Merge branch 'main' into feature/adfs-unitest

Signed-off-by: calculus-ask <a.santhana.k@gmail.com>

Author: calculus-ask

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "package-lock.json|Cargo.lock|^.secrets.baseline$|scripts/sign_image.sh|scripts/zap|sonar-project.properties|^/Users/brian/dev/github.ibm.com/contextforge-org/sps-pipeline-config/.secrets.baseline$|^./.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2026-03-30T18:16:29Z",
+  "generated_at": "2026-03-30T23:20:07Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -5078,31 +5078,31 @@
         "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4194,
+        "line_number": 4195,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "559b05f1b2863e725b76e216ac3dadecbf92e244",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4802,
+        "line_number": 4803,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "a8af4759392d4f7496d613174f33afe2074a4b8d",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4804,
+        "line_number": 4805,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "85b60d811d16ff56b3654587d4487f713bfa33b7",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 14866,
+        "line_number": 14867,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -6571,6 +6571,24 @@
         "verified_result": null
       }
     ],
+    "plugins/encoded_exfil_detection/README.md": [
+      {
+        "hashed_secret": "f7f877c24a4ebef314009a2e79314797bae91bb6",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 149,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "5f2fe4f03b2314fa3a217f1e1f0ab2e3f5b1b49f",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 178,
+        "type": "Secret Keyword",
+        "verified_result": null
+      }
+    ],
     "plugins/examples/custom_auth_example/README.md": [
       {
         "hashed_secret": "423529858c0ba74fbbe141bce50b20f3c0d3b9f6",
@@ -6788,31 +6806,55 @@
         "hashed_secret": "1d278d3c888d1a2fa7eed622bfc02927ce4049af",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 468,
+        "line_number": 573,
         "type": "Base64 High Entropy String",
         "verified_result": null
       },
       {
         "hashed_secret": "d7da4707f9793b357da965eb04f06ceae7d7bfa6",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 469,
+        "line_number": 574,
         "type": "Base64 High Entropy String",
         "verified_result": null
       },
       {
         "hashed_secret": "0962e90797cdf7ff77c8a0a9477a7ca4f493465f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 649,
+        "line_number": 892,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "ca3f3092640b07c051f03e52690fda1bcee3f60d",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 670,
+        "line_number": 913,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "532fdeccb155dce5b528ba039b9a5d201b817e3b",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 932,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "cf743b3a58a4d0f91c1d7f5825c0b1b5f7758174",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 969,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "ff1a7ebc241b8eefe9e75e13f20cc22c365ab626",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 969,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -8274,15 +8316,15 @@
         "hashed_secret": "ab73a3eaca01a7059dcdff6f95556ec7fd83de96",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1332,
+        "line_number": 1388,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "92dd4a2de441b63e6ac51fdb81a05a416dffd182",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1419,
+        "line_number": 1475,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -10722,7 +10764,7 @@
         "hashed_secret": "6745fa570d36be08400efa1cbc2f057bb001290e",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2225,
+        "line_number": 2233,
         "type": "Hex High Entropy String",
         "verified_result": null
       },
@@ -11168,9 +11210,49 @@
         "hashed_secret": "55d2534ed6ad4f269b428160428fa2f6f541ba7b",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 143,
+        "line_number": 156,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "cf743b3a58a4d0f91c1d7f5825c0b1b5f7758174",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 538,
         "type": "Base64 High Entropy String",
         "verified_result": null
+      },
+      {
+        "hashed_secret": "8e42b03e460b2cf358ffbcf4da3bc5d14a22c86e",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 582,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "2093dd9cf307518cfe1d2fa5a3985d6fec4e995e",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 595,
+        "type": "Base64 High Entropy String",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "caa924f200b35ceb6f0e33878faff75203bdccb4",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 971,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "f16da2820437f3c703ff5b95c813f310ce8e67a4",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1288,
+        "type": "Secret Keyword",
+        "verified_result": null
       }
     ],
     "tests/unit/plugins/test_jwt_claims_extraction.py": [

mcpgateway/admin.py

@@ -507,6 +507,7 @@ async def get_hidden_sections_for_user(
             user_email=user_email,
             team_id=None,  # Check across all teams
             include_all_teams=True,  # Include all team-scoped roles
+            token_teams=token_teams,  # SECURITY: Respect token narrowing for menu visibility
         )
         if inspect.isawaitable(maybe_permissions):
             user_permissions = await maybe_permissions

mcpgateway/main.py

@@ -2676,7 +2676,7 @@ async def dispatch(self, request: Request, call_next):  # pylint: disable=too-ma
                             pass  # keep raw value for non-UUID token_teams
                     # Only trust team_id if it is in the user's DB-resolved teams
                     validated_team_id = request_team_id if (token_teams and request_team_id and request_team_id in token_teams) else None
-                    has_admin_access = await permission_service.has_admin_permission(username, team_id=validated_team_id)
+                    has_admin_access = await permission_service.has_admin_permission(username, team_id=validated_team_id, token_teams=token_teams)
                     if not has_admin_access:
                         logger.warning(f"Admin access denied for user without admin permissions: {SecurityValidator.sanitize_log_message(str(username))}")
                         return self._error_response(request, root_path, 403, "Admin privileges required", "admin_required")

mcpgateway/middleware/rbac.py

@@ -739,7 +739,7 @@ def require_admin_permission():
         >>> class DummyPS:
         ...     def __init__(self, db):
         ...         pass
-        ...     async def check_admin_permission(self, email):
+        ...     async def check_admin_permission(self, email, token_teams=None):
         ...         return True
         >>> @require_admin_permission()
         ... async def demo(user=None):
@@ -781,15 +781,16 @@ async def wrapper(*args, **kwargs):
 
             # Get db session: prefer endpoint's db param, then user_context["db"], then create fresh
             db_session = kwargs.get("db") or user_context.get("db")
+            token_teams = user_context.get("token_teams")  # Forward token scope
             if db_session:
                 # Use existing session from endpoint or user_context
                 permission_service = PermissionService(db_session)
-                has_admin_permission = await permission_service.check_admin_permission(user_context["email"])
+                has_admin_permission = await permission_service.check_admin_permission(user_context["email"], token_teams=token_teams)
             else:
                 # Create fresh db session for permission check
                 with fresh_db_session() as db:
                     permission_service = PermissionService(db)
-                    has_admin_permission = await permission_service.check_admin_permission(user_context["email"])
+                    has_admin_permission = await permission_service.check_admin_permission(user_context["email"], token_teams=token_teams)
 
             if not has_admin_permission:
                 logger.warning(f"Admin permission denied: user={user_context['email']}")
@@ -1012,14 +1013,15 @@ async def has_admin_permission(self) -> bool:
         Returns:
             bool: True if user has admin permissions
         """
+        token_teams = self.user_context.get("token_teams")
         if self.db_session:
             # Use existing session
             permission_service = PermissionService(self.db_session)
-            return await permission_service.check_admin_permission(self.user_context["email"])
+            return await permission_service.check_admin_permission(self.user_context["email"], token_teams=token_teams)
         # Create fresh db session
         with fresh_db_session() as db:
             permission_service = PermissionService(db)
-            return await permission_service.check_admin_permission(self.user_context["email"])
+            return await permission_service.check_admin_permission(self.user_context["email"], token_teams=token_teams)
 
     async def has_any_permission(self, permissions: List[str], resource_type: Optional[str] = None, team_id: Optional[str] = None) -> bool:
         """Check if user has any of the specified permissions.

mcpgateway/routers/rbac.py

@@ -590,7 +590,7 @@ async def get_my_permissions(team_id: Optional[str] = Query(None, description="T
     """
     try:
         permission_service = PermissionService(db)
-        permissions = await permission_service.get_user_permissions(user_email=user["email"], team_id=team_id)
+        permissions = await permission_service.get_user_permissions(user_email=user["email"], team_id=team_id, token_teams=user.get("token_teams"))
 
         result = sorted(list(permissions))
         db.commit()

mcpgateway/routers/tokens.py

@@ -86,13 +86,18 @@ async def _get_caller_permissions(
     Returns:
         List of permissions, or ["*"] for admins
     """
-    if current_user.get("is_admin"):
-        return ["*"]  # Admins can grant anything
+    # SECURITY: Only treat admin as unrestricted when token is un-narrowed.
+    # Narrowed or public-only admin sessions must derive permissions through
+    # the token-aware path to enforce Layer 1 scope containment.
+    token_teams = current_user.get("token_teams")
+    if current_user.get("is_admin") and token_teams is None:
+        return ["*"]  # Un-narrowed admins can grant anything
 
     permission_service = PermissionService(db)
     permissions = await permission_service.get_user_permissions(
         user_email=current_user["email"],
         team_id=team_id,
+        token_teams=token_teams,  # SECURITY: Respect token narrowing
     )
     return list(permissions) if permissions else None
 
@@ -130,8 +135,12 @@ async def create_token(
     # Multi-team users must specify team_id explicitly to avoid ambiguity.
     # Admins with teams=null are exempt and may still create global-scope tokens.
     effective_team_id = request.team_id
-    if effective_team_id is None and not current_user.get("is_admin"):
-        user_teams = current_user.get("token_teams") or []
+    caller_token_teams = current_user.get("token_teams")
+    # Only un-narrowed admins (token_teams=None) are exempt from auto-inheritance.
+    # Narrowed admin sessions use the same team-scoping logic as non-admins.
+    is_unrestricted_admin = current_user.get("is_admin") and caller_token_teams is None
+    if effective_team_id is None and not is_unrestricted_admin:
+        user_teams = caller_token_teams or []
         if len(user_teams) == 1:
             effective_team_id = user_teams[0]
             logger.debug("Auto-inherited team_id=%s for token creation by %s", effective_team_id, current_user["email"])
@@ -534,7 +543,10 @@ async def list_all_tokens(
     """
     _require_authenticated_session(current_user)
 
-    if not current_user["is_admin"]:
+    # SECURITY: Require un-narrowed admin. Narrowed/public-only admin sessions
+    # must not access the token oversight surface to prevent privilege escalation.
+    token_teams = current_user.get("token_teams")
+    if not current_user.get("is_admin") or token_teams is not None:
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Admin access required")
 
     service = TokenCatalogService(db)
@@ -618,7 +630,10 @@ async def admin_revoke_token(
     """
     _require_authenticated_session(current_user)
 
-    if not current_user["is_admin"]:
+    # SECURITY: Require un-narrowed admin. Narrowed/public-only admin sessions
+    # must not revoke arbitrary tokens to prevent privilege escalation.
+    revoke_token_teams = current_user.get("token_teams")
+    if not current_user.get("is_admin") or revoke_token_teams is not None:
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Admin access required")
 
     service = TokenCatalogService(db)