feat(sts): send RFC 8707 resource and audience on token exchange (Python)#2107
Open
QuentinBisson wants to merge 1 commit into
Open
feat(sts): send RFC 8707 resource and audience on token exchange (Python)#2107QuentinBisson wants to merge 1 commit into
QuentinBisson wants to merge 1 commit into
Conversation
The Python token-propagation plugin omitted resource/audience on every STS token exchange, so issued tokens could not be scoped to a target backend. Accept resource/audience on ADKTokenPropagationPlugin, read them from KAGENT_TOKEN_RESOURCE / KAGENT_TOKEN_AUDIENCE in the CLI, and pass them to exchange_token. Unset values are omitted, so behaviour is unchanged by default. Signed-off-by: QuentinBisson <quentin@giantswarm.io>
fe47397 to
22b87f8
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Wires optional RFC 8707 resource and RFC 8693 audience parameters through the Python ADK STS token-propagation path so exchanged tokens can be scoped to the intended backend, while preserving existing behavior when unset.
Changes:
- Read
KAGENT_TOKEN_RESOURCE/KAGENT_TOKEN_AUDIENCEfrom the environment in the Python ADK CLI and pass them into the STS token-propagation plugin. - Extend
ADKTokenPropagationPluginto acceptresource/audienceand forward them toSTSIntegrationBase.exchange_token. - Add/adjust tests to verify
resource/audienceforwarding and to account for the new kwargs on exchange calls.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| python/packages/kagent-adk/src/kagent/adk/cli.py | Reads optional env vars and passes resource/audience into ADKTokenPropagationPlugin. |
| python/packages/agentsts-adk/src/agentsts/adk/_base.py | Adds resource/audience configuration to the plugin and forwards them on token exchange. |
| python/packages/agentsts-adk/tests/test_adk_integration.py | Updates existing assertions and adds coverage verifying forwarding of resource/audience. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
EItanya
requested changes
Jun 29, 2026
Comment on lines
+28
to
+29
| token_resource = os.getenv("KAGENT_TOKEN_RESOURCE") or None | ||
| token_audience = os.getenv("KAGENT_TOKEN_AUDIENCE") or None |
Contributor
There was a problem hiding this comment.
Can you please rename these KAGENT_STS_* so it's more clear what they belong to.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
The Python ADK token-propagation plugin (
agentsts-adk) calledexchange_tokenwithoutresourceoraudience, so an issued token couldnot be scoped to a specific backend. This wires two optional inputs through:
KAGENT_TOKEN_RESOURCE— RFC 8707 resource indicator (the target backend).KAGENT_TOKEN_AUDIENCE— RFC 8693 audience, for STS servers that key on it.ADKTokenPropagationPluginnow acceptsresource/audience; the CLI readsthem from the environment in
create_sts_integration. Unset values areomitted from the request, so behaviour is unchanged when neither is set.
Why
Without a resource/audience, the STS returns a token whose audience is not the
MCP backend, so audience-validating backends reject it. RFC 8707 is the
standard way to scope an exchanged token to its intended resource. The
exchange_tokenAPI already acceptedresource/audience; only the plugincall site and the configuration plumbing were missing.
Notes
resource/audiencesent.