Fix CE mode OAuth and preserve raw tool arguments through gateway#454
Open
nathanielosullivanmolloy wants to merge 2 commits intodocker:mainfrom
Open
Conversation
Three fixes for running the MCP Gateway without Docker Desktop (CE mode):
1. **Forward tool arguments as raw JSON** (`handlers.go`):
The gateway previously unmarshaled `CallToolParamsRaw.Arguments` into
`any` before forwarding to tool handlers. This loses type fidelity for
tools that rely on structured/typed inputs. Arguments are now forwarded
as `json.RawMessage` unchanged, keeping the gateway schema-agnostic.
2. **Normalize argument types in clientpool** (`clientpool.go`):
`runToolContainer` used a single type assertion (`map[string]any`) which
silently dropped arguments arriving as `json.RawMessage` or `[]byte`.
A `normalizeArguments` function now handles all expected argument
representations safely via type switch.
3. **CE mode OAuth redirect URI and state validation** (`manager.go`):
- When `DOCKER_MCP_USE_CE=true`, the redirect URI now defaults to the
local callback (`http://localhost:5000/callback`) instead of the SaaS
endpoint (`mcp.docker.com`), with override via
`DOCKER_MCP_OAUTH_REDIRECT_URI`.
- `ExchangeCode` now strips the `mcp-gateway:PORT:` prefix from the
state parameter before validation, fixing a mismatch where
`BuildAuthorizationURL` adds the prefix for proxy routing but
`StateManager` only stores the base UUID.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
RunningInDockerCE() and IsRunningInDockerDesktop() hardcoded platform assumptions that blocked all CLI commands without Docker Desktop. Add early DOCKER_MCP_USE_CE=true checks so the PersistentPreRunE gate in root.go skips the Desktop feature probe when running with non-Desktop Docker engines. Also add a CE mode path for `docker mcp oauth ls` that reads from local credential storage instead of the Desktop auth socket. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Builds on the work from #366 by @Pnkcaht — thanks for the initial investigation and approach.
Fixes issues when running the MCP Gateway without Docker Desktop (CE mode):
Raw argument forwarding in handlers: The gateway previously unmarshaled
CallToolParamsRaw.Arguments(json.RawMessage) intoanybefore forwarding to tool handlers. This loses type fidelity for tools with structured/typed inputs. Arguments are now forwarded as raw JSON unchanged, keeping the gateway schema-agnostic.Argument type normalization in clientpool:
runToolContainerused a single type assertion (map[string]any) which silently dropped arguments arriving asjson.RawMessageor[]byte. AnormalizeArgumentsfunction now safely handles all expected representations via type switch.CE mode OAuth redirect URI: When
DOCKER_MCP_USE_CE=true, the redirect URI now defaults tohttp://localhost:5000/callback(local gateway callback) instead of the SaaS endpoint (mcp.docker.com), with override viaDOCKER_MCP_OAUTH_REDIRECT_URI.OAuth state parameter validation:
ExchangeCodenow strips themcp-gateway:PORT:prefix from the state parameter before validation.BuildAuthorizationURLadds this prefix for proxy routing, butStateManageronly stores the base UUID, causing validation to always fail in CE mode.CLI feature checks respect DOCKER_MCP_USE_CE:
RunningInDockerCE()andIsRunningInDockerDesktop()hardcoded platform assumptions that blocked all CLI commands (includingdocker mcp oauth ls/authorize) without Docker Desktop. Both now checkDOCKER_MCP_USE_CE=trueearly to skip Desktop feature probes.CE mode
oauth ls:docker mcp oauth lsnow has a CE mode path that reads from local DCR credential storage instead of the Docker Desktop auth socket.Test plan
normalizeArgumentscoveringmap[string]any,json.RawMessage,[]byte,nil, unexpected types, and invalid JSONExchangeCodestate prefix stripping (prefixed and plain states)IsRunningInDockerDesktopwithDOCKER_MCP_USE_CE,DOCKER_MCP_IN_CONTAINER, andWithNoDockerDesktopcontextRunningInDockerCEwithDOCKER_MCP_USE_CEenv varManager.ListDCRClientsandManager.HasValidToken🤖 Generated with Claude Code