Skip to content

Commit 3e99e66

Browse files
add mcp allowed
1 parent a9be272 commit 3e99e66

3 files changed

Lines changed: 17 additions & 1 deletion

File tree

Modules/CIPPCore/Public/Authentication/Get-CippApiClient.ps1

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ function Get-CippApiClient {
2020
}
2121
$Apps = Get-CIPPAzDataTableEntity @Table | Where-Object { ![string]::IsNullOrEmpty($_.RowKey) }
2222
$Apps = foreach ($Client in $Apps) {
23-
$Client = $Client | Select-Object -Property @{Name = 'ClientId'; Expression = { $_.RowKey } }, AppName, Role, IPRange, Enabled
23+
$Client = $Client | Select-Object -Property @{Name = 'ClientId'; Expression = { $_.RowKey } }, AppName, Role, IPRange, Enabled, @{Name = 'MCPAllowed'; Expression = { [bool]$_.MCPAllowed } }
2424

2525
if (!$Client.Role) {
2626
$Client.Role = $null

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/CIPP/MCP/Invoke-ExecMcp.ps1

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,20 @@ function Invoke-ExecMcp {
2727
})
2828
}
2929

30+
# Per-client gate: the global 'MCPServer' feature flag lets this endpoint run at all (enforced
31+
# upstream in New-CippCoreRequest); this narrows access to API clients explicitly flagged
32+
# 'MCP Access Allowed'. A non-API-client caller, an unknown client, or one without the flag is denied.
33+
$CallerAppId = $Request.Headers.'x-ms-client-principal-name'
34+
$IsApiClient = $Request.Headers.'x-ms-client-principal-idp' -eq 'aad' -and $CallerAppId -match '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$'
35+
$McpAllowed = if ($IsApiClient) { [bool](Get-CippApiClient -AppId $CallerAppId).MCPAllowed } else { $false }
36+
if (-not $McpAllowed) {
37+
return ([HttpResponseContext]@{
38+
StatusCode = [HttpStatusCode]::Forbidden
39+
Headers = @{ 'Content-Type' = 'application/json' }
40+
Body = (@{ jsonrpc = '2.0'; id = $null; error = @{ code = -32001; message = 'This API client is not permitted to use the MCP server. Enable "MCP Access Allowed" on the API client in CIPP.' } } | ConvertTo-Json -Compress)
41+
})
42+
}
43+
3044
$Rpc = $Request.Body
3145
$RpcId = $Rpc.id
3246

Modules/CIPPHTTP/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecApiClient.ps1

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,7 @@ function Invoke-ExecApiClient {
103103
$Client.Role = [string]$Request.Body.Role.value
104104
$Client.IPRange = "$(@($IpRange) | ConvertTo-Json -Compress)"
105105
$Client.Enabled = $Request.Body.Enabled ?? $false
106+
$Client | Add-Member -NotePropertyName 'MCPAllowed' -NotePropertyValue ([bool]($Request.Body.MCPAllowed ?? $false)) -Force
106107
Write-LogMessage -headers $Request.Headers -API 'ExecApiClient' -message "Updated API client $($Request.Body.ClientId)" -Sev 'Info'
107108
if ($APIConfig.ApplicationSecret) {
108109
$Results.Add(@{
@@ -121,6 +122,7 @@ function Invoke-ExecApiClient {
121122
'Role' = [string]$Request.Body.Role.value
122123
'IPRange' = "$(@($IpRange) | ConvertTo-Json -Compress)"
123124
'Enabled' = $Request.Body.Enabled ?? $false
125+
'MCPAllowed' = [bool]($Request.Body.MCPAllowed ?? $false)
124126
}
125127
$Results.Add(@{
126128
resultText = "API Client created with the name '$($Client.AppName)'. Use the Copy to Clipboard button to retrieve the secret."

0 commit comments

Comments
 (0)