Skip to content

feat: tested Sanctum support #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 21 commits into from
Sep 15, 2025
Merged

feat: tested Sanctum support #33

merged 21 commits into from
Sep 15, 2025

Conversation

@ashleyhindle
Copy link
Collaborator

@ashleyhindle ashleyhindle commented Sep 8, 2025
edited
Loading

What & Why

  • ReorderJsonAccept Middleware
    We need this for MCP routes so the 'authenticate' middleware returns a JSON 401, even if the JSON isn't the first preference in the 'Accept' header.
    This happens in VS Code for example where its Accept header asks for text-event-stream first, then application/json, but it still expects a JSON 401 response or it breaks.
  • AddWwwAuthenticateHeader Middleware
    We need this to signal to the MCP client where to go to be able to authenticate the user. This is an OAuth requirement, but we return it for Sanctum also with an error message to aid debugging.

How I tested

  1. Used Locket with OAuth and Sanctum

ashleyhindle and others added 10 commits September 8, 2025 16:55
@ashleyhindle
feat: add reorder JSON accept middleware
53d7ca3 
We need this for MCP routes so the 'authenticate' middleware returns a JSON 401, even if the JSON isn't the first preference in the 'Accept' header.

This happens in VS Code for example where its Accept header asks for text-event-stream first, then application/json, but it still expects a JSON 401 response or it breaks.
@ashleyhindle
feat: add reorder json accept middleware to http servers
fa776b1
@ashleyhindle @github-actions
Fix code styling
2dc6c0e
@ashleyhindle
feat: fix registrar static analysis issues
e8739a0
@ashleyhindle
feat: adds test for 405 response to GET /mcp
b1edabe
@ashleyhindle
feat: correctly return 202 status if response is empty
501bc81 
MCP specification expects 202 status code to empty responses from pings/notifications
@ashleyhindle
feat: improve mcp inspector command
7c5f353
@ashleyhindle
feat: add www-authenticate header for OAuth and Sanctum
c2dee35
@ashleyhindle
docs: add basic sanctum docs to README
91da1b4
@ashleyhindle
feat: slight oauth improvement
58335d4
ashleyhindle
ashleyhindle commented Sep 8, 2025
View reviewed changes
@ashleyhindle ashleyhindle marked this pull request as ready for review September 8, 2025 19:18
@ashleyhindle ashleyhindle changed the title feat: add reorder JSON accept middleware feat: tested Sanctum support Sep 8, 2025
@ashleyhindle ashleyhindle merged commit 83bab33 into main Sep 15, 2025
@ashleyhindle ashleyhindle deleted the ai-121-sanctum-auth-works-great branch September 15, 2025 08:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nunomaduro nunomaduro Awaiting requested review from nunomaduro

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ashleyhindle