feat: harden Claude MCP OAuth transport

tests/test_oauth_oidc.py

@@ -25,13 +25,14 @@ def reset_state(monkeypatch: pytest.MonkeyPatch) -> None:
     monkeypatch.setenv("OAUTH_MODE", "true")
     monkeypatch.setenv("GITEA_OAUTH_CLIENT_ID", "test-client-id")
     monkeypatch.setenv("GITEA_OAUTH_CLIENT_SECRET", "test-client-secret")
+    monkeypatch.setenv("OAUTH_STATE_SECRET", "test-state-secret-0123456789abcdef")
     monkeypatch.setenv("OAUTH_CACHE_TTL_SECONDS", "600")
     yield
     reset_settings()
     reset_oauth_validator()
 
 
-def _build_jwt_fixture() -> tuple[str, dict[str, object]]:
+def _build_jwt_fixture(aud: str = "test-client-id") -> tuple[str, dict[str, object]]:
     """Generate RS256 access token and matching JWKS payload."""
     private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
     public_key = private_key.public_key()
@@ -44,7 +45,7 @@ def _build_jwt_fixture() -> tuple[str, dict[str, object]]:
             "sub": "user-1",
             "preferred_username": "alice",
             "scope": "read:repository write:repository",
-            "aud": "test-client-id",
+            "aud": aud,
             "iss": "https://gitea.example.com",
             "iat": now,
             "exp": now + 3600,
@@ -56,6 +57,70 @@ def _build_jwt_fixture() -> tuple[str, dict[str, object]]:
     return token, {"keys": [jwk]}
 
 
+async def _validate_with_jwks(
+    validator: GiteaOAuthValidator, token: str, jwks: dict[str, object]
+) -> tuple[bool, str | None, dict[str, object] | None]:
+    """Drive a JWT validation with mocked discovery + JWKS responses."""
+    discovery_response = MagicMock()
+    discovery_response.status_code = 200
+    discovery_response.json.return_value = {
+        "issuer": "https://gitea.example.com",
+        "jwks_uri": "https://gitea.example.com/login/oauth/keys",
+    }
+    jwks_response = MagicMock()
+    jwks_response.status_code = 200
+    jwks_response.json.return_value = jwks
+
+    with patch("aegis_gitea_mcp.oauth.httpx.AsyncClient") as mock_client_cls:
+        mock_client = AsyncMock()
+        mock_client.get = AsyncMock(side_effect=[discovery_response, jwks_response])
+        mock_client_cls.return_value.__aenter__ = AsyncMock(return_value=mock_client)
+        mock_client_cls.return_value.__aexit__ = AsyncMock(return_value=False)
+        return await validator.validate_oauth_token(token, "127.0.0.1", "TestAgent")
+
+
+def test_acceptable_audiences_includes_resource_and_client_id(
+    monkeypatch: pytest.MonkeyPatch,
+) -> None:
+    """The canonical MCP resource and the Gitea client id are accepted audiences."""
+    monkeypatch.setenv("PUBLIC_BASE_URL", "https://mcp.example.com")
+    reset_settings()
+    reset_oauth_validator()
+    audiences = GiteaOAuthValidator()._acceptable_audiences()
+    assert "https://mcp.example.com" in audiences
+    assert "test-client-id" in audiences
+
+
+@pytest.mark.asyncio
+async def test_jwt_with_canonical_resource_audience_is_accepted(
+    monkeypatch: pytest.MonkeyPatch,
+) -> None:
+    """A token whose aud is the canonical MCP resource URL validates (P4)."""
+    monkeypatch.setenv("PUBLIC_BASE_URL", "https://mcp.example.com")
+    reset_settings()
+    reset_oauth_validator()
+    token, jwks = _build_jwt_fixture(aud="https://mcp.example.com")
+    valid, error, principal = await _validate_with_jwks(GiteaOAuthValidator(), token, jwks)
+    assert valid is True
+    assert error is None
+    assert principal is not None
+
+
+@pytest.mark.asyncio
+async def test_jwt_with_foreign_audience_is_rejected() -> None:
+    """A token minted for a different audience is rejected (audience binding)."""
+    token, jwks = _build_jwt_fixture(aud="some-other-service")
+    # Foreign-audience JWT fails JWT validation, then falls back to userinfo, which
+    # is not mocked here and raises a network error -> overall failure.
+    with patch("aegis_gitea_mcp.oauth.GiteaOAuthValidator._validate_userinfo") as mock_userinfo:
+        from aegis_gitea_mcp.oauth import OAuthTokenValidationError
+
+        mock_userinfo.side_effect = OAuthTokenValidationError("Invalid", "userinfo_denied")
+        valid, _error, principal = await _validate_with_jwks(GiteaOAuthValidator(), token, jwks)
+    assert valid is False
+    assert principal is None
+
+
 @pytest.mark.asyncio
 async def test_validate_oauth_token_with_oidc_jwt_and_cache() -> None:
     """JWT token validation uses discovery + JWKS and caches both documents."""