Skip to content

chore: revoke access tokens on server shutdown [MCP-53] #352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 10, 2025
Merged

chore: revoke access tokens on server shutdown [MCP-53] #352

merged 4 commits into from
Jul 10, 2025

Conversation

fmenezes
Copy link
Collaborator

@fmenezes fmenezes commented Jul 10, 2025
edited
Loading

Proposed changes

revoke atlas access tokens on server shutdown [MCP-53]

Checklist

@fmenezes fmenezes marked this pull request as ready for review July 10, 2025 12:21
@Copilot Copilot AI review requested due to automatic review settings July 10, 2025 12:21
@fmenezes fmenezes requested a review from a team as a code owner July 10, 2025 12:21
Copilot
Copilot AI reviewed Jul 10, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Adds explicit revocation of Atlas access tokens during shutdown and cleans up duplicated shutdown calls.

  • Introduce apiClient.close() to revoke tokens in ApiClient
  • Invoke apiClient.close() in Session.close()
  • Remove duplicate mcpServer.close() and adjust shutdown order in Server.close()

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
src/common/atlas/apiClient.ts Added a close() method to revoke stored access tokens
src/session.ts Called apiClient.close() after disconnect() in Session.close()
src/server.ts Moved and deduplicated mcpServer.close() in Server.close()
Comments suppressed due to low confidence (2)

src/common/atlas/apiClient.ts:98

  • The new close() method isn’t covered by tests yet. Adding unit tests to verify that accessToken.revokeAll() is called when an access token is present would help ensure correct behavior.
    public async close(): Promise<void> {

src/server.ts:104

  • [nitpick] Closing the MCP server before the session could terminate active sessions prematurely. Consider invoking session.close() before mcpServer.close() or add a comment explaining the intended shutdown sequence.
        await this.mcpServer.close();

blva
blva reviewed Jul 10, 2025
View reviewed changes
himanshusinghs
himanshusinghs approved these changes Jul 10, 2025
View reviewed changes
Copy link
Collaborator

@himanshusinghs himanshusinghs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

blva
blva approved these changes Jul 10, 2025
View reviewed changes
Copy link
Collaborator

@blva blva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but are atlas tests supposed to fail?

@coveralls
Copy link
Collaborator

coveralls commented Jul 10, 2025
edited
Loading

Pull Request Test Coverage Report for Build 16199405806

Details

  • 12 of 12 (100.0%) changed or added relevant lines in 3 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.06%) to 74.893%
Totals Coverage Status
Change from base Build 16194723276: 0.06%
Covered Lines: 871
Relevant Lines: 1073
💛 - Coveralls

@fmenezes fmenezes merged commit c40eeab into main Jul 10, 2025
18 checks passed
@fmenezes fmenezes deleted the MCP-53 branch July 10, 2025 15:38
nirinchev added a commit that referenced this pull request Jul 11, 2025
@nirinchev
Merge branch 'main' into ni/connect-guidance
eed30f8 
* main:
  chore: revoke access tokens on server shutdown [MCP-53] (#352)
  fix: turn atlas-connect-cluster async (#343)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@himanshusinghs himanshusinghs himanshusinghs approved these changes

@blva blva blva approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@fmenezes @coveralls @himanshusinghs @blva