-
Notifications
You must be signed in to change notification settings - Fork 306
/
Copy path08_auth_example_token_passthrough.py
58 lines (47 loc) · 1.25 KB
/
08_auth_example_token_passthrough.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
"""
This example shows how to reject any request without a valid token passed in the Authorization header.
In order to configure the auth header, the config file for the MCP server should looks like this:
```json
{
"mcpServers": {
"remote-example": {
"command": "npx",
"args": [
"mcp-remote",
"http://localhost:8000/mcp",
"--header",
"Authorization:${AUTH_HEADER}"
]
},
"env": {
"AUTH_HEADER": "Bearer <your-token>"
}
}
}
```
"""
from examples.shared.apps.items import app # The FastAPI app
from examples.shared.setup import setup_logging
from fastapi import Depends
from fastapi.security import HTTPBearer
from fastapi_mcp import FastApiMCP, AuthConfig
setup_logging()
# Scheme for the Authorization header
token_auth_scheme = HTTPBearer()
# Create a private endpoint
@app.get("/private")
async def private(token = Depends(token_auth_scheme)):
return token.credentials
# Create the MCP server with the token auth scheme
mcp = FastApiMCP(
app,
name="Protected MCP",
auth_config=AuthConfig(
dependencies=[Depends(token_auth_scheme)],
),
)
# Mount the MCP server
mcp.mount()
if __name__ == "__main__":
import uvicorn
uvicorn.run(app, host="0.0.0.0", port=8000)