[No-Merge, Draft] Feature/2.0_beta/self_host_postgres #786
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ervice, which makes these service classes stateless
…d updated all service classes to accept and pass ITokenCredentialFactory to BaseAzureService
anuchandy
force-pushed
the
feature/2.0-beta/selft_host_postgres
branch
from
3d1aff9 to
d0d4cbd
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Demonstrates the code changes for the flows required to self-host Postgres. The changes are not specific to Postgres, though they have only been verified with Postgres.
The server is started as:
appsettings.json
With Entra ID request validation and Managed Identity:
In this configuration, the Incoming MCP calls are authenticated through the
inboundAuthentication.azureAdconfiguration. Outgoing Azure service calls, such as those to Postgres, use the managed identity of the host where the Azure MCP server is running.{ "inboundAuthentication": { "type": "JwtBearerScheme", "azureAd": { "instance": "https://login.microsoftonline.com/", "tenantId": "70a036f6-8e4d-4615-bad6-149c02e7720d", "clientId": "85a0b190-f927-4e27-b286-cd301d965e4a", "audience": "85a0b190-f927-4e27-b286-cd301d965e4a" } }, "outboundAuthentication": { "type": "ManagedIdentity", "clientId": "12345678-1234-1234-1234-123456789abc" } }The
outboundAuthentication.clientIdproperty is required when using a user-assigned managed identity. For a system-assigned identity, this property is not needed.With Entra ID request validation and JWT pass through:In this configuration, incoming MCP calls are authenticated through the inboundAuthentication.azureAd settings. The same JWT token is then passed through for outgoing Azure service calls - such as those to Postgres..
{ "inboundAuthentication": { "type": "JwtBearerScheme", "azureAd": { "instance": "https://login.microsoftonline.com/", "tenantId": "70a036f6-8e4d-4615-bad6-149c02e7720d", "clientId": "85a0b190-f927-4e27-b286-cd301d965e4a", "audience": "85a0b190-f927-4e27-b286-cd301d965e4a" } }, "outboundAuthentication": { "type": "JwtPassthrough" } }With Entra ID request validation and OBO
Validates incoming token and exchanges it for Azure token using OBO flow.
{ "inboundAuthentication": { "type": "JwtBearerScheme", "azureAd": { "instance": "https://login.microsoftonline.com/", "tenantId": "70a036f6-8e4d-4615-bad6-149c02e7720d", "clientId": "85a0b190-f927-4e27-b286-cd301d965e4a", "audience": "85a0b190-f927-4e27-b286-cd301d965e4a" } }, "outboundAuthentication": { "type": "JwtObo", "clientCredential": { "kind": "ClientSecret", "secret": "your-client-secret" } } }The
clientCredentialcan supports multiple credential types :Https
The host is responsible for handling HTTPS. Azure services such as ACA, Functions, and AKS include built-in HTTPS support. For example, when a client connects over HTTPS, decryption occurs at the service’s front-end (ingress). The TLS handshake (certificate validation and decryption) is performed by Azure’s managed ingress, which then forwards the decrypted HTTP traffic to the container over the internal network where the MCP Server is running.
Diagrams
graph TB subgraph "Configuration Layer" SC[ServerConfiguration] IAC[InboundAuthenticationConfig] OAC[OutboundAuthenticationConfig] AAD[AzureAdConfig] CCC[ClientCredentialConfig] SC --> IAC SC --> OAC IAC --> AAD OAC --> CCC end subgraph "HTTP Host Authentication Setup" HHSF[HttpHostAuthSetupFactory] IHS[IHttpHostAuthSetup] JHHS[JwtHttpHostAuthSetup] JOHS[JwtOboHttpHostAuthSetup] HHSF -->|Creates| IHS IHS --> JHHS IHS --> JOHS end subgraph "Token Credential Providers" TCPF[TokenCredentialProviderFactory] ITCP[ITokenCredentialProvider] MICP[ManagedIdentityCredentialProvider] JPCP[JwtPassthroughCredentialProvider] JOCP[JwtOboCredentialProvider] TCPF -->|Creates| ITCP ITCP --> MICP ITCP --> JPCP ITCP --> JOCP end subgraph "Azure SDK Integration" TC[TokenCredential] MIC[ManagedIdentityCredential] ATC[AccessToken] MICP --> MIC MIC --> TC TC --> ATC JOCP --> TC end subgraph "ASP.NET Core Integration" JWT[JWT Bearer Middleware] AUTH[Authorization Middleware] HCA[HttpContextAccessor] JHHS -->|Configures| JWT JHHS -->|Configures| AUTH JPCP --> HCA JOCP --> HCA end subgraph "Microsoft Identity Web" MIW[Microsoft.Identity.Web] TA[ITokenAcquisition] JOHS -->|Uses| MIW JOCP --> TA end %% Configuration Flow SC -->|Input| HHSF SC -->|Input| TCPF %% Authentication Flow IAC -->|Type| HHSF OAC -->|Type| TCPF AAD -->|RequiredRoles| JHHS OAC -->|ClientId| MICP CCC -->|Secret/Cert| JOCP style SC fill:#e1f5fe style IAC fill:#e1f5fe style OAC fill:#e1f5fe style AAD fill:#e1f5fe style CCC fill:#e1f5fe style HHSF fill:#f3e5f5 style IHS fill:#f3e5f5 style JHHS fill:#f3e5f5 style JOHS fill:#f3e5f5 style TCPF fill:#e8f5e8 style ITCP fill:#e8f5e8 style MICP fill:#e8f5e8 style JPCP fill:#e8f5e8 style JOCP fill:#e8f5e8 style MIW fill:#fff3e0 style TA fill:#fff3e0