Skip to content

refactor(app): remove sensitive Authorization header logging from SteamableHttp MCP server #568

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

refactor(app): remove sensitive Authorization header logging from SteamableHttp MCP server #568

wants to merge 1 commit into from

Conversation

DiMalovanyy
Copy link

Description

Authorization decoded secrets is logged freely in kagent app, which is serious security violation.

Example

With GitHub MCP Server I have logged PAT token

2025-06-27 13:22:31.989 | DEBUG    | kagent.tool_servers._streamable_http_mcp_tool_server:discover_tools:23 - Discovering tools from streamable http server: type='StreamableHttpServerParams' url='https://api.githubcopilot.com/mcp/' headers={'Authorization': '<my unencrypted PAT>'} timeout=datetime.timedelta(seconds=30) sse_read_timeout=datetime.timedelta(seconds=300) terminate_on_close=True

Fix

Add config wrapper function that obfuscates Authorization header

peterj
peterj reviewed Jun 27, 2025
View reviewed changes
python/src/kagent/tool_servers/_streamable_http_mcp_tool_server.py
async def discover_tools(self) -> list[Component]:
try:
logger.debug(f"Discovering tools from streamable http server: {self.config}")
logger.debug(f"Discovering tools from streamable http server: {self._sanitize_config(self.config)}")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice!

While you're in this code here -- there's a similar logging statement in the _ssemcptoolserver.py and _stdiomcptoolserver.py -- can you run that through the _sanitize_config as well?

peterj
peterj requested changes Jun 27, 2025
View reviewed changes
Copy link
Collaborator

@peterj peterj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you also fix it in other two types of tool servers?(see my comment)

@EItanya
Copy link
Contributor

EItanya commented Aug 21, 2025

Autogen is gone, closing

@EItanya EItanya closed this Aug 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peterj peterj peterj requested changes

@EItanya EItanya Awaiting requested review from EItanya EItanya is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DiMalovanyy @EItanya @peterj