yuqi1129 opened a new pull request, #11620: URL: https://github.com/apache/gravitino/pull/11620
### What changes were proposed in this pull request? - Add a `token` field to `Setting`, masking its value in `__str__` to avoid leaking it into logs. - Add a `--token` CLI argument to `main.py`, falling back to the `GRAVITINO_TOKEN` environment variable. - `PlainRESTClientOperation` accepts a token and sets the `Authorization: Bearer` header on the httpx client when non-empty. - `RESTClientFactory.create_rest_client` passes the token through, and `GravitinoContext` propagates `setting.token` to the factory. - Update `MockOperation` to accept the token parameter for test compatibility. ### Why are the changes needed? The MCP server currently has no way to pass an authentication token to Gravitino REST calls, so it cannot work against a Gravitino server with auth enabled. Fix: #11565 Fix: #11566 ### Does this PR introduce _any_ user-facing change? Yes. Adds a new `--token` CLI option (and `GRAVITINO_TOKEN` env var fallback) to the MCP server. ### How was this patch tested? Added 7 unit tests in `mcp-server/tests/unit/test_auth_flow.py` covering token injection, masking, and context propagation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
