fix: harden structured auth MCP errors against reviewer findings (#699)

Address PR #701 request-changes-class defects:

1. Fixed messages only — never embed HTTP bodies, Keychain, or exception
   text in tool results or daemon logs; sanitization fails closed.
2. Narrow Tool.run boundary wraps original success path; re-raises
   UrlElicitationRequiredError; install is idempotent.
3. No RuntimeError substring heuristics; only typed client failures
   are classified as auth/authz/network/config.
4. Central classify_http_status — every HTTP 403 is GiteaAuthzError.

Regressions cover adversarial secrets, stdio survival, elicitation,
parser RuntimeError, generic 403, repeated install, profiles, provenance.

Closes #699
This commit is contained in:
2026-07-13 13:40:38 -04:00
parent b4d0cb22e4
commit 6b675f5c83
6 changed files with 752 additions and 428 deletions
+2 -5
View File
@@ -1814,14 +1814,11 @@ def _auth(host: str) -> str:
Missing credentials are a configuration failure, not a silent internal
crash. Typed as :class:`gitea_auth.GiteaConfigError` so the tool-error
boundary (#699) maps them to a structured isError result without EOF.
The exception message is a fixed constant (no host/token material).
"""
header = get_auth_header(host)
if header is None:
raise GiteaConfigError(
f"No credentials for {host}. "
"Ensure you've logged in via HTTPS at least once.",
reason_code="config_error",
)
raise GiteaConfigError(reason_code="config_error")
return header