Skip to content

Fix: OAuth callback/token policies and Weather MCP session validation#7

Draft
Bochenski wants to merge 1 commit intomainfrom
fix/mcp-oauth-callback-cosmos-session
Draft

Fix: OAuth callback/token policies and Weather MCP session validation#7
Bochenski wants to merge 1 commit intomainfrom
fix/mcp-oauth-callback-cosmos-session

Conversation

@Bochenski
Copy link
Member

@Bochenski Bochenski commented Sep 14, 2025

Summary

  • Fix 500 on /oauth-callback by removing incorrect Managed Identity assertion and using confidential client_secret for token exchange with Entra.
  • Align /oauth-callback token request scope with configured OAuthScopes to prevent invalid_scope.
  • Fix Cosmos DB partition header used in consent/token flows (x-ms-documentdb-partitionkey) so client lookup works.
  • Update Weather MCP API policy to validate decrypted session ID by checking APIM cache entry EntraToken-{sessionId} instead of a hardcoded string.

User impact

  • MCP client completes the auth code + PKCE flow and receives an access_token from /token.
  • Weather MCP accepts the token in Authorization: Bearer <access_token> and proceeds with the session.

Changes

  • labs/mcp-client-authorization/src/apim-oauth/oauth-callback.policy.xml
    • Replace authentication-managed-identity + client_assertion with client_secret.
    • Use scope from {{OAuthScopes}}; keep redirect_uri={{OAuthCallbackUri}} and code_verifier.
  • labs/mcp-client-authorization/src/apim-oauth/token.policy.xml
    • Use x-ms-documentdb-partitionkey when reading client registration from Cosmos.
  • labs/mcp-client-authorization/src/apim-oauth/consent.policy.xml
    • Use x-ms-documentdb-partitionkey on Cosmos read for client info.
  • labs/mcp-client-authorization/src/weather/apim-mcp-server/policy.xml
    • Validate session by cache-lookup EntraToken-{sessionId}; return 401 if not found/expired.

Why

  • APIM managed identity call in callback used client-id of the app reg, which selects a user-assigned identity; APIM only had system-assigned MI → policy failure → 500.
  • Scope mismatch on callback could cause invalid_scope; now aligned with OAuthScopes used during authorize.
  • Cosmos header name was incorrect for the API; reads failed → "client not found" during consent/token.
  • Hardcoded session check blocked valid tokens; replaced with cache-backed session verification.

Validation

  • Policies pushed to APIM (apim-z5y272qbtsvgi) and verified:
    • /authorize → /oauth-callback → 302 back to MCP client
    • /token → 200 with access_token
    • Weather MCP: Authorization: Bearer <access_token> → accepted

Deployment notes

  • No ARM schema changes; policy updates only. Named values required: EntraIDClientId, EntraIDClientSecret, OAuthScopes, OAuthCallbackUri, EncryptionIV, EncryptionKey.

Follow-ups

  • Optional: adopt MI token-exchange with a UAI + proper token exchange configuration if desired.
  • Optional: adjust OAuthScopes (e.g., add offline_access for refresh tokens).

@Bochenski
MCP OAuth callback + token/consent + Weather MCP policy fixes
2347911 
- Switch oauth-callback token exchange to client_secret; remove MI assertion
- Align token request scope with configured OAuthScopes
- Fix Cosmos DB partition header: x-ms-documentdb-partitionkey
- Weather MCP policy: validate session against APIM cache (EntraToken-{sessionId})
- Keep encryption session model; no functional change to IV/Key NVs

Validated by pushing policies to APIM and re-running flow: 200 token, Weather MCP accepts bearer token.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Bochenski