r/mnemosyne
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(mcp): disable audience verification in resolve_mcp_jwt
All checks were successful
CVE Scan & Docker Build / security-scan (push) Successful in 50s
Details
CVE Scan & Docker Build / build-and-push (push) Successful in 2m16s
Details

Browse Source 
Team JWTs include `aud=mnemosyne` while per-turn JWTs omit `aud`
entirely. Since `iss` + `typ` already partition the two token
populations, explicitly skip audience verification to avoid rejecting
valid tokens.

Also expand test coverage for the MCP auth surface to exercise all
three credential types (opaque MCPToken, per-turn JWT, team JWT),
including replay cache behavior and Neo4j-backed library resolution
via mocked cypher queries.
This commit is contained in:
Robert Helewka
2026-05-10 12:32:58 -04:00
parent 16fb7ff4dc
commit 6a4fecf488
7 changed files with 1394 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
mnemosyne/mcp_server/auth.py
View File

@@ -222,7 +222,14 @@ def resolve_mcp_jwt(token_string: str) -> dict:
secret,
algorithms=["HS256"],
leeway=_JWT_LEEWAY_SECONDS,
options={"require": ["exp", "iat", "iss", "sub", "jti"]},
options={
"require": ["exp", "iat", "iss", "sub", "jti"],
# Team JWTs carry ``aud=mnemosyne`` for informational
# purposes; per-turn JWTs omit ``aud`` entirely. We
# don't enforce either shape because ``iss`` + ``typ``
# already partition the two token populations.
"verify_aud": False,
},
# ``issuer=`` accepts ``str | Iterable[str]`` and raises
# ``InvalidIssuerError`` if the claim is outside the set.
issuer=list(_JWT_ISS_VALUES),