forked from punkpeye/fastmcp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoauth-integrated-server.ts
More file actions
108 lines (94 loc) · 3.16 KB
/
Copy pathoauth-integrated-server.ts
File metadata and controls
108 lines (94 loc) · 3.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
/**
* Example FastMCP server with INTEGRATED OAuth Proxy
*
* This example shows the seamless Python-style integration where
* OAuth routes are automatically registered - no manual setup needed!
*
* Run with: node dist/examples/oauth-integrated-server.js
*/
import { getAuthSession, GoogleProvider, requireAuth } from "../auth/index.js";
import { FastMCP } from "../FastMCP.js";
// Create FastMCP server with OAuth Provider
// Just pass the provider via `auth` - routes are automatically registered!
const server = new FastMCP({
auth: new GoogleProvider({
baseUrl: "http://localhost:4300",
clientId: process.env.GOOGLE_CLIENT_ID || "your-google-client-id",
clientSecret:
process.env.GOOGLE_CLIENT_SECRET || "your-google-client-secret",
consentRequired: true,
scopes: ["openid", "profile", "email"],
}),
name: "OAuth Integrated Server",
version: "1.0.0",
});
// Add tools as normal
server.addTool({
description: "Get current timestamp",
execute: async () => {
return {
content: [
{
text: `Current time: ${new Date().toISOString()}`,
type: "text" as const,
},
],
};
},
name: "get-time",
});
server.addTool({
canAccess: requireAuth, // Only show this tool to authenticated users
description: "Get user information (requires OAuth)",
execute: async (_, { session }) => {
const { accessToken } = getAuthSession(session);
return {
content: [
{
text: `Authenticated! Token starts with: ${accessToken.slice(0, 8)}...`,
type: "text" as const,
},
],
};
},
name: "get-user-info",
});
// Start the server
await server.start({
httpStream: { port: 4300 },
transportType: "httpStream",
});
console.log(`
🚀 OAuth Integrated Server is running!
Base URL: http://localhost:4300
MCP Endpoints:
- HTTP Stream: http://localhost:4300/mcp
- SSE: http://localhost:4300/sse
- Health: http://localhost:4300/health
OAuth Endpoints (automatically registered!):
- Registration (DCR): http://localhost:4300/oauth/register
- Authorization: http://localhost:4300/oauth/authorize
- Token: http://localhost:4300/oauth/token
- Callback: http://localhost:4300/oauth/callback
- Consent: http://localhost:4300/oauth/consent
Discovery:
- OAuth Server Metadata: http://localhost:4300/.well-known/oauth-authorization-server
Complete OAuth Flow:
1. Client registers via DCR → receives Google credentials
2. Client initiates authorization → user sees consent screen
3. User approves → redirected to Google
4. Google authenticates user → redirects back to proxy
5. Proxy generates auth code → redirects to client
6. Client exchanges code for tokens → ready to use!
Environment Variables:
- GOOGLE_CLIENT_ID: Your Google OAuth client ID
- GOOGLE_CLIENT_SECRET: Your Google OAuth client secret
Google OAuth App Setup:
1. Go to https://console.cloud.google.com/apis/credentials
2. Create OAuth 2.0 Client ID
3. Add authorized redirect URI: http://localhost:4300/oauth/callback
4. Copy client ID and secret to environment variables
Python-Style Integration:
This TypeScript server works exactly like Python FastMCP!
Just use auth: new GoogleProvider({...}) and go! 🎉
`);