fix: MCP authorization parameter implementation (#4052)

# What does this PR do? Adding a user-facing `authorization ` parameter to MCP tool definitions that allows users to explicitly configure credentials per MCP server, addressing GitHub Issue #4034 in a secure manner. ## Test Plan tests/integration/responses/test_mcp_authentication.py --------- Co-authored-by: Omar Abdelwahab <omara@fb.com> Co-authored-by: Ashwin Bharambe <ashwin.bharambe@gmail.com>
2025-12-06 18:40:57 +00:00 · 2025-11-14 08:54:42 -08:00 · 2025-11-14 08:54:42 -08:00 · eb545034ab
commit eb545034ab
parent dc49ad3f89
34 changed files with 5205 additions and 62 deletions
--- a/src/llama_stack_api/openai_responses.py
+++ b/src/llama_stack_api/openai_responses.py
@ -490,6 +490,7 @@ class OpenAIResponseInputToolMCP(BaseModel):
    :param server_label: Label to identify this MCP server
    :param server_url: URL endpoint of the MCP server
    :param headers: (Optional) HTTP headers to include when connecting to the server
+    :param authorization: (Optional) OAuth access token for authenticating with the MCP server
    :param require_approval: Approval requirement for tool calls ("always", "never", or filter)
    :param allowed_tools: (Optional) Restriction on which tools can be used from this server
    """
@ -498,6 +499,7 @@ class OpenAIResponseInputToolMCP(BaseModel):
    server_label: str
    server_url: str
    headers: dict[str, Any] | None = None
+    authorization: str | None = Field(default=None, exclude=True)

    require_approval: Literal["always"] | Literal["never"] | ApprovalFilter = "never"
    allowed_tools: list[str] | AllowedToolsFilter | None = None