Skip to content

FEAT: enables oauth proxy capability #1075

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from

Conversation

jessesanford
Copy link

@jessesanford jessesanford commented Jul 3, 2025

Enables a pass through OAuth server to mask upstream auth server lacking DCR.

Motivation and Context

I sometimes want to auth my mcp server against authentication severs that do not have DCR enabled.

How Has This Been Tested?

I have tested this with my cursor client and the example MCP server included. I have also run the unit tests and made sure that more were added for this new functionality.

Breaking Changes

None

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

This proxy server simply intercepts part of the 3LO oauth handshake. Specifically the /register portion all tokens are still minted and checked by the upstream server.

@jessesanford jessesanford force-pushed the oauth-proxy branch 2 times, most recently from 49c7ed9 to df9ad3f Compare July 3, 2025 14:30
@jessesanford jessesanford marked this pull request as draft July 3, 2025 14:31
@jessesanford jessesanford force-pushed the oauth-proxy branch 20 times, most recently from 1b83000 to cd4eff5 Compare July 10, 2025 00:18
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
@jessesanford jessesanford changed the title DRAFT: FEAT: enables oauth proxy capability FEAT: enables oauth proxy capability Jul 10, 2025
@jessesanford jessesanford marked this pull request as ready for review July 10, 2025 00:25
@jessesanford jessesanford marked this pull request as draft July 10, 2025 03:36
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
@jessesanford jessesanford force-pushed the oauth-proxy branch 2 times, most recently from 5b2a118 to dc8c68f Compare July 10, 2025 06:34
Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant