feat: Add OpenTelemetry W3C Baggage support for distributed tracing (#4008)

* feat: add OTEL root and client spans for MCP flows

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* feat: extend OTEL MCP client trace lifecycle

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* feat: implement OpenTelemetry baggage header extraction (GitHub #3976)

Implements HTTP header-to-baggage conversion for distributed tracing with strict security controls:

**Core Features:**
- Dual trust model: UNTRUSTED headers (strict allowlist) vs TRUSTED baggage (permissive)
- Size limits (32 items, 8KB) apply ONLY to header-derived baggage
- Default behavior: capture as span attributes only
- Downstream propagation requires explicit opt-in via config flag

**Implementation:**
- mcpgateway/baggage.py: Core validation, parsing, and conversion logic
- mcpgateway/middleware/baggage_middleware.py: ASGI middleware for extraction
- mcpgateway/config.py: 7 new configuration fields with Pydantic validation
- mcpgateway/main.py: Middleware registration after OpenTelemetryRequestMiddleware
- mcpgateway/observability.py: Auto-inject baggage as span attributes, conditional propagation

**Security:**
- Reuses existing sanitize_header_value() and ALLOWED_HEADERS_REGEX
- Strict allowlist (only configured headers processed)
- CRLF injection prevention
- Size limits enforced (DoS prevention)
- Audit logging for rejected headers
- Fail-closed on errors

**Configuration:**
- OTEL_BAGGAGE_ENABLED: Enable/disable feature (default: false)
- OTEL_BAGGAGE_HEADER_MAPPINGS: JSON array of header-to-baggage mappings
- OTEL_BAGGAGE_PROPAGATE_TO_EXTERNAL: Enable downstream propagation (default: false)
- OTEL_BAGGAGE_MAX_ITEMS: Max items from headers (default: 32)
- OTEL_BAGGAGE_MAX_SIZE_BYTES: Max total size (default: 8192)
- OTEL_BAGGAGE_LOG_REJECTED: Log rejected headers (default: true)
- OTEL_BAGGAGE_LOG_SANITIZATION: Log sanitization events (default: true)

**Testing:**
- 44 unit tests (baggage.py logic)
- 13 integration tests (middleware flow)
- 6 E2E tests (full tracing flow)
- 18 security tests (deny-path scenarios)

Closes #3976

Signed-off-by: Bob Shell <bob@contextforge.ai>
Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* fix: correct middleware order and inject baggage into request spans

- Swap BaggageMiddleware and OpenTelemetryRequestMiddleware registration order
  (ASGI executes in reverse, so baggage must be set before span creation)
- Add baggage injection to OpenTelemetryRequestMiddleware request spans
- Update FastTimeUser load test to include baggage test headers
- Add baggage configuration documentation to .env.example

This ensures baggage attributes appear in all spans, including the root
request span created by OpenTelemetryRequestMiddleware.

Signed-off-by: Bob Shell <bob@example.com>
Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* fix: finalize otel baggage header extraction rebase

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* chore: update test artifacts and documentation

- Update .secrets.baseline
- Refine baggage implementation and tests
- Update observability documentation

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* feat: enhance baggage configuration with comprehensive examples and security documentation

- Add structured section header with clear delineation
- Document common use cases (multi-tenant, user context, request correlation, feature flags, security)
- Provide 4 comprehensive configuration examples with multiple header mappings
- Add detailed security implications for OTEL_BAGGAGE_PROPAGATE_TO_EXTERNAL
- Include guidance on when to enable external propagation and alternatives
- Enhance descriptions for OTEL_BAGGAGE_MAX_ITEMS and OTEL_BAGGAGE_MAX_SIZE_BYTES with W3C spec references

Addresses PR feedback for comprehensive baggage configuration documentation.

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* fix: correct mock patch location in baggage tracing E2E tests

- Patch get_settings in mcpgateway.observability module where it's used
- Previously patched mcpgateway.config.get_settings which didn't affect the imported reference
- Fixes test_baggage_propagated_to_downstream and test_baggage_sanitized_before_propagation

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>

* test: add comprehensive coverage for baggage middleware main flow

- Add test_baggage_middleware_main_flow.py with 7 tests covering lines 210-237
- Add test_baggage_middleware_comprehensive.py with 5 additional middleware tests
- Add test_baggage_middleware_coverage.py with 7 edge case tests
- Add test_baggage_middleware_final.py with 3 integration-style tests
- Add test_baggage_parsing.py with 2 supplementary parsing edge case tests
- Add test_observability_baggage_exceptions.py for baggage exception handling
- Add test_auth_coverage.py, test_main_baggage_coverage.py, test_main_module_init.py, test_observability_coverage.py for additional coverage
- Update test_baggage.py with improved formatting and structure
- Update mcpgateway/observability.py with formatting improvements
- Achieve 94% coverage for baggage_middleware.py (up from 71%)
- Achieve 99% coverage for baggage.py
- All 26 new/updated tests passing

Remaining coverage gaps (6% in baggage_middleware.py, 1% in baggage.py) are defensive exception paths that are difficult to trigger in unit tests without mocking internal library behavior.

Closes coverage gaps identified in diff-cover report for baggage-related files.

Signed-off-by: Jonathan Springer <jps@s390x.com>

---------

Signed-off-by: Vishu Bhatnagar <vishu.bhatnagar@ibm.com>
Signed-off-by: Bob Shell <bob@contextforge.ai>
Signed-off-by: Bob Shell <bob@example.com>
Signed-off-by: Jonathan Springer <jps@s390x.com>
Co-authored-by: Jonathan Springer <jps@s390x.com>

Author: vishu-bh

.env.example

@@ -2367,6 +2367,120 @@ OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317
 # OTEL_BSP_MAX_EXPORT_BATCH_SIZE=512
 # OTEL_BSP_SCHEDULE_DELAY=5000
 
+# =============================================================================
+# W3C Baggage Configuration
+# =============================================================================
+# OpenTelemetry baggage allows propagating context across service boundaries.
+# Use this to extract HTTP headers into baggage for distributed tracing.
+#
+# Common use cases:
+# - Multi-tenant request tracking (tenant IDs, organization IDs)
+# - User context propagation (user IDs, session IDs)
+# - Request correlation (trace IDs, request IDs)
+# - Feature flags and A/B testing metadata
+# - Security context (authentication realm, authorization scope)
+
+# Enable extraction of HTTP headers into OpenTelemetry baggage
+# Options: true, false (default)
+# When enabled, headers matching OTEL_BAGGAGE_HEADER_MAPPINGS are extracted
+# and attached to the current span's baggage for downstream propagation
+# OTEL_BAGGAGE_ENABLED=false
+
+# JSON array mapping HTTP headers to baggage keys
+# Format: [{"header_name": "X-Header", "baggage_key": "baggage.key"}]
+#
+# IMPORTANT: Baggage keys should use dot notation for namespacing
+# Recommended prefixes: tenant., user., request., feature., security.
+#
+# Example 1: Basic multi-tenant tracking
+# OTEL_BAGGAGE_HEADER_MAPPINGS='[
+#   {"header_name": "X-Tenant-ID", "baggage_key": "tenant.id"},
+#   {"header_name": "X-Organization-ID", "baggage_key": "tenant.org_id"}
+# ]'
+#
+# Example 2: User context and request correlation
+# OTEL_BAGGAGE_HEADER_MAPPINGS='[
+#   {"header_name": "X-User-ID", "baggage_key": "user.id"},
+#   {"header_name": "X-User-Email", "baggage_key": "user.email"},
+#   {"header_name": "X-Session-ID", "baggage_key": "user.session_id"},
+#   {"header_name": "X-Request-ID", "baggage_key": "request.id"},
+#   {"header_name": "X-Correlation-ID", "baggage_key": "request.correlation_id"}
+# ]'
+#
+# Example 3: Comprehensive tracking (multi-tenant + user + features)
+# OTEL_BAGGAGE_HEADER_MAPPINGS='[
+#   {"header_name": "X-Tenant-ID", "baggage_key": "tenant.id"},
+#   {"header_name": "X-Tenant-Name", "baggage_key": "tenant.name"},
+#   {"header_name": "X-User-ID", "baggage_key": "user.id"},
+#   {"header_name": "X-User-Role", "baggage_key": "user.role"},
+#   {"header_name": "X-Request-ID", "baggage_key": "request.id"},
+#   {"header_name": "X-Feature-Flags", "baggage_key": "feature.flags"},
+#   {"header_name": "X-AB-Test-Variant", "baggage_key": "feature.ab_variant"}
+# ]'
+#
+# Example 4: Security and compliance tracking
+# OTEL_BAGGAGE_HEADER_MAPPINGS='[
+#   {"header_name": "X-Auth-Realm", "baggage_key": "security.realm"},
+#   {"header_name": "X-Auth-Scope", "baggage_key": "security.scope"},
+#   {"header_name": "X-Client-IP", "baggage_key": "security.client_ip"},
+#   {"header_name": "X-Forwarded-For", "baggage_key": "security.forwarded_for"},
+#   {"header_name": "X-Compliance-Level", "baggage_key": "security.compliance_level"}
+# ]'
+
+# Propagate baggage to external services
+# Options: true, false (default: false)
+#
+# ⚠️  SECURITY WARNING: DISABLED BY DEFAULT FOR GOOD REASON ⚠️
+#
+# When enabled, baggage is propagated to ALL external HTTP requests made by
+# the gateway, including:
+# - Upstream MCP servers
+# - External APIs and webhooks
+# - Third-party services
+# - Plugin endpoints
+#
+# SECURITY IMPLICATIONS:
+# 1. DATA LEAKAGE: Baggage may contain sensitive tenant/user identifiers that
+#    external services should NOT receive. This can leak:
+#    - Internal tenant IDs and organizational structure
+#    - User identifiers and session tokens
+#    - Internal request correlation IDs
+#    - Feature flags revealing your product roadmap
+#
+# 2. COMPLIANCE VIOLATIONS: Propagating user data to third parties without
+#    consent may violate GDPR, CCPA, HIPAA, or other regulations.
+#
+# 3. ATTACK SURFACE: Malicious external services could harvest baggage data
+#    to map your internal architecture or user base.
+#
+# 4. TRUST BOUNDARY: External services are outside your security perimeter.
+#    Baggage should only cross trust boundaries when explicitly required.
+#
+# WHEN TO ENABLE:
+# - Only enable if you control ALL external services the gateway calls
+# - Use allowlists to restrict which external hosts receive baggage
+# - Audit external service access to baggage data
+# - Document which external services receive what baggage keys
+# - Consider using separate baggage keys for internal vs external propagation
+#
+# ALTERNATIVES TO CONSIDER:
+# - Use service-specific headers instead of baggage for external calls
+# - Implement a baggage filtering proxy for external requests
+# - Use separate observability backends for internal vs external traces
+#
+# OTEL_BAGGAGE_PROPAGATE_TO_EXTERNAL=false
+
+# Maximum number of baggage items (default: 32)
+# Prevents unbounded baggage growth and DoS attacks
+# W3C Baggage spec recommends keeping this low for performance
+# OTEL_BAGGAGE_MAX_ITEMS=32
+
+# Maximum total baggage size in bytes (default: 8192)
+# Total size of all baggage key-value pairs combined
+# Prevents header size attacks and network overhead
+# W3C Baggage spec recommends 8KB limit for HTTP header compatibility
+# OTEL_BAGGAGE_MAX_SIZE_BYTES=8192
+
 # Prometheus Metrics Configuration
 # Enable Prometheus-compatible metrics endpoint at /metrics/prometheus
 # Options: true, false (default)

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2026-04-07T19:15:04Z",
+  "generated_at": "2026-04-07T19:59:03Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -9166,7 +9166,7 @@
         "hashed_secret": "ff37a98a9963d347e9749a5c1b3936a4a245a6ff",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2179,
+        "line_number": 2221,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -18920,31 +18920,31 @@
         "hashed_secret": "d033e22ae348aeb5660fc2140aec35850c4da997",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 3784,
+        "line_number": 3792,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "d73bccb432c5c7b1b166cfa603b3b99af63fd580",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 6627,
+        "line_number": 6635,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "20d22126242b5c7e253d84dd6ff0ed7a6d2662a2",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 6983,
+        "line_number": 6991,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 7007,
+        "line_number": 7015,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -21436,55 +21436,55 @@
         "hashed_secret": "9fb7fe1217aed442b04c0f5e43b5d5a7d3287097",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2870,
+        "line_number": 2871,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "72cb70dbbafe97e5ea13ad88acd65d08389439b0",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 3498,
+        "line_number": 3499,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "ee977806d7286510da8b9a7492ba58e2484c0ecc",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 5777,
+        "line_number": 5778,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "f2e7745f43b0ef0e2c2faf61d6c6a28be2965750",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 6269,
+        "line_number": 6270,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "4a249743d4d2241bd2ae085b4fe654d089488295",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 7514,
+        "line_number": 7515,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "0c8d051d3c7eada5d31b53d9936fce6bcc232ae2",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 7652,
+        "line_number": 7653,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "f2b14f68eb995facb3a1c35287b778d5bd785511",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 8029,
+        "line_number": 8030,
         "type": "Secret Keyword",
         "verified_result": null
       }