Skip to content

auth: add Scopes allowlist to AuthorizationCodeHandlerConfig#1044

Open
toabctl wants to merge 1 commit into
modelcontextprotocol:mainfrom
toabctl:authcode-scopes-override
Open

auth: add Scopes allowlist to AuthorizationCodeHandlerConfig#1044
toabctl wants to merge 1 commit into
modelcontextprotocol:mainfrom
toabctl:authcode-scopes-override

Conversation

@toabctl

@toabctl toabctl commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Summary

The authorization-code handler requests every scope advertised in the protected resource's metadata scopes_supported (or named in the WWW-Authenticate challenge), and offers the caller no way to narrow that set. Some servers advertise a scope a client should not request:

Because the handler requests the full advertised set, gmail.metadata ends up in the grant and breaks search, with no client-side remedy.

Change

Add an optional Scopes []string field to AuthorizationCodeHandlerConfig. When non-empty, the discovered scopes are intersected with it (order preserved). Semantics chosen to be safe:

  • An empty intersection is ignored, so a misconfigured allowlist can never leave the client requesting an empty scope set.
  • Filtering is applied before the offline_access (SEP-2207) and step-up union (SEP-2350) logic, so refresh-token support and scope accumulation are unaffected.

Test

TestAuthorize_ScopesAllowlist drives a full authorize flow and asserts the requested scope parameter: filtered-to-allowlist, empty-intersection-fail-open, and no-allowlist-unchanged. go test ./auth/..., go vet, and gofmt are clean.

🤖 Generated with Claude Code

The authorization-code handler requests every scope advertised in the
protected resource's metadata (or named in the WWW-Authenticate challenge),
with no way for a client to narrow that set. Some servers advertise a scope a
client should not request: Gmail's MCP server lists gmail.metadata, and the
Gmail API refuses the search "q" parameter on any token carrying gmail.metadata
even when gmail.readonly is also granted.

Add an optional Scopes field that, when non-empty, intersects the discovered
scopes with the allowlist (order preserved). An empty intersection is ignored
so a misconfigured allowlist never leaves the client requesting no scopes;
offline_access is applied after filtering and so is unaffected.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@toabctl toabctl force-pushed the authcode-scopes-override branch from 06621c6 to 5d1b260 Compare July 1, 2026 07:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant