kai/ColaFlow
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(backend): Fix ApiKeyId lookup in PendingChangeService

Browse Source 
The PendingChangeService was looking for 'ApiKeyId' in HttpContext.Items,
but McpApiKeyAuthenticationHandler sets 'McpApiKeyId'. Updated the lookup
to check both keys for backward compatibility.

Changes:
- Modified ApiKeyId retrieval to check 'McpApiKeyId' first, then fall back to 'ApiKeyId'
- Prevents McpUnauthorizedException: API Key not found in request context

Fixes compatibility between McpApiKeyAuthenticationHandler and PendingChangeService.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Yaojia Wang
2025-11-23 15:39:13 +01:00
parent 9f774b56b0
commit 0951c53827
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
colaflow-api/src/Modules/Mcp/ColaFlow.Modules.Mcp.Application/Services/PendingChangeService.cs
View File

@@ -34,7 +34,9 @@ public class PendingChangeService(
var tenantId = _tenantContext.GetCurrentTenantId(); var tenantId = _tenantContext.GetCurrentTenantId();
// Get API Key ID from HttpContext (set by MCP authentication middleware) // Get API Key ID from HttpContext (set by MCP authentication middleware)
var apiKeyIdNullable = _httpContextAccessor.HttpContext?.Items["ApiKeyId"] as Guid?; // Check both "McpApiKeyId" (from McpApiKeyAuthenticationHandler) and "ApiKeyId" (from legacy middleware)
var apiKeyIdNullable = _httpContextAccessor.HttpContext?.Items["McpApiKeyId"] as Guid?
?? _httpContextAccessor.HttpContext?.Items["ApiKeyId"] as Guid?;
if (!apiKeyIdNullable.HasValue) if (!apiKeyIdNullable.HasValue)
{ {
throw new McpUnauthorizedException("API Key not found in request context"); throw new McpUnauthorizedException("API Key not found in request context");