rusackas opened a new pull request, #40864: URL: https://github.com/apache/superset/pull/40864
### SUMMARY The MCP JWT verifier (`superset/mcp_service/jwt_verifier.py`) logs authentication *failures* at WARNING, but a *successful* authentication produced no log entry — so there was no audit trail for successful MCP access. This adds an `INFO`-level log on the success path of `load_access_token()`, right before the `AccessToken` is returned, recording the client id and the granted scopes. No token value or raw claim values are logged (consistent with the verifier's existing logging discipline). ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF N/A — server-side logging. ### TESTING INSTRUCTIONS ``` pytest tests/unit_tests/mcp_service/test_jwt_verifier.py ``` A new test asserts an INFO record is emitted on a successful token load. ### ADDITIONAL INFORMATION - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration - [ ] Introduces new feature or API - [ ] Removes existing feature or API 🤖 Generated with [Claude Code](https://claude.com/claude-code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
