Copilot commented on code in PR #40653:
URL: https://github.com/apache/superset/pull/40653#discussion_r3337944141
##########
superset/mcp_service/jwt_verifier.py:
##########
@@ -54,6 +54,41 @@
logger = logging.getLogger(__name__)
+# Algorithms that are never acceptable for bearer-token verification.
+# "none" (unsigned tokens) must never be honored — accepting it would let any
+# caller forge claims. Comparison is case-insensitive to catch "None"/"NONE".
+_FORBIDDEN_ALGORITHMS = frozenset({"none"})
+
+
+def _warn_on_weak_jwt_config(
+ audience: Any,
+ algorithm: Any,
+) -> None:
+ """Emit startup warnings when a JWT verifier is configured permissively.
+
+ These are config-gated soft warnings, not hard failures: a verifier is only
+ ever constructed when ``MCP_AUTH_ENABLED`` is True and JWT keys are present
+ (see ``create_default_mcp_auth_factory``). We warn — rather than refuse to
+ start — so existing single-service deployments that intentionally omit an
+ audience or rely on JWKS-advertised algorithms keep working. Operators who
+ want strict enforcement should set ``MCP_JWT_AUDIENCE`` and
+ ``MCP_JWT_ALGORITHM``.
+ """
+ if not audience:
+ logger.warning(
+ "MCP JWT verifier configured without an audience "
+ "(MCP_JWT_AUDIENCE unset): audience validation is DISABLED. "
+ "Tokens minted for other services may be accepted. Set "
+ "MCP_JWT_AUDIENCE to bind tokens to this service."
+ )
+ if not algorithm:
+ logger.warning(
+ "MCP JWT verifier configured without a pinned signing algorithm "
+ "(MCP_JWT_ALGORITHM unset): the algorithm header is not pinned. "
+ "Set MCP_JWT_ALGORITHM to the algorithm your IdP uses. Unsigned "
+ "('none') tokens are always rejected regardless of this setting."
+ )
Review Comment:
The "algorithm not pinned" warning is unlikely to ever trigger in normal
configuration, because `create_default_mcp_auth_factory()` always supplies a
non-falsy `algorithm` (defaults to "RS256" when `MCP_JWT_ALGORITHM` is unset).
As a result, `_warn_on_weak_jwt_config()` will not warn even when the operator
did not explicitly pin an algorithm, which appears to contradict the PR
intent/description.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
