tony/CHORUS
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
007aeb149a45413fc0322954e884e3c163246adc
CHORUS/pkg/seqthink/proxy/server.go
anthonyrawlins 9190c75440 Implement Beat 3: Policy Gate (JWT Authentication) 
This commit completes Beat 3 of the SequentialThinkingForCHORUS implementation,
adding KACHING JWT policy enforcement with scope checking.

## Deliverables

### 1. JWT Validation Package (pkg/seqthink/policy/)

**jwt.go** (313 lines): Complete JWT validation system
- `Validator`: JWT token validation with JWKS fetching
- `Claims`: JWT claims structure with scope support
- JWKS fetching and caching (1-hour TTL)
- RSA public key parsing from JWK format
- Space-separated and array scope formats
- Automatic JWKS refresh on cache expiration

**Features**:
- RS256 signature verification
- Expiration and NotBefore validation
- Required scope checking
- JWKS caching to reduce API calls
- Thread-safe key cache with mutex
- Base64 URL encoding/decoding utilities

**jwt_test.go** (296 lines): Comprehensive test suite
- Valid token validation
- Expired token rejection
- Missing scope detection
- Space-separated scopes parsing
- Not-yet-valid token rejection
- JWKS caching behavior verification
- Invalid JWKS server handling
- 5 test scenarios, all passing

### 2. Authorization Middleware

**middleware.go** (75 lines): HTTP authorization middleware
- Bearer token extraction from Authorization header
- Token validation via Validator
- Policy denial metrics tracking
- Optional enforcement (disabled if no JWKS URL)
- Request logging with subject and scopes
- Clean error responses (401 Unauthorized)

**Integration**:
- Wraps `/mcp/tool` endpoint (both encrypted and plaintext)
- Wraps `/mcp/sse` endpoint (both encrypted and plaintext)
- Health and metrics endpoints remain open (no auth)
- Automatic mode detection based on configuration

### 3. Proxy Server Integration

**Updated server.go**:
- Policy middleware initialization in `NewServer()`
- Pre-fetches JWKS on startup
- Auth wrapper for protected endpoints
- Configuration-based enforcement
- Graceful fallback if JWKS unavailable

**Configuration**:
```go
ServerConfig{
    KachingJWKSURL: "https://auth.kaching.services/jwks",
    RequiredScope:  "sequentialthinking.run",
}
```

If both fields are set → policy enforcement enabled
If either is empty → policy enforcement disabled (dev mode)

## Testing Results

### Unit Tests
```
PASS: TestValidateToken (5 scenarios)
  - valid_token with required scope
  - expired_token rejection
  - missing_scope rejection
  - space_separated_scopes parsing
  - not_yet_valid rejection

PASS: TestJWKSCaching
  - Verifies JWKS fetched only once within cache window
  - Verifies JWKS re-fetched after cache expiration

PASS: TestParseScopes (5 scenarios)
  - Single scope parsing
  - Multiple scopes parsing
  - Extra spaces handling
  - Empty string handling
  - Spaces-only handling

PASS: TestInvalidJWKS
  - Handles JWKS server errors gracefully

PASS: TestGetCachedKeyCount
  - Tracks cached key count correctly
```

**All 5 test groups passed (16 total test cases)**

### Integration Verification

**Without Policy** (development):
```bash
export KACHING_JWKS_URL=""
./build/seqthink-wrapper
# → "Policy enforcement disabled"
# → All requests allowed
```

**With Policy** (production):
```bash
export KACHING_JWKS_URL="https://auth.kaching.services/jwks"
export REQUIRED_SCOPE="sequentialthinking.run"
./build/seqthink-wrapper
# → "Policy enforcement enabled"
# → JWKS pre-fetched
# → Authorization: Bearer <token> required
```

## Security Properties

 **Authentication**: RS256 JWT signature verification
 **Authorization**: Scope-based access control
 **Token Validation**: Expiration and not-before checking
 **JWKS Security**: Automatic key rotation support
 **Metrics**: Policy denial tracking for monitoring
 **Graceful Degradation**: Works without JWKS in dev mode
 **Thread Safety**: Concurrent JWKS cache access safe

## API Flow with Policy

### Successful Request:
```
1. Client → POST /mcp/tool
   Authorization: Bearer eyJhbGci...
   Content-Type: application/age
   Body: <encrypted request>

2. Middleware extracts Bearer token
3. Middleware validates JWT signature (JWKS)
4. Middleware checks required scope
5. Request forwarded to handler
6. Handler decrypts request
7. Handler calls MCP server
8. Handler encrypts response
9. Response sent to client
```

### Unauthorized Request:
```
1. Client → POST /mcp/tool
   (missing Authorization header)

2. Middleware checks for header → NOT FOUND
3. Policy denial metric incremented
4. 401 Unauthorized response
5. Request rejected
```

## Configuration Modes

**Full Security** (Beat 2 + Beat 3):
```bash
export AGE_IDENT_PATH=/etc/seqthink/age.key
export AGE_RECIPS_PATH=/etc/seqthink/age.pub
export KACHING_JWKS_URL=https://auth.kaching.services/jwks
export REQUIRED_SCOPE=sequentialthinking.run
```
→ Encryption + Authentication + Authorization

**Development Mode**:
```bash
# No AGE_* or KACHING_* variables set
```
→ Plaintext, no authentication

## Next Steps (Beat 4)

Beat 4 will add deployment infrastructure:
- Docker Swarm service definition
- Network overlay configuration
- Secret management for age keys
- KACHING integration documentation
- End-to-end testing in swarm

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-13 08:48:42 +11:00

186 lines
5.3 KiB
Go
Raw Blame History

package proxy
import (
"context"
"encoding/json"
"fmt"
"io"
"net/http"
"time"
"chorus/pkg/seqthink/mcpclient"
"chorus/pkg/seqthink/observability"
"chorus/pkg/seqthink/policy"
"github.com/gorilla/mux"
"github.com/rs/zerolog/log"
)
// ServerConfig holds the proxy server configuration
type ServerConfig struct {
MCPClient *mcpclient.Client
Metrics *observability.Metrics
MaxBodyMB int
AgeIdentPath string
AgeRecipsPath string
KachingJWKSURL string
RequiredScope string
}
// Server is the proxy server handling requests
type Server struct {
config ServerConfig
router *mux.Router
authMiddleware *policy.AuthMiddleware
}
// NewServer creates a new proxy server
func NewServer(cfg ServerConfig) (*Server, error) {
s := &Server{
config: cfg,
router: mux.NewRouter(),
}
// Setup policy enforcement if configured
if cfg.KachingJWKSURL != "" && cfg.RequiredScope != "" {
log.Info().
Str("jwks_url", cfg.KachingJWKSURL).
Str("required_scope", cfg.RequiredScope).
Msg("Policy enforcement enabled")
validator := policy.NewValidator(cfg.KachingJWKSURL, cfg.RequiredScope)
// Pre-fetch JWKS
if err := validator.RefreshJWKS(); err != nil {
log.Warn().Err(err).Msg("Failed to pre-fetch JWKS, will retry on first request")
}
s.authMiddleware = policy.NewAuthMiddleware(validator, cfg.Metrics.IncrementPolicyDenials)
} else {
log.Warn().Msg("Policy enforcement disabled - no JWKS URL or required scope configured")
s.authMiddleware = policy.NewAuthMiddleware(nil, cfg.Metrics.IncrementPolicyDenials)
}
// Setup routes
s.setupRoutes()
return s, nil
}
// Handler returns the HTTP handler
func (s *Server) Handler() http.Handler {
return s.router
}
// setupRoutes configures the HTTP routes
func (s *Server) setupRoutes() {
// Health checks (no auth required)
s.router.HandleFunc("/health", s.handleHealth).Methods("GET")
s.router.HandleFunc("/ready", s.handleReady).Methods("GET")
// MCP tool endpoint - route based on encryption config, with auth
if s.isEncryptionEnabled() {
log.Info().Msg("Encryption enabled - using encrypted endpoint")
s.router.Handle("/mcp/tool",
s.authMiddleware.Wrap(http.HandlerFunc(s.handleToolCallEncrypted))).Methods("POST")
} else {
log.Warn().Msg("Encryption disabled - using plaintext endpoint")
s.router.Handle("/mcp/tool",
s.authMiddleware.Wrap(http.HandlerFunc(s.handleToolCall))).Methods("POST")
}
// SSE endpoint - route based on encryption config, with auth
if s.isEncryptionEnabled() {
s.router.Handle("/mcp/sse",
s.authMiddleware.Wrap(http.HandlerFunc(s.handleSSEEncrypted))).Methods("GET")
} else {
s.router.Handle("/mcp/sse",
s.authMiddleware.Wrap(http.HandlerFunc(s.handleSSEPlaintext))).Methods("GET")
}
// Metrics endpoint (no auth required for internal monitoring)
s.router.Handle("/metrics", s.config.Metrics.Handler())
}
// isEncryptionEnabled checks if encryption is configured
func (s *Server) isEncryptionEnabled() bool {
return s.config.AgeIdentPath != "" && s.config.AgeRecipsPath != ""
}
// handleHealth returns 200 OK if wrapper is running
func (s *Server) handleHealth(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte("OK"))
}
// handleReady checks if MCP server is ready
func (s *Server) handleReady(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
if err := s.config.MCPClient.Health(ctx); err != nil {
log.Error().Err(err).Msg("MCP server not ready")
http.Error(w, "MCP server not ready", http.StatusServiceUnavailable)
return
}
w.WriteHeader(http.StatusOK)
w.Write([]byte("READY"))
}
// handleToolCall proxies tool calls to MCP server (plaintext for Beat 1)
func (s *Server) handleToolCall(w http.ResponseWriter, r *http.Request) {
s.config.Metrics.IncrementRequests()
startTime := time.Now()
// Limit request body size
r.Body = http.MaxBytesReader(w, r.Body, int64(s.config.MaxBodyMB)*1024*1024)
// Read request body
body, err := io.ReadAll(r.Body)
if err != nil {
log.Error().Err(err).Msg("Failed to read request body")
s.config.Metrics.IncrementErrors()
http.Error(w, "Failed to read request", http.StatusBadRequest)
return
}
// Parse tool request
var toolReq mcpclient.ToolRequest
if err := json.Unmarshal(body, &toolReq); err != nil {
log.Error().Err(err).Msg("Failed to parse tool request")
s.config.Metrics.IncrementErrors()
http.Error(w, "Invalid request format", http.StatusBadRequest)
return
}
log.Info().
Str("tool", toolReq.Tool).
Msg("Proxying tool call to MCP server")
// Call MCP server
ctx, cancel := context.WithTimeout(r.Context(), 120*time.Second)
defer cancel()
toolResp, err := s.config.MCPClient.CallTool(ctx, &toolReq)
if err != nil {
log.Error().Err(err).Msg("MCP tool call failed")
s.config.Metrics.IncrementErrors()
http.Error(w, fmt.Sprintf("Tool call failed: %v", err), http.StatusInternalServerError)
return
}
// Return response
w.Header().Set("Content-Type", "application/json")
if err := json.NewEncoder(w).Encode(toolResp); err != nil {
log.Error().Err(err).Msg("Failed to encode response")
s.config.Metrics.IncrementErrors()
return
}
duration := time.Since(startTime)
log.Info().
Str("tool", toolReq.Tool).
Dur("duration", duration).
Msg("Tool call completed")
}
Reference in New Issue View Git Blame Copy Permalink