fix(mcp): add auth interceptor with channel user_id and keep header propagation to mcp tools (#3294)

* 修复channel中的user_id传递到interceptor中的bug, mcp可通过header传递user_id到mcp工具 Co-authored-by: Cursor <cursoragent@cursor.com> * fix(channel,mcp,gateway): normalize channel user_id and add regression tests Normalize external channel user ids into filesystem-safe runtime context while preserving raw channel_user_id, and document gateway user_id propagation semantics. Add regression coverage for channel user_id context mapping, gateway user_id precedence/internal-role behavior, and MCP interceptor header forwarding via meta.headers. Co-authored-by: Cursor <cursoragent@cursor.com> * fix(auth,mcp): harden user id normalization and header handling Increase sanitized user-id digest suffix to 16 hex chars, replace internal system role magic string with a shared constant, and harden MCP header forwarding with Mapping type checks. Add regression tests for empty channel user_id handling, unsupported header types, and updated digest length behavior. Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: zhongli <335302680@qq.com> Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-10 09:25:57 +00:00 · 2026-06-03 15:48:19 +08:00
parent 5dc2d6cbf5
commit 3ae82dc663
9 changed files with 309 additions and 4 deletions
@@ -30,6 +30,41 @@ class TestValidateUserId:
            paths.user_dir("")


+class TestMakeSafeUserId:
+    def test_already_safe_id_is_unchanged(self):
+        from deerflow.config.paths import make_safe_user_id
+
+        assert make_safe_user_id("ou_abc-123") == "ou_abc-123"
+        assert make_safe_user_id("123456") == "123456"
+
+    def test_unsafe_chars_are_sanitized_with_stable_suffix(self):
+        from deerflow.config.paths import make_safe_user_id
+
+        result = make_safe_user_id("user@example.com")
+        # Sanitized prefix plus a stable digest of the original.
+        assert result.startswith("user-example-com-")
+        assert len(result.rsplit("-", 1)[1]) == 16
+        assert make_safe_user_id("user@example.com") == result
+
+    def test_sanitized_id_passes_validation(self, paths: Paths):
+        from deerflow.config.paths import make_safe_user_id
+
+        safe = make_safe_user_id("用户/../etc")
+        # Must be usable as a filesystem-scoped bucket without raising.
+        assert paths.user_dir(safe) == paths.base_dir / "users" / safe
+
+    def test_distinct_unsafe_ids_do_not_collide(self):
+        from deerflow.config.paths import make_safe_user_id
+
+        assert make_safe_user_id("a.b") != make_safe_user_id("a/b")
+
+    def test_empty_id_rejected(self):
+        from deerflow.config.paths import make_safe_user_id
+
+        with pytest.raises(ValueError, match="non-empty"):
+            make_safe_user_id("")
+
+
 class TestUserDir:
    def test_user_dir(self, paths: Paths):
        assert paths.user_dir("alice") == paths.base_dir / "users" / "alice"