Skip to content

fix: auth token base64 fallback and CiString case preservation#9

Merged
alfonsosastre merged 4 commits into
mainfrom
fix/auth-token-fallback-and-cistring-preserve-case
Feb 11, 2026
Merged

fix: auth token base64 fallback and CiString case preservation#9
alfonsosastre merged 4 commits into
mainfrom
fix/auth-token-fallback-and-cistring-preserve-case

Conversation

@alfonsosastre

Copy link
Copy Markdown
Contributor

Summary

  • Auth token resilience: All four verifier classes (AuthorizationVerifier, CredentialsAuthorizationVerifier, HttpPushVerifier, WSPushVerifier) now catch all exceptions from decode_string_base64 and fall back to the raw token instead of raising AuthorizationOCPIError. This allows plain-text tokens to work with OCPI 2.2+ endpoints (useful for development and integrations that don't base64-encode their tokens).
  • CiString preserves original case: CiString no longer forces values to lowercase or uppercase. The OCPI spec defines CiString as case-insensitive comparison, not case mutation. Forcing case was breaking identifiers like OCPP charge point IDs (e.g., K0032832A became k0032832a).
  • get_auth_token() fallback: Added try/except around decode_string_base64 so callers get the raw token back if decoding fails, instead of an unhandled exception.
  • Default CI_STRING_LOWERCASE_PREFERENCE: Changed from True to False to preserve case by default.

Context

These issues were discovered during end-to-end testing of the OCPI DirectPayment flow (Payter integration) with elu-ocpi and elu-charge. The CiString case mutation caused EVSE/location ID mismatches, and the strict base64 decoding blocked authentication with plain-text dev tokens.

Test plan

  • Verify existing OCPI test suite passes (no regressions from auth changes)
  • Verify CiString values preserve their original case
  • Verify base64-encoded tokens still decode correctly
  • Verify plain-text tokens work as fallback with OCPI 2.2+ endpoints
  • Verify CI_STRING_LOWERCASE_PREFERENCE=true env var restores old behavior if needed

Made with Cursor

Alfonso Sastre and others added 4 commits February 9, 2026 20:30
- Make base64 token decoding resilient: catch all decode errors and
  fall back to raw token instead of raising AuthorizationOCPIError.
  This allows development setups to use plain-text tokens with OCPI
  2.2+ endpoints.
- Preserve original case in CiString instead of forcing lower/upper.
  CiString means case-insensitive comparison, not mutation. Forcing
  case destroyed identifiers like OCPP charge point IDs.
- Change CI_STRING_LOWERCASE_PREFERENCE default to false (preserve
  case by default).
- Add try/except in get_auth_token() for decode_string_base64 to
  gracefully handle non-base64 tokens.

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
…(OCPI 2.2.1)

- Auth: fallback to raw token when base64 decode fails (dev/integration)
- CiString: preserve original case (OCPP IDs like K0032832A)
- Remove auth_id from Session/CDR v2.2.1 (replaced by CdrToken per spec)
- Remove CI_STRING_LOWERCASE_PREFERENCE (dead config)
- Narrow exception handling to (UnicodeDecodeError, ValueError)
- Add tests for plain-text fallback and CiString case preservation

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
@alfonsosastre alfonsosastre merged commit b69e710 into main Feb 11, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant