Documentation
¶
Overview ¶
Package security provides the session-hijack-prevention decorator for vMCP sessions. It binds a session to a stable identity tuple (iss, sub) extracted from the OIDC identity that created the session, and validates that every subsequent request comes from the same identity.
Session bindings are stored as plaintext at rest in the session metadata (see pkg/vmcp/session/binding for the format and trust-boundary statement). The binding is NOT a credential; it identifies but does not authenticate. Callers must validate the request's token independently before passing the resulting *auth.Identity to validateCaller.
Index ¶
- func BindSession(session sessiontypes.MultiSession, identity *auth.Identity) (sessiontypes.MultiSession, error)
- func RestoreSessionBinding(session sessiontypes.MultiSession, storedBinding string) (sessiontypes.MultiSession, error)
- func ValidateCaller(storedBinding string, caller *auth.Identity) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BindSession ¶ added in v0.29.0
func BindSession( session sessiontypes.MultiSession, identity *auth.Identity, ) (sessiontypes.MultiSession, error)
BindSession wraps a session with identity-binding validation. It writes the canonical binding into session metadata under MetadataKeyIdentityBinding and returns a decorator that validates the caller on every operation.
Whether the session is anonymous is derived from the identity via types.ShouldAllowAnonymous.
For bound sessions, the (iss, sub) tuple is extracted from identity.Claims. If the tuple cannot be extracted (missing claims, non-string claims, or invalid format), BindSession returns an error BEFORE writing anything to the session metadata — preserving the invariant that a session always has a valid MetadataKeyIdentityBinding value once written.
Returns an error if session is nil, or if a bound identity is required but no valid (iss, sub) binding can be produced.
func RestoreSessionBinding ¶ added in v0.29.0
func RestoreSessionBinding( session sessiontypes.MultiSession, storedBinding string, ) (sessiontypes.MultiSession, error)
RestoreSessionBinding recreates the session-binding decorator from a persisted binding string read out of session metadata. Use this when reconstructing a MultiSession after a pod restart or cross-pod failover.
This function is the symmetric counterpart of BindSession for the restore path. It is invoked by the session factory after RestoreSession deserializes the binding from session metadata. Unlike BindSession, it does NOT write metadata — the factory has already restored the metadata layer separately.
storedBinding must be either:
- binding.UnauthenticatedSentinel (the session was anonymous), or
- a valid bound binding (binding.Parse returns ok).
Anything else (empty string, malformed value) is rejected as corrupted metadata.
func ValidateCaller ¶ added in v0.30.0
ValidateCaller checks caller against a stored identity-binding string (the value persisted under MetadataKeyIdentityBinding). It reproduces the decorator's per-request check for call paths that do not go through the [sessionBindingDecorator] — notably the Serve transport path, where the advertised set and call routing are owned by the core but identity binding must still be enforced by the session layer.
allowAnonymous is derived from storedBinding: an anonymous session stores the UnauthenticatedSentinel, so IsUnauthenticated(storedBinding) is exactly the allowAnonymous flag BindSession recorded (BindSession writes the sentinel iff ShouldAllowAnonymous(identity)).
Types ¶
This section is empty.
Source Files