yuqi1129 opened a new pull request, #11620:
URL: https://github.com/apache/gravitino/pull/11620

   ### What changes were proposed in this pull request?
   
   - Add a `token` field to `Setting`, masking its value in `__str__` to avoid 
leaking it into logs.
   - Add a `--token` CLI argument to `main.py`, falling back to the 
`GRAVITINO_TOKEN` environment variable.
   - `PlainRESTClientOperation` accepts a token and sets the `Authorization: 
Bearer` header on the httpx client when non-empty.
   - `RESTClientFactory.create_rest_client` passes the token through, and 
`GravitinoContext` propagates `setting.token` to the factory.
   - Update `MockOperation` to accept the token parameter for test 
compatibility.
   
   ### Why are the changes needed?
   
   The MCP server currently has no way to pass an authentication token to 
Gravitino REST calls, so it cannot work against a Gravitino server with auth 
enabled.
   
   Fix: #11565
   Fix: #11566
   
   ### Does this PR introduce _any_ user-facing change?
   
   Yes. Adds a new `--token` CLI option (and `GRAVITINO_TOKEN` env var 
fallback) to the MCP server.
   
   ### How was this patch tested?
   
   Added 7 unit tests in `mcp-server/tests/unit/test_auth_flow.py` covering 
token injection, masking, and context propagation.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to