Problem
Tengu has no authentication or authorization. Any MCP client can call any tool including destructive ones. This blocks enterprise adoption.
Implementation Steps
- Create `src/tengu/auth/` module:
- `jwt.py` — JWT token creation/validation (PyJWT)
- `rbac.py` — Role definitions and permission mapping
- `middleware.py` — FastMCP middleware for per-request auth checking
- `models.py` — `User`, `Role`, `Permission` Pydantic models
- Define role→tool mappings:
- `viewer`: Read-only (resources, reports)
- `junior_pentester`: `recon/*`, `web/analyze_headers`, `web/test_cors`
- `senior_pentester`: `recon/`, `web/`, `injection/`, `analysis/`
- `admin`: All tools including destructive
- Add auth middleware to MCP server
- Add `users` and `roles` tables to SQLite storage (`src/tengu/storage/db.py`)
- Support OIDC/SAML via optional integration (e.g., Authlib)
- `tengu user create`, `tengu user list`, `tengu user assign-role` CLI commands
Files to Modify
- New: `src/tengu/auth/init.py`, `jwt.py`, `rbac.py`, `middleware.py`, `models.py`
- `src/tengu/storage/db.py` — users/roles tables
- `src/tengu/server.py` — Auth middleware
- `src/tengu/cli.py` — User management commands
Dependencies
Problem
Tengu has no authentication or authorization. Any MCP client can call any tool including destructive ones. This blocks enterprise adoption.
Implementation Steps
Files to Modify
Dependencies