MCP OAuth Server
by asibyl
This project implements a Streamable HTTP MCP Server with browser-based OAuth, enabling client authorization through the MCP Server using a custom OAuthProvider for GitHub. It supports handling authorized client requests after verifying access tokens.
Last updated: N/A
What is MCP OAuth Server?
This is a Streamable HTTP MCP Server that provides browser-based client authorization using GitHub's OAuth. It allows clients to request authorization through the MCP Server and handles authorized client requests by verifying access tokens.
How to use MCP OAuth Server?
To use this server: 1. Clone the repository. 2. Install dependencies using npm install. 3. Create an OAuth app on GitHub and note the Client ID and Client Secret. 4. Set the GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET environment variables. 5. Start the server using npx tsx server/index_streamable.ts.
Key features of MCP OAuth Server
Streamable HTTP Server
Browser-based client authorization using GitHub's OAuth
Access token verification
OAuthProvider implementation for GitHub
PKCE verifier and challenge generation
Authorization code management
Use cases of MCP OAuth Server
Securing MCP client requests
Implementing OAuth flow for MCP services
Integrating with GitHub for user authentication
Building a secure MCP server infrastructure
FAQ from MCP OAuth Server
What is PKCE?
What is PKCE?
PKCE (Proof Key for Code Exchange) is a security extension to OAuth 2.0 that mitigates authorization code interception attacks.
What environment variables are required?
What environment variables are required?
The GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET environment variables are required to connect to GitHub's OAuth service.
How does the server handle expired access tokens?
How does the server handle expired access tokens?
The server verifies the access token included in the Authorization header. If it's expired (or not recognized), the server returns an error.
What is the purpose of the /authorize endpoint?
What is the purpose of the /authorize endpoint?
The /authorize endpoint is used to initiate the OAuth flow, generating the PKCE verifier and challenge and redirecting the user to GitHub for authorization.
What is the purpose of the /token endpoint?
What is the purpose of the /token endpoint?
The /token endpoint is used by the client to exchange the authorization code for an access token after the user has authorized the application on GitHub.