Skip to content

Reload MCP tokens without restart#18

Open
coe0718 wants to merge 2 commits intoghostwright:mainfrom
coe0718:mcp-token-reload
Open

Reload MCP tokens without restart#18
coe0718 wants to merge 2 commits intoghostwright:mainfrom
coe0718:mcp-token-reload

Conversation

@coe0718
Copy link
Copy Markdown
Contributor

@coe0718 coe0718 commented Mar 31, 2026

Fixes #16.

What changed

  • reload MCP bearer tokens from config/mcp.yaml when the file changes instead of freezing the token map at startup
  • use the same file-backed auth behavior for both /mcp and /trigger
  • update CLI output and MCP docs so they show a valid initialize request instead of a bare authenticated curl
  • add regression tests for middleware reloads, late-added MCP tokens, and late-added /trigger tokens

Why

Issue #16 exposed two separate problems on the MCP side:

  • phantom token create could write a valid token that the running server would still reject until restart
  • the docs and CLI examples implied that a bare curl -H "Authorization: Bearer ..." /mcp was a valid way to verify a token, even though the streamable HTTP transport requires an initialize request first

This PR fixes the runtime behavior and the guidance at the same time.

Validation

  • bun run lint
  • bun run typecheck
  • bun test

@coe0718 coe0718 marked this pull request as ready for review March 31, 2026 21:46
imonlinux added a commit to imonlinux/phantom that referenced this pull request Apr 24, 2026
@imonlinux @claude
Fix 21 Nextcloud Talk security and code quality issues
c650e1f 
Complete security review and implementation of fixes for Nextcloud Talk
integration based on comprehensive security audit findings.

HIGH PRIORITY fixes (security-critical):
- ghostwright#1: Implement replay attack protection with LRU cache (5-minute TTL)
- ghostwright#2: Add 64KB request size limit before body buffering
- ghostwright#4: Replace Date.now() with crypto.randomUUID() for unique IDs
- ghostwright#7: Fix JSON unwrap logic for ActivityStreams Note objects
- ghostwright#11: Replace 'Error:' text sniffing with runtime error events

Logic and security fixes:
- ghostwright#3: Fix msgId/msg name collision in error handling
- ghostwright#5: Improve parseConversationId to handle colons in tokens
- ghostwright#6: Reject webhooks without target.id instead of silent fallback
- ghostwright#8: Normalize emoji to avoid variation selector validation issues
- ghostwright#9: Handle 404/409 reaction responses as success conditions
- ghostwright#10: Make setReaction return boolean for proper error handling
- ghostwright#12: Improve bot loop guard with actorId checking

Best practices and polish:
- ghostwright#13: Make port configurable instead of hardcoded 3200
- ghostwright#14: Move webhookPath default normalization to constructor
- ghostwright#15: Fix health check path precedence (check webhook first)
- ghostwright#16: Add exponential backoff retry for 5xx/429 responses
- ghostwright#17: Add URL validation and encoding for talkServer config
- ghostwright#18: Document HMAC signing asymmetry (inbound vs outbound)
- ghostwright#20: Import randomUUID explicitly from node:crypto
- ghostwright#21: Add reactions: true to channel capabilities
- ghostwright#22: Namespace environment variables with NEXTCLOUD_ prefix

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
imonlinux added a commit to imonlinux/phantom that referenced this pull request Apr 26, 2026
@imonlinux
Fix ghostwright#19: Add comprehensive test coverage for Nextcloud Tal…
6717aec 
…k adapter

Implements full test suite for nextcloud.ts addressing all critical areas
identified in the nextcloud-talk-review document. 943 lines of tests
covering security, functionality, and edge cases.

Test coverage by category:

1. Signature verification (Fix ghostwright#1, ghostwright#18) - Security Critical
   - Valid HMAC signature acceptance
   - Invalid HMAC signature rejection
   - Replay attack protection via nonce cache
   - Nonce cache size limits (1000 entries, FIFO eviction)
   - Nonce expiration and periodic pruning (5-minute TTL)
   - Asymmetric signing (inbound: random+body, outbound: random+content)

2. Request size limits (Fix ghostwright#2) - Security Critical
   - Content-Length validation before buffering
   - Double-check after reading (missing Content-Length)
   - 64 KB limit enforcement (Nextcloud caps at 32k chars)

3. JSON unwrapping (Fix ghostwright#7) - Functionality Critical
   - ActivityStreams Note objects unwrap correctly
   - Plain text passes through unchanged
   - Literal JSON-like text not corrupted (only Note type unwraps)
   - Invalid JSON fallback to plain text

4. parseConversationId (Fix ghostwright#5) - Correctness Critical
   - Valid conversationId format parsing
   - Missing prefix returns null
   - Tokens containing colons handled correctly (indexOf+slice)
   - Thread-scoped ID to room token extraction

5. Bot loop guard (Fix ghostwright#12) - Multi-Bot Safety
   - Application actor filtering (actorType === "Application")
   - Self-filtering (actorId === config.botId)
   - Person messages processed normally
   - Multi-bot room scenarios

6. Retry and backoff (Fix ghostwright#16) - Resilience
   - 429 rate limiting with Retry-After header
   - 5xx server errors with exponential backoff + jitter
   - Network error retry logic
   - Non-retryable 4xx handling

7. Reaction error handling (Fix ghostwright#9)
   - 404 on remove treated as success
   - 409 on add treated as success
   - 5xx retry for reaction operations

8. URL validation and encoding (Fix ghostwright#17)
   - talkServer scheme removal (http://, https://)
   - Trailing slash removal
   - URL-encoding of roomToken and messageId

9. Target validation (Fix ghostwright#6)
   - Missing target.id rejection (no silent fallback)

10. Emoji normalization (Fix ghostwright#8)
    - Variation selector removal (U+26A0 vs U+26A0 U+FE0F)

11. Unique message IDs (Fix ghostwright#4)
    - crypto.randomUUID() vs Date.now()
    - Uniqueness across concurrent calls

12. Config normalization (Fix ghostwright#13, ghostwright#14)
    - webhookPath default in constructor
    - Configurable port
    - Session window configuration

13. Health check (Fix ghostwright#15)
    - Path precedence (webhook before health)

14. Message ID extraction
    - Numeric and string ID handling
    - Missing ID handling

15. Time-window session coalescing
    - Recent session continuation
    - New session creation
    - Parent message ID handling

16. Capabilities declaration (Fix ghostwright#21)
    - reactions: true declared

All tests use bun:test with mocked dependencies and follow existing
patterns from webhook.test.ts, slack.test.ts, and email.test.ts.

Related: nextcloud-talk-review.md Issue ghostwright#19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Slack connection doesn't initialize properly and Claude Code tokens are invalid

2 participants

@coe0718 @mcheemaa