You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cover Serve-path authz and annotation-enrichment omission (#5482)
* Cover Serve-path authz/annotation omission
P2.3 of the vMCP core refactor (epic #5419). The Serve-built *Server
must produce the MCP middleware chain WITHOUT the HTTP authz and
annotation-enrichment layers — authorization moves to the core admission
seam (#5438) — while the still-live server.New path keeps enforcing authz
with no regression.
The nil-guard mechanism already exists: Serve leaves cfg.AuthzMiddleware
nil (buildServeConfig does not map it), so the shared (*Server).Handler
guards at server.go:614/:622 skip both blocks. This change locks that
contract in and corrects forward-reference comments that the revised
plan made stale.
- Add TestServeOmitsAuthzAndAnnotation: a Serve-built server has
config.AuthzMiddleware == nil and still builds its Handler.
- Add TestHandlerAppliesAuthzAndAnnotationOnlyWhenConfigured: the shared
Handler applies both layers iff AuthzMiddleware != nil, proving it
serves both modes and the blocks are not deleted.
- Sync stale #5441 comments: physical removal of the inert blocks moves
to Phase 3 (#5445); the (Authz + optimizer) fail-fast moves to #5442
with the core-enforcement switch; discovery-relocation attribution is
#5442 only.
Physical deletion of the blocks and the optimizer+authz fail-fast are
out of scope here (deferred to #5445 and #5442 respectively), per the
issue's guard-don't-delete strategy.
Closes#5441
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* Address review: drop brittle line numbers in test comment
Fixed issues from code review:
- MEDIUM: TestServeOmitsAuthzAndAnnotation's doc comment cited
server.go:614/:622 for the authz/annotation blocks, but this PR's
own chain-comment addition shifted those lines (:614 now points at
the backend-enrichment guard). Refer to the blocks by their
s.config.AuthzMiddleware != nil guard instead, matching the
production comments and the "Keep Comments Synchronized" rule.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* Address review: comment accuracy and test clarity
Addresses #5482 review comments:
- LOW core/admission.go (3390209836): align AllowToolCall fail-fast note to
future tense — it lands with the core-enforcement switch in #5442
- LOW server/server_test.go (3390209870): set Content-Type so the nil-authz
case reaches the chain representatively instead of a content-negotiation 400
- LOW server/server_test.go (3390209877): name discovery's session-scoped
sessionless pass-through as the load-bearing dependency (by mechanism)
- LOW server/server_test.go (3390209882): drop the goroutine/timeout
scaffolding that never fires — both paths return synchronously
- INFO server/annotation_enrichment.go (3390209888): note the core admission
seam (#5438) reuses the conversion logic, so this copy must stay in lockstep
- INFO server/server_test.go (3390209903): note List/Discover mocks stay
permissive but do not fire on the session-scoped pass-through path
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
0 commit comments