fix(mcp): require MCP_JWT_AUDIENCE when MCP JWT auth is enabled

[rusackas]

SUMMARY

When the MCP service has JWT auth enabled (MCP_AUTH_ENABLED=True), the audience claim was only validated if MCP_JWT_AUDIENCE happened to be set. With it unset, the verifier was built with audience validation skipped, so any otherwise-valid token from the same issuer was accepted regardless of which service it was minted for.

This makes audience configuration a required precondition for MCP JWT auth so tokens are correctly bound to this service:

• The default auth factory (create_default_mcp_auth_factory) now raises a dedicated MCPAuthConfigError when MCP_AUTH_ENABLED is true but MCP_JWT_AUDIENCE is unset.
• The server bootstrap (_create_auth_provider) re-raises that error rather than swallowing it. This matters because a swallowed build error returns a None provider, and the start path treats auth_provider is None as "auth disabled" — i.e. the service would otherwise come up unauthenticated. Failing closed makes the misconfiguration a fast, explicit startup error instead.
• API-key-only deployments (JWT auth disabled) are unaffected and do not require an audience.

The check is placed at the config/bootstrap layer so it covers both verifier variants (MCPJWTVerifier and DetailedJWTVerifier) uniformly.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

N/A — backend configuration behavior.

TESTING INSTRUCTIONS

Unit tests added in tests/unit_tests/mcp_service/test_mcp_config.py and tests/unit_tests/mcp_service/test_mcp_server.py:

• MCP_AUTH_ENABLED=True without MCP_JWT_AUDIENCE raises MCPAuthConfigError.
• API-key-only auth does not require an audience.
• JWT auth with an audience set builds the verifier as before.
• _create_auth_provider propagates MCPAuthConfigError instead of returning None.

Manual: start the MCP service with MCP_AUTH_ENABLED=True and MCP_JWT_AUDIENCE unset → startup fails with a clear message. Set MCP_JWT_AUDIENCE → starts normally.

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

Note: this is a backwards-incompatible change for deployments that enable MCP JWT auth without an audience; documented in UPDATING.md.

[bito-code-review]

Code Review Agent Run #7d21cf

Actionable Suggestions - 0

Review Details

• Files reviewed - 4 · Commit Range: 0475416..0475416

  • superset/mcp_service/mcp_config.py
  • superset/mcp_service/server.py
  • tests/unit_tests/mcp_service/test_mcp_config.py
  • tests/unit_tests/mcp_service/test_mcp_server.py
• Files skipped - 1

  • UPDATING.md - Reason: Filter setting
• Tools

  • Whispers (Secret Scanner) - ✔︎ Successful
  • Detect-secrets (Secret Scanner) - ✔︎ Successful
  • MyPy (Static Code Analysis) - ✔︎ Successful
  • Astral Ruff (Static Code Analysis) - ✔︎ Successful

---

Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

• /review - Manually triggers a full AI review.

• /pause - Pauses automatic reviews on this pull request.

• /resume - Resumes automatic reviews.

• /resolve - Marks all Bito-posted review comments as resolved.

• /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.

Documentation & Help

• Customize agent settings
• Review rules
• General documentation
• FAQ

AI Code Review powered by

[codecov]

Codecov Report

❌ Patch coverage is 20.00000% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 64.44%. Comparing base (0667ba6) to head (375bbb9).

Files with missing lines	Patch %	Lines
superset/mcp_service/mcp_config.py	33.33%	2 Missing ⚠️
superset/mcp_service/server.py	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #41292      +/-   ##
==========================================
+ Coverage   55.71%   64.44%   +8.72%     
==========================================
  Files        2655     2655              
  Lines      145486   145487       +1     
  Branches    33584    33583       -1     
==========================================
+ Hits        81055    93753   +12698     
+ Misses      63690    50031   -13659     
- Partials      741     1703     +962     

Flag	Coverage Δ
hive	39.24% <20.00%> (-0.01%)	⬇️
mysql	58.00% <20.00%> (?)
postgres	58.06% <20.00%> (?)
presto	40.82% <20.00%> (-0.01%)	⬇️
python	59.50% <20.00%> (+18.61%)	⬆️
sqlite	57.72% <20.00%> (?)
unit	100.00% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sha174n]

Verified: when JWT auth is enabled and the audience is unset, the verifier factory now raises and the bootstrap re-raises before the broad except, so the service fails closed at startup rather than starting with an unset audience. API-key-only deployments are unaffected. Tests cover all branches and UPDATING.md is documented. LGTM.

[bito-code-review]

Bito Automatic Review Skipped – PR Already Merged

Bito scheduled an automatic review for this pull request, but the review was skipped because this PR was merged before the review could be run.
No action is needed if you didn't intend to review it. To get a review, you can type /review in a comment and save it