commandpostsoft
diff --git a/‎CHANGELOG.md‎
Lines changed: 30 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎Gemfile.lock‎
Lines changed: 1 addition & 1 deletion b/‎Gemfile.lock‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/parse/agent/mcp_server.rb‎
Lines changed: 41 additions & 7 deletions b/‎lib/parse/agent/mcp_server.rb‎
Lines changed: 41 additions & 7 deletions
diff --git a/‎lib/parse/agent/tools.rb‎
Lines changed: 24 additions & 1 deletion b/‎lib/parse/agent/tools.rb‎
Lines changed: 24 additions & 1 deletion
diff --git a/‎lib/parse/api/users.rb‎
Lines changed: 70 additions & 5 deletions b/‎lib/parse/api/users.rb‎
Lines changed: 70 additions & 5 deletions
diff --git a/‎lib/parse/client.rb‎
Lines changed: 11 additions & 4 deletions b/‎lib/parse/client.rb‎
Lines changed: 11 additions & 4 deletions
diff --git a/‎lib/parse/client/body_builder.rb‎
Lines changed: 14 additions & 3 deletions b/‎lib/parse/client/body_builder.rb‎
Lines changed: 14 additions & 3 deletions
diff --git a/‎lib/parse/client/caching.rb‎
Lines changed: 3 additions & 1 deletion b/‎lib/parse/client/caching.rb‎
Lines changed: 3 additions & 1 deletion
@@ -1,5 +1,35 @@
 ## Parse-Stack Changelog
 
+### 3.3.2
+
+#### Security Fixes
+
+- **FIXED**: Login now uses POST instead of GET, preventing passwords from appearing in server logs, browser history, and URL query parameters.
+- **FIXED**: Webhook key comparison now uses constant-time `ActiveSupport::SecurityUtils.secure_compare` to prevent timing attacks. Invalid webhook keys are no longer logged.
+- **FIXED**: MCP server default binding changed from `0.0.0.0` to `127.0.0.1`, preventing unintended network exposure.
+- **FIXED**: Field names in queries are now validated to block MongoDB operator injection (`$where`, `$function`, etc.).
+- **FIXED**: Aggregation pipelines now block dangerous stages (`$out`, `$merge`) and `$where` operators inside `$match` stages.
+- **FIXED**: Sensitive fields (passwords, tokens, auth data) are now redacted from debug log output.
+- **NEW**: Client-side login rate limiting with exponential backoff after repeated failures to mitigate brute force attacks.
+- **FIXED**: Session tokens in cache keys are now hashed with SHA-256 instead of stored as plaintext.
+- **NEW**: MCP server now supports API key authentication via `MCP_API_KEY` env var or `api_key:` parameter. Requests must include `X-MCP-API-Key` header when configured.
+- **FIXED**: JSON payloads in webhooks and MCP server are now limited to 1 MB size and 20 levels of nesting depth to prevent denial-of-service attacks.
+- **FIXED**: Tool method invocation in MCP server now blocks dangerous methods (`eval`, `exec`, `system`, `send`, `method`, `binding`, etc.) to prevent code execution via user-controlled method names.
+- **FIXED**: Blocked methods list moved to always-loaded `Parse::Agent::Tools` module, fixing load-order crash when MCP server is not enabled.
+- **FIXED**: Login rate limiter is now thread-safe (Mutex-protected) with periodic cleanup of expired entries to prevent memory leaks.
+- **FIXED**: MCP server now explicitly requires ActiveSupport modules, preventing load-order failures.
+- **FIXED**: Session token cache key hash increased from 16 to 32 hex characters (128 bits) to reduce collision risk.
+- **FIXED**: MCP `/tools` endpoint now requires API key authentication when configured, preventing unauthenticated schema enumeration.
+- **FIXED**: Response body logging is now redacted alongside request logging, preventing session tokens from appearing in debug output.
+- **NEW**: `require_https` option for `Parse::Client` raises an error when HTTP is used with a non-localhost server URL. Enable via `require_https: true` or `PARSE_REQUIRE_HTTPS=true`.
+- **FIXED**: `login_with_mfa` now applies the same rate limiting and exponential backoff as the standard `login` method.
+- **FIXED**: Aggregation pipeline blocklist expanded to also block `$function`, `$accumulator`, `$collMod`, `$createIndex`, and `$dropIndex` stages.
+
+#### Bug Fixes
+
+- **FIXED**: `Parse::Object.transaction` now correctly assigns `objectId`, `createdAt`, and `updatedAt` to all objects in the batch. Previously, only the first unsaved object received its server-assigned ID because `Parse::Object#hash` treats all unsaved objects as equal, causing Hash key collisions in the internal tracking map.
+- **FIXED**: `AggregateTestComment` and `AggregateTestPost` test models now use `belongs_to` for pointer fields instead of `property :object`, which caused Parse Server schema mismatch errors when saving pointer values.
+
 ### 3.3.1
 - Bundle update
 
 
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    parse-stack (3.3.1)
+    parse-stack (3.3.2)
       activemodel (>= 5, < 9)
       activesupport (>= 5, < 9)
       faraday (~> 2.0)
 
@@ -3,6 +3,8 @@
 
 require "webrick"
 require "json"
+require "active_support/core_ext/object/blank"
+require "active_support/security_utils"
 
 module Parse
   class Agent
@@ -38,6 +40,15 @@ class MCPServer
       # Default port for the MCP server
       @default_port = 3001
 
+      # Maximum allowed request body size (1 MB)
+      MAX_BODY_SIZE = 1_048_576
+
+      # Maximum JSON nesting depth
+      MAX_JSON_NESTING = 20
+
+      # HTTP header for MCP API key authentication
+      MCP_API_KEY_HEADER = "X-MCP-API-Key"
+
       class << self
         attr_accessor :default_port
 
@@ -47,7 +58,7 @@ class << self
         # @param permissions [Symbol] agent permission level
         # @param session_token [String, nil] optional session token
         # @param host [String] host to bind to
-        def run(port: nil, permissions: :readonly, session_token: nil, host: "0.0.0.0")
+        def run(port: nil, permissions: :readonly, session_token: nil, host: "127.0.0.1", api_key: nil)
           unless Parse::Agent.mcp_enabled?
             raise "MCP server not enabled. Call Parse::Agent.enable_mcp! first"
           end
@@ -57,6 +68,7 @@ def run(port: nil, permissions: :readonly, session_token: nil, host: "0.0.0.0")
             permissions: permissions,
             session_token: session_token,
             host: host,
+            api_key: api_key,
           )
           server.start
         end
@@ -77,9 +89,10 @@ def run(port: nil, permissions: :readonly, session_token: nil, host: "0.0.0.0")
       # @param host [String] host to bind to
       # @param permissions [Symbol] agent permission level
       # @param session_token [String, nil] optional session token
-      def initialize(port: 3001, host: "0.0.0.0", permissions: :readonly, session_token: nil)
+      def initialize(port: 3001, host: "127.0.0.1", permissions: :readonly, session_token: nil, api_key: nil)
         @port = port
         @host = host
+        @api_key = api_key || ENV["MCP_API_KEY"]
         @agent = Parse::Agent.new(permissions: permissions, session_token: session_token)
         @server = nil
       end
@@ -116,13 +129,20 @@ def setup_routes
         # MCP endpoint for all protocol messages
         @server.mount_proc("/mcp") { |req, res| handle_mcp_request(req, res) }
 
-        # Health check endpoint
+        # Health check endpoint (unauthenticated - standard for monitoring)
         @server.mount_proc("/health") do |_req, res|
           json_response(res, { status: "ok", mcp_enabled: true })
         end
 
-        # Tool list endpoint (convenience)
-        @server.mount_proc("/tools") do |_req, res|
+        # Tool list endpoint (requires auth if API key is configured)
+        @server.mount_proc("/tools") do |req, res|
+          if @api_key.present?
+            provided_key = req[MCP_API_KEY_HEADER].to_s
+            unless ActiveSupport::SecurityUtils.secure_compare(@api_key, provided_key)
+              error_response(res, 401, "Unauthorized: invalid or missing API key")
+              next
+            end
+          end
           json_response(res, @agent.tool_definitions(format: :mcp))
         end
       end
@@ -133,9 +153,23 @@ def handle_mcp_request(req, res)
           return error_response(res, 405, "Method not allowed")
         end
 
+        # C4: API key authentication
+        if @api_key.present?
+          provided_key = req[MCP_API_KEY_HEADER].to_s
+          unless ActiveSupport::SecurityUtils.secure_compare(@api_key, provided_key)
+            return error_response(res, 401, "Unauthorized: invalid or missing API key")
+          end
+        end
+
+        # C5: Payload size limit
+        raw_body = req.body || "{}"
+        if raw_body.bytesize > MAX_BODY_SIZE
+          return error_response(res, 413, "Payload too large (max #{MAX_BODY_SIZE} bytes)")
+        end
+
         begin
-          body = JSON.parse(req.body || "{}")
-        rescue JSON::ParserError => e
+          body = JSON.parse(raw_body, max_nesting: MAX_JSON_NESTING)
+        rescue JSON::ParserError, JSON::NestingError => e
           return error_response(res, 400, "Invalid JSON: #{e.message}")
         end
 
 
@@ -17,6 +17,16 @@ class Agent
     module Tools
       extend self
 
+      # Methods that are dangerous and should never be invoked via tools.
+      # Defined here (rather than MCPServer) so it's always available.
+      BLOCKED_METHODS = %w[
+        eval exec system ` send __send__ public_send instance_eval class_eval
+        module_eval define_method remove_method undef_method
+        open fork spawn syscall load require require_relative
+        const_get const_set remove_const method binding
+        instance_variable_set instance_variable_get
+      ].freeze
+
       # Default timeout for tool operations (seconds)
       DEFAULT_TIMEOUT = 30
 
@@ -478,8 +488,12 @@ def with_timeout(tool_name)
         raise Agent::ToolTimeoutError.new(tool_name, timeout)
       end
 
-      # Call a method with arguments, handling both positional and keyword args
+      # Call a method with arguments, handling both positional and keyword args.
+      # Validates that the method is not on the blocked list to prevent
+      # code execution via user-controlled method names.
+      # @raise [ArgumentError] if the method is blocked.
       def call_with_args(target, method_sym, args)
+        validate_method_name!(method_sym)
         if args.empty?
           target.public_send(method_sym)
         else
@@ -493,6 +507,15 @@ def call_with_args(target, method_sym, args)
         end
       end
 
+      # Validates that a method name is not on the blocked list.
+      # @param method_name [Symbol, String] the method name to validate.
+      # @raise [ArgumentError] if the method is blocked.
+      def validate_method_name!(method_name)
+        if BLOCKED_METHODS.include?(method_name.to_s)
+          raise ArgumentError, "Method '#{method_name}' is blocked for security reasons"
+        end
+      end
+
       # Serialize method results for JSON output
       def serialize_result(result)
         case result
 
@@ -106,19 +106,20 @@ def request_password_reset(email, headers: {}, **opts)
         request :post, REQUEST_PASSWORD_RESET, body: body, opts: opts, headers: headers
       end
 
-      # Login a user.
+      # Login a user. Implements client-side rate limiting with exponential
+      # backoff after repeated failures to mitigate brute force attacks.
       # @param username [String] the Parse user username.
       # @param password [String] the Parse user's associated password.
       # @param headers [Hash] additional HTTP headers to send with the request.
       # @param opts [Hash] additional options to pass to the {Parse::Client} request.
       # @return [Parse::Response]
       def login(username, password, headers: {}, **opts)
-        # Probably pass Installation-ID as header
-        query = { username: username, password: password }
+        check_login_rate_limit!(username)
+        body = { username: username, password: password }
         headers.merge!({ Parse::Protocol::REVOCABLE_SESSION => "1" })
-        # headers.merge!( { Parse::Protocol::INSTALLATION_ID => ''} )
-        response = request :get, LOGIN_PATH, query: query, headers: headers, opts: opts
+        response = request :post, LOGIN_PATH, body: body, headers: headers, opts: opts
         response.parse_class = Parse::Model::CLASS_USER
+        track_login_attempt(username, response.success?)
         response
       end
 
@@ -137,6 +138,7 @@ def login(username, password, headers: {}, **opts)
       # @example
       #   response = client.login_with_mfa("john", "password123", "123456")
       def login_with_mfa(username, password, mfa_token, headers: {}, **opts)
+        check_login_rate_limit!(username)
         # Parse Server expects authData to be sent with POST for MFA login
         body = {
           username: username,
@@ -150,6 +152,7 @@ def login_with_mfa(username, password, mfa_token, headers: {}, **opts)
         headers.merge!({ Parse::Protocol::REVOCABLE_SESSION => "1" })
         response = request :post, LOGIN_PATH, body: body, headers: headers, opts: opts
         response.parse_class = Parse::Model::CLASS_USER
+        track_login_attempt(username, response.success?)
         response
       end
 
@@ -176,6 +179,68 @@ def signup(username, password, email = nil, body: {}, **opts)
         body[:email] = email || body[:email]
         create_user(body, opts)
       end
+      private
+
+      # @!visibility private
+      # Thread-safe tracker for login rate limiting. Keys are usernames, values are
+      # { failures: Integer, locked_until: Time }.
+      def login_rate_limits
+        @login_rate_limit_mutex ||= Mutex.new
+        @login_rate_limits ||= {}
+      end
+
+      # Maximum consecutive failures before lockout.
+      LOGIN_MAX_FAILURES = 5
+      # Base delay in seconds for exponential backoff.
+      LOGIN_BASE_DELAY = 2
+      # Maximum number of tracked usernames before cleanup.
+      LOGIN_RATE_LIMIT_MAX_ENTRIES = 10_000
+      # Entries older than this (seconds) are eligible for cleanup.
+      LOGIN_RATE_LIMIT_TTL = 600
+
+      # Checks if a login attempt is allowed for the given username.
+      # @raise [RuntimeError] if the account is temporarily locked out.
+      def check_login_rate_limit!(username)
+        @login_rate_limit_mutex ||= Mutex.new
+        @login_rate_limit_mutex.synchronize do
+          entry = login_rate_limits[username]
+          return unless entry
+          if entry[:locked_until] && Time.now < entry[:locked_until]
+            wait = (entry[:locked_until] - Time.now).ceil
+            raise "Login rate limited for '#{username}'. Try again in #{wait} seconds."
+          end
+        end
+      end
+
+      # Records a login attempt result and applies exponential backoff on failure.
+      def track_login_attempt(username, success)
+        @login_rate_limit_mutex ||= Mutex.new
+        @login_rate_limit_mutex.synchronize do
+          if success
+            login_rate_limits.delete(username)
+          else
+            entry = login_rate_limits[username] || { failures: 0, locked_until: nil }
+            entry[:failures] += 1
+            if entry[:failures] >= LOGIN_MAX_FAILURES
+              delay = LOGIN_BASE_DELAY**(entry[:failures] - LOGIN_MAX_FAILURES + 1)
+              delay = [delay, 300].min # cap at 5 minutes
+              entry[:locked_until] = Time.now + delay
+            end
+            login_rate_limits[username] = entry
+          end
+          # Periodic cleanup of expired entries to prevent memory leak
+          cleanup_login_rate_limits if login_rate_limits.size > LOGIN_RATE_LIMIT_MAX_ENTRIES
+        end
+      end
+
+      # Removes expired entries from the rate limit tracker.
+      def cleanup_login_rate_limits
+        now = Time.now
+        login_rate_limits.delete_if do |_username, entry|
+          entry[:locked_until].nil? || (now - entry[:locked_until]) > LOGIN_RATE_LIMIT_TTL
+        end
+      end
+
     end # Users
   end #API
 end #Parse
@@ -303,11 +303,18 @@ def initialize(opts = {})
       @api_key = opts[:api_key] || opts[:rest_api_key] || ENV["PARSE_SERVER_REST_API_KEY"] || ENV["PARSE_API_KEY"]
       @master_key = opts[:master_key] || ENV["PARSE_SERVER_MASTER_KEY"] || ENV["PARSE_MASTER_KEY"]
 
-      # Security warning for HTTP usage (except localhost/127.0.0.1 for development)
+      @require_https = opts.fetch(:require_https, ENV["PARSE_REQUIRE_HTTPS"] == "true")
+
+      # Security check for HTTP usage (except localhost/127.0.0.1 for development)
       if @server_url&.start_with?("http://") && !@server_url.match?(%r{^http://(localhost|127\.0\.0\.1)(:|/)})
-        warn "[Parse::Client] SECURITY WARNING: Using HTTP instead of HTTPS for Parse server. " \
-             "This exposes credentials and data to network interception. " \
-             "Use HTTPS in production: #{@server_url}"
+        if @require_https
+          raise ArgumentError, "[Parse::Client] HTTPS required but server URL uses HTTP: #{@server_url}. " \
+                               "Set require_https: false or use an HTTPS URL."
+        else
+          warn "[Parse::Client] SECURITY WARNING: Using HTTP instead of HTTPS for Parse server. " \
+               "This exposes credentials and data to network interception. " \
+               "Use HTTPS in production: #{@server_url}"
+        end
       end
 
       # Determine the HTTP adapter to use
 
@@ -32,13 +32,24 @@ class BodyBuilder < Faraday::Middleware
       HTTP_METHOD_OVERRIDE = "X-Http-Method-Override"
       # Maximum url length for most server requests before HTTP Method Override is used.
       MAX_URL_LENGTH = 2_000.freeze
+      # Fields that should be redacted from log output.
+      SENSITIVE_FIELDS = %w[password token sessionToken session_token access_token authData].freeze
+      SENSITIVE_PATTERN = /(#{SENSITIVE_FIELDS.join("|")})(["']?\s*[=:>]\s*["']?)([^"&\s,}\]]+)/i
+
       class << self
         # Allows logging. Set to `true` to enable logging, `false` to disable.
         # You may specify `:debug` for additional verbosity.
         # @return [Boolean]
         attr_accessor :logging
       end
 
+      # Redacts sensitive fields from a string for safe logging.
+      # @param str [String] the string to redact.
+      # @return [String] the redacted string.
+      def self.redact(str)
+        str.to_s.gsub(SENSITIVE_PATTERN) { "#{$1}#{$2}[FILTERED]" }
+      end
+
       # Thread-safety
       # @!visibility private
       def call(env)
@@ -67,21 +78,21 @@ def call!(env)
         end
 
         if self.class.logging
-          puts "[Request #{env.method.upcase}] #{env[:url]}"
+          puts "[Request #{env.method.upcase}] #{self.class.redact(env[:url].to_s)}"
           env[:request_headers].each do |k, v|
             next if k == Parse::Protocol::MASTER_KEY
             puts "[Header] #{k} : #{v}"
           end
 
-          puts "[Request Body] #{env[:body]}"
+          puts "[Request Body] #{self.class.redact(env[:body].to_s)}"
         end
         @app.call(env).on_complete do |response_env|
           # on a response, create a new Parse::Response and replace the :body
           # of the env
           # @todo CHECK FOR HTTP STATUS CODES
           if self.class.logging
             puts "[[Response #{response_env[:status]}]] ----------------------------------"
-            puts response_env.body
+            puts self.class.redact(response_env.body.to_s)
             puts "[[Response]] --------------------------------------\n"
           end
 
 
@@ -3,6 +3,7 @@
 
 require "faraday"
 require "moneta"
+require "digest"
 require_relative "protocol"
 
 module Parse
@@ -127,7 +128,8 @@ def call!(env)
 
         if @request_headers.key?(SESSION_TOKEN)
           @session_token = @request_headers[SESSION_TOKEN]
-          @cache_key = "#{@session_token}:#{@cache_key}" # prefix tokens
+          hashed_token = Digest::SHA256.hexdigest(@session_token.to_s)[0, 32]
+          @cache_key = "#{hashed_token}:#{@cache_key}" # prefix with hashed token
         elsif @request_headers.key?(MASTER_KEY)
           @cache_key = "mk:#{@cache_key}" # prefix for master key requests
         end