Skip to content

Add tests for ti:self JWT scope enforcement on execution API#66071

Merged
potiuk merged 2 commits into
apache:mainfrom
amoghrajesh:add-ti-self-scope-tests
May 10, 2026
Merged

Add tests for ti:self JWT scope enforcement on execution API#66071
potiuk merged 2 commits into
apache:mainfrom
amoghrajesh:add-ti-self-scope-tests

Conversation

@amoghrajesh

Copy link
Copy Markdown
Contributor

The ti:self scope check at security.py rejects requests where the JWT subject does not match the task_instance_id in the path. This is the cross-task isolation guarantee for any router that opts into ti:self (e.g. /task-instances, /hitl, and the upcoming task state endpoints from AIP-103). Until now the check was uncovered.

Adds three tests mirroring the existing TestTokenTypeScopeEnforcement pattern: matching subject is accepted, mismatched subject returns 403, and routes without ti:self ignore subject mismatches.

Why

execution API uses the ti:self scope to enforce that a task can only access its own resources — JWT subject must equal the task_instance_id in the request path. The check lives at https://github.com/apache/airflow/blob/main/airflow-core/src/airflow/api_fastapi/execution_api/security.py#L185-L193 and is what stops a task from reading or writing another task's state, HITL responses, etc.

I noticed thattest_security.py only tested token-type enforcement (workload vs execution); the cross-TI check was relying on no one breaking it.

While working on AIP-103 (task / asset state endpoints), I needed this guarantee to be defended before claiming that "a task can only access its own state" is true. Filing this separately so the coverage benefits every router using ti:self, not just the state endpoints.

Summary

Adding tests for three cases:

  • Matching JWT subject is accepted (200)
  • Mismatched JWT subject is rejected (403, "does not match")

Was generative AI tooling used to co-author this PR?
  • Yes (please specify the tool below)

  • Read the Pull Request Guidelines for more information. Note: commit author/co-author name and email in commits become permanently public when merged.
  • For fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
  • When adding dependency, check compliance with the ASF 3rd Party License Policy.
  • For significant user-facing changes create newsfragment: {pr_number}.significant.rst, in airflow-core/newsfragments. You can add this file in a follow-up commit after the PR is created so you know the PR number.

The ti:self scope check at security.py rejects requests where the
JWT subject does not match the task_instance_id in the path. This is
the cross-task isolation guarantee for any router that opts into
ti:self (e.g. /task-instances, /hitl, and the upcoming task state
endpoints from AIP-103). Until now the check was uncovered.

Adds three tests mirroring the existing TestTokenTypeScopeEnforcement
pattern: matching subject is accepted, mismatched subject returns 403,
and routes without ti:self ignore subject mismatches.
@amoghrajesh amoghrajesh requested review from ashb, kaxil and potiuk April 29, 2026 08:21
@amoghrajesh amoghrajesh self-assigned this Apr 29, 2026
@boring-cyborg boring-cyborg Bot added the area:API Airflow's REST/HTTP API label Apr 29, 2026
@amoghrajesh amoghrajesh changed the title Add ti self scope tests Add tests for ti:self JWT scope enforcement on Execution API Apr 29, 2026
@amoghrajesh amoghrajesh changed the title Add tests for ti:self JWT scope enforcement on Execution API Add tests for ti:self JWT scope enforcement on execution API Apr 29, 2026
@amoghrajesh amoghrajesh requested a review from eladkal May 4, 2026 07:52
@amoghrajesh

Copy link
Copy Markdown
Contributor Author

Pretty simple one, @potiuk / @eladkal can I get a review on this one?

@potiuk potiuk merged commit b94f36f into apache:main May 10, 2026
140 checks passed
jason810496 pushed a commit to jason810496/airflow that referenced this pull request May 11, 2026
…66071)

* Add tests for ti:self JWT scope enforcement on Execution API

The ti:self scope check at security.py rejects requests where the
JWT subject does not match the task_instance_id in the path. This is
the cross-task isolation guarantee for any router that opts into
ti:self (e.g. /task-instances, /hitl, and the upcoming task state
endpoints from AIP-103). Until now the check was uncovered.

Adds three tests mirroring the existing TestTokenTypeScopeEnforcement
pattern: matching subject is accepted, mismatched subject returns 403,
and routes without ti:self ignore subject mismatches.

* update
potiuk added a commit to apache/magpie that referenced this pull request May 14, 2026
Replaces the existing scope-based @-mention routing in
security-issue-triage with a history-based priority order:

  1. PR-author of the analogous prior fix (via gh search prs)
  2. Recent reviewer of the area (via gh pr list reviewed-by)
  3. Scope-default fallback (existing behavior, narrowed to 1 pick)

The routing decision is cached per unique code area within a
bulk-mode run so a 5-tracker sweep through one directory issues
one set of gh search prs queries, not five.

Adds an explicit routing-failure fallback: when no PR-history
match exists for a code area, the skill stops and surfaces a
"confirm @-mentions before posting" prompt rather than silently
defaulting to a generic roster ping.

Motivation: scope-default routing produces generic 3-person pings
that the team trains itself to ignore. For airflow-s#406 (missing
ti:self enforcement on /execution/task-reschedules) the right
pick was unambiguous — @amoghrajesh wrote apache/airflow#66071
introducing the mechanism — but the existing scope-default rule
produced a generic providers ping. This PR codifies the priority
order so the classifier reaches the same answer the human triager
reaches by hand.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area:API Airflow's REST/HTTP API

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants