Skip to content

Carry OAuth scopes through extraction to the invocation credential#1386

Merged
RhysSullivan merged 1 commit into
mainfrom
fix-1384-scope-plumbing
Jul 10, 2026
Merged

Carry OAuth scopes through extraction to the invocation credential#1386
RhysSullivan merged 1 commit into
mainfrom
fix-1384-scope-plumbing

Conversation

@RhysSullivan

@RhysSullivan RhysSullivan commented Jul 10, 2026

Copy link
Copy Markdown
Collaborator

Tool catalogs are compiled with no notion of scope: an operation's security declaration never survives extraction, and the credential built for dispatch never carries what the connection's grant covers.

This extracts per-operation security scopes into ExtractedOperation and OperationBinding (all three compile paths; optional so stored bindings keep decoding), adds grantedScopes to ToolInvocationCredential sourced from the connection row's oauth_scope, and uses both to annotate scope-insufficient 403s with the exact required and granted scopes.

Advisory-only by design: scope-string containment needs provider semantics (a broad Google scope does not textually contain a narrow one), so nothing is blocked locally and unknown grants fail open. Catalog projection by scope can build on this plumbing as a follow-up.

Refs #1384. Stacked on #1385.

Stack

  1. Classify scope-insufficient 403s as oauth_scope_insufficient #1385
  2. Carry OAuth scopes through extraction to the invocation credential #1386 👈 current

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 10, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
executor-marketing 90c9a56 Commit Preview URL

Branch Preview URL
Jul 10 2026, 09:35 AM

@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Cloudflare preview

Torn down — the PR is closed.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 10, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
executor-cloud 90c9a56 Jul 10 2026, 09:36 AM

@pkg-pr-new

pkg-pr-new Bot commented Jul 10, 2026

Copy link
Copy Markdown

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@1386

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@1386

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@1386

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@1386

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@1386

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@1386

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@1386

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@1386

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@1386

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@1386

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@1386

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@1386

executor

npm i https://pkg.pr.new/executor@1386

commit: 90c9a56

@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch 2 times, most recently from 1dae20c to 6ec24e3 Compare July 10, 2026 03:01
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch 2 times, most recently from 516719c to 35aba26 Compare July 10, 2026 08:03
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch 2 times, most recently from 2c2f001 to b0808e7 Compare July 10, 2026 08:28
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch 2 times, most recently from f7ab6a2 to 8503c9f Compare July 10, 2026 08:34
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch 2 times, most recently from 65fdf45 to 57352ac Compare July 10, 2026 08:40
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from 8503c9f to ffc3626 Compare July 10, 2026 08:40
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 57352ac to 0d85ca8 Compare July 10, 2026 08:45
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from ffc3626 to 5cf070e Compare July 10, 2026 08:45
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 0d85ca8 to 17bf091 Compare July 10, 2026 08:50
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch 2 times, most recently from 08e770c to 228eae9 Compare July 10, 2026 08:56
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 17bf091 to f4e2f48 Compare July 10, 2026 08:56
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from 228eae9 to c757a68 Compare July 10, 2026 09:00
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from f4e2f48 to 25d7ad2 Compare July 10, 2026 09:00
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from c757a68 to efb13e2 Compare July 10, 2026 09:03
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 25d7ad2 to a226fc3 Compare July 10, 2026 09:03
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from efb13e2 to 735d363 Compare July 10, 2026 09:07
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from a226fc3 to 1308617 Compare July 10, 2026 09:07
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from 735d363 to 3ea2889 Compare July 10, 2026 09:23
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 1308617 to 085dcb5 Compare July 10, 2026 09:23
@RhysSullivan RhysSullivan force-pushed the fix-1381-scope-insufficient-code branch from 3ea2889 to a1fafd2 Compare July 10, 2026 09:31
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 085dcb5 to 4294a33 Compare July 10, 2026 09:31
@RhysSullivan RhysSullivan changed the base branch from fix-1381-scope-insufficient-code to main July 10, 2026 09:32
@RhysSullivan RhysSullivan marked this pull request as ready for review July 10, 2026 09:32
Tool catalogs were compiled with no notion of scope: an operation's
security declaration never survived extraction, and the credential built
for dispatch never carried what the connection's grant covers. A
connection whose grant is narrower than its integration's catalog (the
multi-product Google bundle case) exposed every tool as equally
invocable, and the eventual upstream 403 could not say which scope was
missing versus held.

Extract per-operation security scopes into ExtractedOperation and
OperationBinding (all three compile paths: whole-tree, streamed, and
structure-streamed; optional so stored bindings keep decoding), add
grantedScopes to ToolInvocationCredential sourced from the connection
row's oauth_scope, and use both to annotate scope-insufficient 403s
with the exact required and granted scopes. Advisory-only by design:
scope-string containment needs provider semantics (a broad Google scope
does not textually contain a narrow one), so nothing is blocked locally
and unknown grants fail open.

Refs #1384
@RhysSullivan RhysSullivan force-pushed the fix-1384-scope-plumbing branch from 4294a33 to 90c9a56 Compare July 10, 2026 09:33
@RhysSullivan RhysSullivan merged commit 0b0dab4 into main Jul 10, 2026
21 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant