aminghadersohi opened a new pull request, #38747: URL: https://github.com/apache/superset/pull/38747
### SUMMARY In open-source (non-Preset) Superset deployments, `get_user_from_request()` in `mcp_service/auth.py` blindly returns `g.user` if already set — without verifying it belongs to the current request. Since `mcp_auth_hook` pushes Flask **app context** only (not request context), `g.user` can persist between tool calls, leading to **privilege escalation** where one user's MCP actions execute under another user's identity. **Root cause:** `mcp_auth_hook` uses `nullcontext()` if already in an app context, so `g` persists. `_setup_user_context()` sets `g.user = user`, and the next tool call finds the stale `g.user` and returns it immediately. **Fix — changed auth priority order in `get_user_from_request()`:** | Priority | Source | Safety | |---|---|---| | 1 | JWT auth context (per-request ContextVar from MCP SDK via `get_access_token()`) | Per-async-task safe | | 2 | `MCP_DEV_USERNAME` config | Static dev user | | 3 | `g.user` fallback | For external middleware (e.g. Preset) only | | 4 | Raise `ValueError` | No auth source | **Additional hardening:** - Clear `g.user` at the start of each `mcp_auth_hook` wrapper (belt-and-suspenders) - If JWT resolves a username not found in DB → **fail closed** (raise error, don't fall through to weaker auth) - Updated `default_user_resolver()` to check `AccessToken.claims` dict first (FastMCP format) and added `preferred_username` OIDC claim support **Safe for all environments:** | Environment | Before | After | |---|---|---| | Preset (WorkspaceContextMiddleware) | g.user (fresh, works) | No JWT → no DEV_USERNAME → g.user (still fresh) | | OSS with JWT | g.user from PREVIOUS request (BUG) | JWT claims → fresh user per request (FIXED) | | OSS dev mode | g.user if set, else MCP_DEV_USERNAME | No JWT → MCP_DEV_USERNAME (same) | ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF N/A — backend auth logic change, no UI. ### TESTING INSTRUCTIONS 1. Run new tests: `pytest tests/unit_tests/mcp_service/test_auth_user_resolution.py -x -q` (20 tests) 2. Run existing auth tests: `pytest tests/unit_tests/mcp_service/test_auth_rbac.py -x -q` (15 tests) 3. Run full MCP test suite: `pytest tests/unit_tests/mcp_service/ -x -q` (871 tests) ### ADDITIONAL INFORMATION - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351)) - [ ] Migration is atomic, supports rollback & is backwards-compatible - [ ] Confirm DB migration upgrade and downgrade tested - [ ] Runtime estimates and downtime expectations provided - [ ] Introduces new feature or API - [ ] Removes existing feature or API -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
