTYKYSW4PNC8rV4hTYtPOzDg"
+  },
+  "jwks": {
+    "keys": [
+      {
+        "crv": "Ed25519",
+        "x": "e0tM2PG2SrWLVh2twzUQqc4wVi5isQJTWZLWe9Jceqg",
+        "kid": "py-data-driven-claims-EdDSA",
+        "alg": "EdDSA",
+        "use": "sig",
+        "kty": "OKP"
+      }
+    ]
+  },
+  "alg": "EdDSA",
+  "kid": "py-data-driven-claims-EdDSA",
+  "generator": "python"
+}
diff --git a/tests/test_ucp.py b/tests/test_ucp.py
@@ -133,3 +133,49 @@ def test_extras_reserved_collision_rejected(key: str) -> None:
     profile = build_ucp_profile(**_base_kwargs(), extras={key: "attacker"})
     with pytest.raises(ValueError, match="collides with a reserved profile field"):
         profile.to_dict()
+
+
+# Empty-string and null normalization: the API can emit
+# ``account_verification`` with either null or ``""`` for un-set fields, and the
+# node + python siblings must produce the SAME canonical claims block for either
+# shape so a profile signed in one language verifies in the other.
+
+
+def _claims_of(account_verification: dict) -> dict:
+    result = AssessResult(
+        allow=True,
+        resolved_operator="op_abc",
+        raw={"account_verification": account_verification},
+    )
+    profile = build_ucp_profile(**_base_kwargs(), data=result)
+    d = profile.to_dict()
+    cap = next(c for c in d["capabilities"] if c["name"] == AGENTSCORE_UCP_CAPABILITY)
+    return cap["claims"]
+
+
+def test_coerces_empty_string_kyc_level_to_none() -> None:
+    assert _claims_of({"kyc_level": ""})["kyc_level"] == "none"
+
+
+def test_coerces_null_age_bracket_to_unknown() -> None:
+    assert _claims_of({"age_bracket": None})["age_bracket"] == "unknown"
+
+
+def test_coerces_empty_string_age_bracket_to_unknown() -> None:
+    assert _claims_of({"age_bracket": ""})["age_bracket"] == "unknown"
+
+
+def test_coerces_null_jurisdiction_to_empty_string() -> None:
+    assert _claims_of({"jurisdiction": None})["jurisdiction"] == ""
+
+
+def test_coerces_empty_string_jurisdiction_to_empty_string() -> None:
+    assert _claims_of({"jurisdiction": ""})["jurisdiction"] == ""
+
+
+def test_coerces_null_verified_at_to_none() -> None:
+    assert _claims_of({"verified_at": None})["verified_at"] is None
+
+
+def test_coerces_empty_string_verified_at_to_none() -> None:
+    assert _claims_of({"verified_at": ""})["verified_at"] is None
diff --git a/tests/test_ucp_cross_lang.py b/tests/test_ucp_cross_lang.py
@@ -46,5 +46,10 @@ def test_corpus_covers_canonical_scenarios() -> None:
             "multikey",
             "emoji-keys",
             "int-boundary",
+            # `data-driven-claims` is the only fixture in the corpus that
+            # exercises ``build_ucp_profile`` / ``buildUCPProfile``'s data path
+            # (vs. hand-crafted capabilities). Catches drift in
+            # ``account_verification`` coalescing.
+            "data-driven-claims",
         ):
             assert f"{lang}-{scenario}.json" in names, f"missing fixture {lang}-{scenario}.json"
