github/genai-toolbox
1
0
Fork 0
mirror of https://github.com/googleapis/genai-toolbox.git synced 2026-01-09 07:28:05 -05:00
Code Issues Packages Projects Releases 14 Wiki Activity

fix: prevent tool calls through MCP when auth is required (#544)

Browse Source 
MCP does not support the `authRequired` feature. Disallow all MCP Tool
call to Tools with `authRequired` set.

Fixes: https://github.com/googleapis/genai-toolbox/issues/543
This commit is contained in:
Wenxin Du
2025-05-07 15:24:13 -04:00
committed by GitHub
parent 8834a36445
commit e747b6e289
2 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/server/mcp.go
View File

@@ -346,6 +346,13 @@ func mcpHandler(s *Server, w http.ResponseWriter, r *http.Request) {
}
s.logger.DebugContext(ctx, fmt.Sprintf("invocation params: %s", params))
if !tool.Authorized([]string{}) {
err = fmt.Errorf("unauthorized Tool call: `authRequired` is set for the target Tool")
s.logger.DebugContext(ctx, err.Error())
res = newJSONRPCError(baseMessage.Id, mcp.INVALID_REQUEST, err.Error(), nil)
break
}
result := mcp.ToolCall(ctx, tool, params)
res = mcp.JSONRPCResponse{
Jsonrpc: mcp.JSONRPC_VERSION,