Initial Checks
Description
Hello, we're trying to get MCP server working with auth in ChatGPT, and I believe I encountered a small bug. OpenAI sends an auth request with &scope=. This seems to imply that it is requesting no scopes.
However, in mcp/shared/auth.py, the code fails with the error message Client+was+not+registered+with+scope+ because requested_scope.split(" ") parses as [""], and so it checks that "" is an allowed scope.
The code causing the error is as follows:
def validate_scope(self, requested_scope: str | None) -> list[str] | None:
if requested_scope is None:
return None
requested_scopes = requested_scope.split(" ")
allowed_scopes = [] if self.scope is None else self.scope.split(" ")
for scope in requested_scopes:
if scope not in allowed_scopes:
raise InvalidScopeError(f"Client was not registered with scope {scope}")
return requested_scopesIt seems that the code should probably be changed to look something like this:
def validate_scope(self, requested_scope: str | None) -> list[str] | None:
if requested_scope is None:
return None
if requested_scope == "":
return []
requested_scopes = requested_scope.split(" ")
allowed_scopes = [] if self.scope is None else self.scope.split(" ")
for scope in requested_scopes:
if scope not in allowed_scopes:
raise InvalidScopeError(f"Client was not registered with scope {scope}")
return requested_scopesExample Code
Python & MCP Python SDK
Python version 3.12.7
`mcp==1.9.4`
Initial Checks
Description
Hello, we're trying to get MCP server working with auth in ChatGPT, and I believe I encountered a small bug. OpenAI sends an auth request with
&scope=. This seems to imply that it is requesting no scopes.However, in
mcp/shared/auth.py, the code fails with the error messageClient+was+not+registered+with+scope+becauserequested_scope.split(" ")parses as[""], and so it checks that""is an allowed scope.The code causing the error is as follows:
It seems that the code should probably be changed to look something like this:
Example Code
Python & MCP Python SDK