fix: community server OAuth localhost redirect, state validation, and token injection#471
Merged
saucow merged 1 commit intodocker:mainfrom Apr 7, 2026
Conversation
…tion, and per-server token injection Three fixes for community server OAuth in Desktop mode (McpGatewayOAuth flag): 1. authorizeCommunityMode passed DefaultRedirectURI (mcp.docker.com/oauth/callback) to DiscoverAndRegister. Community servers reject non-localhost redirects. Create the callback server first and use its localhost URL for DCR registration. 2. Direct localhost callbacks return the full state (mcp-gateway:PORT:UUID). The state manager only knows the bare UUID. Strip the mcp-gateway:PORT: prefix before validating. 3. remote.go used NewOAuthCredentialHelper() (ModeAuto -> ModeDesktop) to read tokens. Community server tokens are in docker pass, not Secrets Engine. Use DetermineMode with IsCommunity() to route to the correct credential store. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Daniel-Kolev
approved these changes
Apr 7, 2026
cutecatfann
approved these changes
Apr 7, 2026
Contributor
cutecatfann
left a comment
cutecatfann
left a comment
There was a problem hiding this comment.
Thank you for fixing these issues!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes three issues preventing community server OAuth from working end-to-end in Desktop mode with the
McpGatewayOAuthflag enabled.1. DCR registration rejected by community servers
authorizeCommunityModewas passingDefaultRedirectURI(mcp.docker.com/oauth/callback) toDiscoverAndRegister. Community servers only accept localhost redirects. Fixed by creating the callback server first and using its localhost URL for DCR registration.2. State validation failed after OAuth callback
When redirecting directly to localhost (community mode), the full state
mcp-gateway:PORT:UUIDcomes through. The state manager only knows the bare UUID. In CE mode, the mcp.docker.com proxy strips the prefix, but direct localhost callbacks don't. Fixed by stripping the prefix before validation.3. Remote server connected without token
remote.gousedNewOAuthCredentialHelper()(ModeAuto→ModeDesktop) which reads from the Secrets Engine. Community server tokens are in docker pass, not the Secrets Engine. Fixed by usingDetermineModewithIsCommunity()to route to the correct credential store.Testing
Tested end-to-end with Vercel MCP server (community registry):
docker mcp oauth authorize com-vercel-vercel-mcp— DCR succeeds with localhost redirect, callback received, token stored in docker pass🤖 Generated with Claude Code