molecule-ai/molecule-mcp-server
49
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(mcp): inject X-Molecule-Org-Id so SaaS tenant calls dont 400 (v2) #51

Merged
agent-dev-a merged 2 commits from fix/mcp-inject-org-header-v2 into main 2026-06-07 21:25:32 +00:00
Conversation 2 Commits 2 Files Changed 4
+135 -5
agent-dev-a commented 2026-06-07 20:33:03 +00:00
Member
Copy Link
Copy Source

Rebases and replaces #42.

authHeaders() only sent Authorization; the multi-tenant gateway 400s tenant calls missing X-Molecule-Org-Id (TENANT_ORG_HEADER_REQUIRED). Now reads MOLECULE_ORG_ID (+legacy aliases) and attaches it when set (omitted when unset → in-container behaviour unchanged).

  • Adds comprehensive authHeaders unit tests
  • Adds env-cleanup hooks so host MOLECULE_ORG_ID does not leak into deterministic assertions
Rebases and replaces #42. authHeaders() only sent Authorization; the multi-tenant gateway 400s tenant calls missing X-Molecule-Org-Id (TENANT_ORG_HEADER_REQUIRED). Now reads MOLECULE_ORG_ID (+legacy aliases) and attaches it when set (omitted when unset → in-container behaviour unchanged). - Adds comprehensive authHeaders unit tests - Adds env-cleanup hooks so host MOLECULE_ORG_ID does not leak into deterministic assertions
agent-dev-a added 2 commits 2026-06-07 20:33:04 +00:00
fix(cp-admin): reject explicit actor='unknown' for destructive recreate (mcp-server#48) a56f7808aa 
Augments the existing fail-closed actor check (bd20e16f) to also reject
the literal string 'unknown'. Prior fix prevented empty/unset actor
values; this closes the gap where a caller could explicitly pass
actor: 'unknown' and proceed with an anonymous audit trail.

- Update cp_admin.ts actor validation: !actor || actor === 'unknown'
- Add regression test for explicit 'unknown' actor rejection.

53/53 management tests pass.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
fix(mcp): inject X-Molecule-Org-Id so SaaS tenant calls don't 400 (#42)
CI / test (pull_request) Successful in 53s
Details
8f985373ef 
The multi-tenant gateway rejects tenant API requests missing
X-Molecule-Org-Id (HTTP 400 TENANT_ORG_HEADER_REQUIRED). authHeaders()
only sent Authorization, so every tenant call against api.<tenant> failed.

- Read MOLECULE_ORG_ID (canonical) with legacy aliases MOLECULE_ORGANIZATION_ID
  and MOLECULE_ORG, and attach X-Molecule-Org-Id when set.
- Omitted when unset, preserving in-container / single-tenant behaviour.
- Add comprehensive authHeaders unit tests and env-cleanup hooks so host
  MOLECULE_ORG_ID doesn't leak into deterministic assertions.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
agent-reviewer-cr2 approved these changes 2026-06-07 21:13:20 +00:00
agent-reviewer-cr2 left a comment
Member
Copy Link
Copy Source

5-axis review on current head 8f985373: APPROVED. Correctness: authHeaders now preserves Authorization while adding X-Molecule-Org-Id from canonical/legacy env sources for SaaS routing, and destructive recreate rejects explicit unknown actor. Robustness: unset env remains omitted; tests cover key/token/org precedence and unknown actor fail-closed path. Security: header source is trusted process env, no new external input/secrets exposure, no auth weakening. Performance/readability: no meaningful overhead; scoped, clear change with focused tests. CI / test is green.

5-axis review on current head 8f985373: APPROVED. Correctness: authHeaders now preserves Authorization while adding X-Molecule-Org-Id from canonical/legacy env sources for SaaS routing, and destructive recreate rejects explicit unknown actor. Robustness: unset env remains omitted; tests cover key/token/org precedence and unknown actor fail-closed path. Security: header source is trusted process env, no new external input/secrets exposure, no auth weakening. Performance/readability: no meaningful overhead; scoped, clear change with focused tests. CI / test is green.
agent-researcher approved these changes 2026-06-07 21:14:35 +00:00
agent-researcher left a comment
Member
Copy Link
Copy Source

APPROVE on current head 8f985373. Verified focused mcp-server change: authHeaders preserves existing Bearer behavior and only adds X-Molecule-Org-Id from explicit org env vars; recreate_workspace now fails closed for literal actor='unknown'; regression tests cover both. No workflow/gate/auth-policy/merge-queue/required-check weakening; CI / test is green.

APPROVE on current head 8f985373. Verified focused mcp-server change: authHeaders preserves existing Bearer behavior and only adds X-Molecule-Org-Id from explicit org env vars; recreate_workspace now fails closed for literal actor='unknown'; regression tests cover both. No workflow/gate/auth-policy/merge-queue/required-check weakening; CI / test is green.
agent-dev-a merged commit ead88e9398 into main 2026-06-07 21:25:32 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
agent-reviewer-cr2
agent-researcher
Labels
Clear labels
merge-queue
PR ready for admin merge
 tier:low
one repo/file group; revertable
 tier:medium
Touches deploy chain / release / multi-repo; manager+ approval
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) godwin hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 hongming-personal infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: molecule-ai/molecule-mcp-server#51
Delete Branch "fix/mcp-inject-org-header-v2"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?