Skip to content

Fix hosted MCP credential pass-through#4

Merged
kiliantyler merged 2 commits into
mainfrom
codex/plane-mcp-pass-through-auth
Jul 6, 2026
Merged

Fix hosted MCP credential pass-through#4
kiliantyler merged 2 commits into
mainfrom
codex/plane-mcp-pass-through-auth

Conversation

@kiliantyler

Copy link
Copy Markdown
Contributor

Summary

  • Make hosted MCP use Plane credentials from each incoming request (Authorization: Bearer ... or X-API-Key) instead of server-owned credentials.
  • Ignore stored Plane credentials when request credentials are present and synthesize workspace metadata from the requested workspace slug when no server config exists.
  • Block credential-persistence auth tools in hosted MCP mode.
  • Keep docs/ ignored locally.

Verification

  • bun run test
  • bunx tsc --noEmit --pretty false
  • bun run lint
  • bun run build
  • docker build -t plane-cli-mcp:test .
  • actionlint -config-file .github/actionlint.yaml .github/workflows/ci.yml .github/workflows/container.yml

JSON Contract Impact

  • No change to agent-facing JSON output
  • JSON output changed and README/tests were updated

@kiliantyler
kiliantyler merged commit 4dac9dc into main Jul 6, 2026
4 checks passed
@kiliantyler
kiliantyler deleted the codex/plane-mcp-pass-through-auth branch July 6, 2026 03:20

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ba28758e5f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/lib/config.ts
Comment on lines +230 to +231
const resolvedAuth =
options.planeAuth ?? (envApiKey ? { type: "apiKey" as const, apiKey: envApiKey } : auth);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Guard request credentials against repo-local base URLs

When hosted MCP passes options.planeAuth from the incoming Authorization/X-API-Key header, this branch applies it before the existing shouldApplyEnvApiKey protection for repo-local configs. If the server cwd points at a checkout containing a .plane-cli.yaml workspace with baseUrl: https://attacker.example, any tool call for that workspace will send the user's request Plane token/API key to that repo-controlled URL. Please apply the same repo-local base-url trust check to request credentials, or ignore repo-local custom base URLs in hosted mode.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant