* refactor(kubernetes): keep Provider as only external Kubernetes interface
Initial phase to unify-merge the Provider interface with the Manager struct.
- Renamed ManagerProvider to Provider (i.e. kubernets.Provider)
- Moved Manager related logic to specific files
- Exposed relevant method through Provider interface (GetDerivedKubernetes, IsOpenShift, VerifyToken)
Signed-off-by: Marc Nuri <marc@marcnuri.com>
* Update pkg/kubernetes/provider_kubeconfig.go
Co-authored-by: Calum Murray <cmurray@redhat.com>
Signed-off-by: Marc Nuri <marc@marcnuri.com>
---------
Signed-off-by: Marc Nuri <marc@marcnuri.com>
Co-authored-by: Calum Murray <cmurray@redhat.com>
Users can now enable or disable different toolsets either by providing
a command-line flag or by setting the toolsets array field in the TOML
configuration.
Downstream Kubernetes API developers can declare toolsets for their
APIs by creating a new nested package in pkg/toolsets and registering
it in pkg/mcp/modules.go
Signed-off-by: Marc Nuri <marc@marcnuri.com>
Initial PR to make the toolsets agnostic of the usd MCP implementation (migration to go-sdk).
The decoupling will also be needed to move the different toolsets to separate nested packages (toolsets).
Signed-off-by: Marc Nuri <marc@marcnuri.com>
As a prior step to providing support for toolsets
this change repurposes the current work in profiles
which partially aligns with the toolsets expected features
Signed-off-by: Marc Nuri <marc@marcnuri.com>
It's unclear how the scopes are going to be populated in the JWT.
Disable scope authorization for the time being.
Signed-off-by: Marc Nuri <marc@marcnuri.com>
Pass correct audience
---
Validate server and authorization url via url.Parse
---
Import go-oidc/v3
---
Wire initialized oidc provider if authorization url is set
---
Wire oidc issuer validation
Introduce require-oauth flag
When this flag is enabled, authorization middleware will be turned on.
When this flag is enabled, Derived which is generated based on the client
token will not be used.
---
Wire Authorization middleware to http mux
This commit adds authorization middleware. Additionally, this commit
rejects the requests if the bearer token is absent in Authorization
header of the request.
---
Add offline token validation for expiration and audience
Per Model Context Protocol specification, MCP Servers must check the
audience field of the token to ensure that they are generated specifically
for them.
This commits parses the JWT token and asserts that audience is correct
and token is not expired.
---
Add online token verification via TokenReview request to API Server
This commit sends online token verification by sending request to
TokenReview endpoint of API Server with the token and expected audience.
If API Server returns the status as authenticated, that means this token
can be used to generate a new ad hoc token for MCP Server.
If API Server returns the status as not authenticated, that means this token
is invalid and MCP Server returns 401 to force the client to initiate OAuth flow.
---
Serve oauth protected resource metadata endpoint
---
Introduce server-url to be represented in protected resource metadata
---
Add error return type in Derived function
---
Return error if error occurs in Derived, when require-oauth
---
Add test cases for authorization-url and server-url
---
Wire server-url to audience, if it is set
---
Remove redundant ssebaseurl parameter from http
Introduce allow/deny tool functionality in toml config
---
Remove duplicate fields that already defined in staticConfig
---
Add unit tests to verify tool valid check
---
Wire staticConfig to fix unit tests
---
Rename to enabled/disabled instead of allowed/denied
refactor(kubernetes): force usage of Derived kubernetes
Prevents consumers of the kubernetes package the usage of
public methods on a non-derived config instance.
---
review(kubernetes): force usage of Derived kubernetes
Addresses comment by ardaguclu
A new configuration options is available: `--list-output`
There are two modes available:
- `yaml`: current default (will be changed in subsequent PR), which returns a multi-document YAML
- `table`: returns a plain-text table as created by the kube-api server when requested with
`Accept: application/json;as=Table;v=v1;g=meta.k8s.io`
Additional logic has been added to the table format to include the apiVersion and kind.
This is not returned by the server, kubectl doesn't include this either.
However, this is extremely handy for the LLM when using the generic resource tools.
feat(auth): Authorize user from custom SSE header
PoC to show how we can propagate an Authorization Bearer token
from the MCP client up to the Kubernetes API by passing a custom
header (Kubernetes-Authorization-Bearer-Token).
A new Derived client is necessary for each request due to the incompleteness
of some of the client-go clients.
This might add some overhead for each prompt.
Ideally, the issue with the discoveryclient and others should be fixed to
allow reading the authorization header from the request context.
To use the feature, the MCP Server still needs to be started with a basic
configuration (either provided InCluster by a service account or locally by
a .kube/config file) so that it's able to infer the server settings.
---
test(auth): added tests to verify header propagation
---
refactor(auth): minor improvements for derived client
Watch kube config files for changes.
Automatically reload kubernetes client and list of tools.
Useful for logins or context changes after an MCP session has started.
BREAKING CHANGE:
mandatory `sse-public-host` CLI option has been renamed to `sse-base-url`
and is now optional.
Users are expected to provide it using the port if necessary:
--sse-base-url http://localhost:8080
