3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-01 16:01:26 +02:00
Code Issues Projects Releases Packages Wiki Activity

mcp: add global runtime flag (#5604)

Browse source 
## Summary

Adds global runtime flag to enable/disable MCP support. (off by
default).

```yaml
runtime_flags:
  mcp: true
```

## Related issues

Fix:
https://linear.app/pomerium/issue/ENG-2367/place-mcp-support-behind-a-runtime-flag

## User Explanation

<!-- How would you explain this change to the user? If this
change doesn't create any user-facing changes, you can leave
this blank. If filled out, add the `docs` label -->

## Checklist

- [x] reference any related issues
- [ ] updated unit tests
- [ ] add appropriate label (`enhancement`, `bug`, `breaking`,
`dependencies`, `ci`)
- [ ] ready for review
This commit is contained in:
Denis Mishin 2025-05-02 16:33:42 -04:00 committed by GitHub
parent d1559eaa86
commit 1a19ccabd8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 100 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

14
authorize/grpc.go
View file

@ -123,13 +123,15 @@ func (a *Authorize) maybeGetSessionFromRequest(
hreq *http.Request,
policy *config.Policy,
) (*session.Session, error) {
if policy.IsMCPServer() {
s, err := a.getMCPSession(ctx, hreq)
if err != nil {
log.Ctx(ctx).Error().Err(err).Msg("error getting mcp session")
return nil, err
if a.currentConfig.Load().Options.IsRuntimeFlagSet(config.RuntimeFlagMCP) {
if policy.IsMCPServer() {
s, err := a.getMCPSession(ctx, hreq)
if err != nil {
log.Ctx(ctx).Error().Err(err).Msg("error getting mcp session")
return nil, err
}
return s, nil
}
return s, nil
}
// attempt to create a session from an incoming idp token