Skip to content

[FEAT] added support for AuthInfo in extra for StreamableHTTPServerTransport #399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

its-nikhil
Copy link

@its-nikhil its-nikhil commented Apr 24, 2025

Includes the req.auth AuthInfo that's set by the MCP Server bearer auth middleware in the server request handler via Streamable HTTP Transport, allowing for distinguishing of users in requests (eg. tool use).

Motivation and Context

Authorisation token passed through the client (MCP inspector) needs to be used by tools implemented by the server to make sure that they can get user specific data.
Implementation has been inspired from SSE Transport - #166

How Has This Been Tested?

Added unit tests ensuring:

  • AuthInfo is passed down to tool call
  • Validate AutoInfo to be optional

Breaking Changes

None

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

Fixes #398

@sbosio
Copy link

sbosio commented Apr 25, 2025

We tested this on a POC implementing an stateless server with Streamable HTTP Transport and it worked perfectly. It's the missing piece that allowed us to test our approach for a stateless server supporting OAuth-based authentication end-to-end. Great work!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[StreamableHTTPServerTransport] Support passing auth context downstream into tool/prompt handlers
2 participants