fix(mcp): pass SSRF-guarded fetch into OAuth callback token exchange#5399
Conversation
Mirrors the same wiring already used by probe.ts and revoke.ts, so the callback's token-exchange request goes through the same guarded fetch as the rest of the OAuth flow.
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryMedium Risk Overview A new Reviewed by Cursor Bugbot for commit e14076b. Configure here. |
Summary
mcpAuth(...)) was calling the MCP SDK'sauth()without afetchFn, so it defaulted to the globalfetchfor the token-endpoint request.apps/sim/lib/mcp/oauth/probe.tsandapps/sim/lib/mcp/oauth/revoke.tsalready wirecreateSsrfGuardedMcpFetch()into their outbound requests — this route was just missing the same guard.fetchFn: createSsrfGuardedMcpFetch()alongside the existingserverUrl/authorizationCodeoptions, matching the established pattern exactly.Type of Change
Testing
apps/sim/app/api/mcp/oauth/callback/route.test.tscovering that the token exchange call passes the guarded fetch instance through tomcpAuth, alongside the existingserverUrl/authorizationCodeargs.bun vitest runon the new test file and the siblingstart/route.test.ts— both pass.bun run check:api-validation,bun run type-check, andbunx biome checkall pass.Checklist