Add Cloudflare Access auth for /internal and harden Sentry config#2
Open
sergical wants to merge 3 commits into
Open
Add Cloudflare Access auth for /internal and harden Sentry config#2sergical wants to merge 3 commits into
sergical wants to merge 3 commits into
Conversation
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
sergical
changed the title
Adds /internal as an OAuth-protected MCP endpoint for Claude Desktop/Cowork users, authenticated via Google SSO restricted to @sentry.io emails. Uses a shared team Plausible API key for OAuth users. - New src/auth-handler.ts: Google OAuth flow with @sentry.io domain check - worker.ts: OAuthProvider wraps /internal (OAuth) while /mcp stays as direct Bearer token for CLI users (backward compatible) - wrangler.toml: KV namespace for OAuth state, pinned dev port - New dependency: @cloudflare/workers-oauth-provider Deploy requires: GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, PLAUSIBLE_API_KEY secrets and a KV namespace for OAUTH_KV. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Wrap internalApiHandler and defaultHandler with Sentry.withSentry() since OAuthProvider export can't be wrapped directly. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
sergical
force-pushed
the
feat/oauth-cowork
branch
from
532c54f to
59f8e3f
Compare
sergical
changed the title
sergical
force-pushed
the
feat/oauth-cowork
branch
from
59f8e3f to
c32fa9e
Compare
sergical
force-pushed
the
feat/oauth-cowork
branch
from
c32fa9e to
da1ebe0
Compare
![sentry-warden[bot]](https://avatars.githubusercontent.com/in/2755838?s=60&v=4){kind=small}
sergical
force-pushed
the
feat/oauth-cowork
branch
from
da1ebe0 to
d05ca83
Compare
sergical
force-pushed
the
feat/oauth-cowork
branch
from
d05ca83 to
bf7b33e
Compare
sergical
force-pushed
the
feat/oauth-cowork
branch
from
bf7b33e to
391f7af
Compare
sergical
force-pushed
the
feat/oauth-cowork
branch
from
391f7af to
86b69f3
Compare
sergical
force-pushed
the
feat/oauth-cowork
branch
2 times, most recently
from
8b9b7f9 to
b22eb5b
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit b22eb5b. Configure here.
sergical
force-pushed
the
feat/oauth-cowork
branch
from
b22eb5b to
d53c4d2
Compare
Per security review (SEC-1266), simplify auth by dropping the custom OAuth provider in favor of Cloudflare Access. /internal validates Cf-Access-Jwt-Assertion with signature, audience, and @sentry.io check. /mcp remains unchanged for direct Bearer token users. - Delete auth-handler.ts (Google SSO flow) - Remove @cloudflare/workers-oauth-provider, OAUTH_KV, Google creds - Fix sendDefaultPii: false + beforeSendSpan scrubber for auth headers - Add security headers (X-Frame-Options, HSTS, Referrer-Policy) - Add Sentry.setUser for attribution on /internal calls Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
sergical
force-pushed
the
feat/oauth-cowork
branch
from
d53c4d2 to
2c5b563
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
/internalendpoint protected by Cloudflare Access JWT validation (Sentry Google SSO,@sentry.ioonly)/internaluses a shared team Plausible API key — no per-user key needed/mcpremains unchanged for direct Bearer token usersWhat changed
src/worker.ts: two-route architecture —/internal(CF Access JWT) and/mcp(Bearer token)src/worker.ts:verifyCloudflareAccessJwt()validates signature via JWKS, audience, expiry, and@sentry.ioemailsrc/worker.ts:sendDefaultPii: false+beforeSendSpanscrubber for Authorization/cookie headerssrc/worker.ts:Sentry.setUser({ email })on/internalfor attribution on shared keysrc/worker.ts: security headers (X-Frame-Options: DENY,Strict-Transport-Security,Referrer-Policy)src/tools/*: manual Sentry spans with tool-specific attributes on each handlersrc/server.ts: uses plainMcpServer(tools have their own spans, avoids double error capture)SEC-1266 review
Reviewed sentry-mcp PRs 164, 485, 625, 930 for hardening patterns. Applied security headers from PR 485. OAuth-specific patterns (consent dialog, HMAC state, redirect URI validation) are not applicable — Cloudflare Access handles the auth flow.
Architecture
Deploy checklist
plausible-mcp.sentry.dev/internal/*with Sentry Google SSO IdPCF_ACCESS_TEAM_DOMAIN,CF_ACCESS_AUD,PLAUSIBLE_API_KEYbun run deploy/mcpBearer flow still works/internalwith CF Access authTest plan
/internalwith Cloudflare Access configured/mcpdirect Bearer flow unaffected🤖 Generated with Claude Code