Skip to content

Enable MCP auth for NAT MCP clients #752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 35 commits into
base: develop
Choose a base branch
from
Draft

Enable MCP auth for NAT MCP clients #752

wants to merge 35 commits into from
+1,302 −138

Conversation

AnuradhaKaruppiah
Copy link
Contributor

@AnuradhaKaruppiah AnuradhaKaruppiah commented Sep 3, 2025
edited
Loading

Description

MCP Auth support is a three party arch that involves a handshake between the MCP client, the MCP Server and an external AuthServer.

This PR brings auth support for streamable-http MCP clients via:

  1. The existing oauth2_auth_code_flow in NAT. This requires the AuthServer and OauthCliient information to be configured on the MCP client.
  2. A new mcp_oauth2 provider which allows the MCP client to dynamically discover the the AuthServer (from the MCP Server) and register the client information dynamically before delegation authentication to the existing NAT oauth2_auth_code_flow.

This PR focuses on the MCP client side implementation with the MCP server using a stub token verifier to validate the e2e protected MCP flow. The MCP Server changes to enable TokenVerification with Auth Server Introspection are in a separate PR.

Other changes:

  1. Schema translation code has been moved to an utils file

Doc:
MCP documentation is in progress and will be re-written when all relevant PRs are merged

By Submitting this PR I confirm:

  • I am familiar with the Contributing Guidelines.
  • We require that all contributors "sign-off" on their commits. This certifies that the contribution is your original work, or you have rights to submit it under the same license, or a compatible license.
    • Any contribution which contains commits that are not Signed-Off will not be accepted.
  • When the PR is ready for review, new or existing tests cover these changes.
  • When the PR is ready for review, the documentation is up to date with these changes.

@AnuradhaKaruppiah AnuradhaKaruppiah self-assigned this Sep 3, 2025
@AnuradhaKaruppiah AnuradhaKaruppiah added skip-ci Optionally Skip CI for this PR DO NOT MERGE PR should not be merged; see PR for details labels Sep 3, 2025
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Sep 3, 2025
edited
Loading

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@AnuradhaKaruppiah
Minor docs enhancements
11a9fd3 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add a stub token verifier on the server side
6ae33b6 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add auth config to the MCP client
883c3f8 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Document the client and server auth config options
47a2a77 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add notes on how client discovery happens
b694fff 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Minor doc updates
ef1740e 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Merge remote-tracking branch 'upstream/develop' into ak-mcp-auth
b905bda
@AnuradhaKaruppiah
Update docs with AuthenticationRef
183dfc4 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Move MCP auth config to AuthenticationRef
69b771e 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Merge remote-tracking branch 'upstream/develop' into ak-mcp-auth
bc5ae77
@AnuradhaKaruppiah
Add sample mcp auth config file
8574a57 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Config fixup
e070756 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Setup MCP session without auth for dynamic tool discovery
f137c73 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Remove auth session from exit stack for now
3bac053 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Use httpx Auth for intercepting HTTP requests and adding the header
4d779f3 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Enable auth for tool calls only
a434bdd 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Drop auth session
2e2a1cb 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Remove auth support for SSE
5393fef 
Requires jumping thru many hoops

Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Move MCP schema to model conversion code to an utils file
218eb0a 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah AnuradhaKaruppiah changed the title [DONT MERGE] Experimental changes for MCP Auth Enable MCP auth for NAT MCP clients Sep 11, 2025
@AnuradhaKaruppiah
Update tool the in the mcp auth example
5975595 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Drop unnecessary NAT prefix from the class name
cec64da 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Refactor mcp-oauth2 files
81e35cd 
Prep for creating the provider

Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add MCP server in the Auth provider config
323c142 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add a new MCP oauth2 provider
9c02c0a 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Minor fixups
e9ffa4d 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Merge remote-tracking branch 'upstream/develop' into ak-mcp-auth
d3011ad
@AnuradhaKaruppiah
Some more fixes needed here
cf66e19 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Move to using pydantic models defined in mcp auth.py
1250a6d 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add an option to effective scopes from the auth server
6360e8e 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add a lock for discovery, DCR and deletgate building
373e773 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Add unncessary key comp
65cb9ed 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Minor fixups
2c9553c 
Signed-off-by: Anuradha Karuppiah <[email protected]>
@AnuradhaKaruppiah
Rename auth provider files for consistency
089f424 
Signed-off-by: Anuradha Karuppiah <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@AnuradhaKaruppiah AnuradhaKaruppiah

Labels
DO NOT MERGE PR should not be merged; see PR for details skip-ci Optionally Skip CI for this PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@AnuradhaKaruppiah