Skip to content

fix(mcp): resolve userId before JWT generation for agent block auth#3932

Merged
waleedlatif1 merged 2 commits intostagingfrom
waleedlatif1/fix-mcp-agent-auth
Apr 4, 2026
Merged

fix(mcp): resolve userId before JWT generation for agent block auth#3932
waleedlatif1 merged 2 commits intostagingfrom
waleedlatif1/fix-mcp-agent-auth

Conversation

@waleedlatif1
Copy link
Copy Markdown
Collaborator

@waleedlatif1 waleedlatif1 commented Apr 4, 2026
edited
Loading

Summary

  • MCP tools called from Agent blocks fail with "Authentication failed" because the internal JWT is generated without userId
  • The security hardening in fix(security): harden auth, SSRF, injection, and CORS across API routes #3792 removed the query-param fallback for userId in auth, but executeMcpTool was relying on that fallback when executionContext isn't passed (agent block path)
  • Fix: resolve tool scope (which reads params._context.userId) before generating the JWT token, so userId is embedded in the token itself

Fixes #3922

Type of Change

  • Bug fix

Testing

Tested manually

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

@vercel
Copy link
Copy Markdown

vercel bot commented Apr 4, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment
Project Deployment Actions Updated (UTC)
docs Skipped Skipped Apr 4, 2026 2:01am

Request Review

@cursor
Copy link
Copy Markdown

cursor bot commented Apr 4, 2026
edited
Loading

PR Summary

Medium Risk
Adjusts internal auth token generation for MCP tool execution; incorrect user scoping could break MCP calls or inadvertently authenticate as the wrong user if scope resolution is wrong.

Overview
Fixes MCP tool auth for agent block executions by resolving ToolExecutionScope (including params._context.userId) before calling generateInternalToken, ensuring the JWT embeds the correct userId even when executionContext is missing.

Adds a unit test that mocks generateInternalToken and asserts it is invoked with the _context.userId when executing an MCP tool without an explicit executionContext.

Reviewed by Cursor Bugbot for commit f182eb5. Configure here.

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Apr 4, 2026
edited
Loading

Greptile Summary

This PR fixes a bug where MCP tools called from Agent blocks would fail authentication because generateInternalToken was called with executionContext?.userId before resolveToolScope had been invoked — meaning the fallback to params._context.userId (the agent block path) was never reached. The fix is a minimal 3-line reorder: resolveToolScope(params, executionContext) is now called before JWT generation so mcpScope.userId is properly populated from either the execution context or the _context param embedded by the agent block. A targeted regression test is also added that verifies generateInternalToken receives the correct userId when executionContext is undefined.

Key changes:

  • apps/sim/tools/index.ts: Moved resolveToolScope call above JWT token generation so mcpScope.userId is resolved from params._context.userId when executionContext is absent (agent block path).
  • apps/sim/tools/index.test.ts: Added regression test inside describe('MCP Tool Execution') that calls executeTool with _context.userId but no executionContext, asserting mockGenerateInternalToken is called with the correct user ID.

Confidence Score: 5/5

Safe to merge — the fix is correct, minimal, and well-tested with a focused regression test.

The change is a 3-line reorder with no new logic: moving resolveToolScope above JWT generation so the fallback to params._context.userId is exercised. The regression test directly validates the fixed behavior. No P0/P1 concerns remain.

No files require special attention.

Important Files Changed

Filename Overview
apps/sim/tools/index.ts Minimal reorder fix: resolveToolScope now executes before generateInternalToken, correctly populating mcpScope.userId from params._context.userId in the agent block path.
apps/sim/tools/index.test.ts Regression test added in the MCP Tool Execution describe block; verifies generateInternalToken receives the correct userId from params._context when executionContext is undefined, following the project's established hoisted-mock pattern.

Reviews (2): Last reviewed commit: "test(mcp): add regression test for agent..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps bot reviewed Apr 4, 2026
View reviewed changes
@waleedlatif1
Copy link
Copy Markdown
Collaborator Author

waleedlatif1 commented Apr 4, 2026

@greptile

@waleedlatif1
Copy link
Copy Markdown
Collaborator Author

waleedlatif1 commented Apr 4, 2026

@cursor review

cursor[bot]
cursor bot reviewed Apr 4, 2026
View reviewed changes
Copy link
Copy Markdown

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

Reviewed by Cursor Bugbot for commit f182eb5. Configure here.

@waleedlatif1 waleedlatif1 merged commit 57e5bac into staging Apr 4, 2026
7 checks passed
@waleedlatif1 waleedlatif1 deleted the waleedlatif1/fix-mcp-agent-auth branch April 4, 2026 02:05
@waleedlatif1 waleedlatif1 mentioned this pull request Apr 4, 2026
Merged
waleedlatif1 added a commit that referenced this pull request Apr 4, 2026
@waleedlatif1
fix(mcp): resolve userId before JWT generation for agent block auth (#…
c7ce796 
…3932)

* fix(mcp): resolve userId before JWT generation for agent block auth

* test(mcp): add regression test for agent block JWT userId resolution
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@waleedlatif1