phoenix-oss/open-mcp-auth-proxy-upstream
0
0
Fork 1
mirror of https://github.com/wso2/open-mcp-auth-proxy.git synced 2025-06-27 17:13:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
Authentication and Authorization Proxy for MCP Servers
10 commits 10 branches 3 tags 299 KiB
Find a file
Thilina Shashimal Senarath 960261fc80 fix standard auth
2025-04-03 02:53:14 +05:30
cmd/proxy fix standard auth 2025-04-03 02:53:14 +05:30
internal fix standard auth 2025-04-03 02:53:14 +05:30
.gitignore improve readme 2025-04-02 18:22:36 +05:30
config.yaml fix standard auth 2025-04-03 02:53:14 +05:30
go.mod improve readme 2025-04-02 18:22:36 +05:30
issue_template.md Add Issue Template 2025-04-02 10:47:50 +05:30
LICENSE Initial commit 2025-04-02 10:45:59 +05:30
pull_request_template.md Add Pull Request Template 2025-04-02 10:47:51 +05:30
README.md fix minor issue 2025-04-02 22:50:33 +05:30

README.md

open-mcp-auth-proxy

Overview

OpenMCPAuthProxy is a security middleware that implements the Model Context Protocol (MCP) Authorization Specification (2025-03-26). It functions as a proxy between clients and MCP servers, providing robust authentication and authorization capabilities. The proxy intercepts incoming requests, validates authentication tokens, and forwards only authorized requests to the underlying MCP server, enhancing the security posture of your MCP deployment.

Setup and Installation

Prerequisites

  • Go 1.20 or higher

Installation

git clone https://github.com/wso2/open-mcp-auth-proxy
cd open-mcp-auth-proxy
go build -o openmcpauthproxy ./cmd/proxy

Configuration

Create a configuration file config.yaml with the following parameters:

demo mode configuration:

mcp_server_base_url: "http://localhost:8000"  # URL of your MCP server
listen_address: ":8080"                       # Address where the proxy will listen

asgardeo configuration:

mcp_server_base_url: "http://localhost:8000"  # URL of your MCP server
listen_address: ":8080"                       # Address where the proxy will listen

asgardeo:
    org_name: "your-org-name"
    client_id: "your-client-id"
    client_secret: "your-client-secret"

Usage Example

1. Start the MCP Server

Create a file named echo_server.py:

from mcp.server.fastmcp import FastMCP

mcp = FastMCP("Echo")


@mcp.resource("echo://{message}")
def echo_resource(message: str) -> str:
    """Echo a message as a resource"""
    return f"Resource echo: {message}"


@mcp.tool()
def echo_tool(message: str) -> str:
    """Echo a message as a tool"""
    return f"Tool echo: {message}"


@mcp.prompt()
def echo_prompt(message: str) -> str:
    """Create an echo prompt"""
    return f"Please process this message: {message}"

if __name__ == "__main__":
    mcp.run(transport="sse")

Run the server:

python3 echo_server.py

2. Start the Auth Proxy

./openmcpauthproxy --demo

The --demo flag enables a demonstration mode with pre-configured authentication with Asgardeo You can also use the --asgardeo flag to use your own Asgardeo configuration.

3. Connect Using an MCP Client

You can use the MCP Inspector to test the connection:

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.