From 92db9f5d1355229aa46f47e3af8001674272fb25 Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Wed, 16 Apr 2025 16:54:00 +0530 Subject: [PATCH 01/13] Add release workflow --- .github/scripts/release.sh | 41 ++++++++++++++++++++--------------- .github/workflows/release.yml | 3 +++ Makefile | 3 +++ 3 files changed, 29 insertions(+), 18 deletions(-) diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index 35568a2..3cc1041 100644 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -13,36 +13,41 @@ set -e set -o pipefail UPSTREAM_BRANCH="main" +# Check the number of arguments passed. +if [ "$#" -ne 3 ]; then + echo "Error: Invalid or insufficient arguments provided!" >&2 + echo "Usage: $0 " >&2 + exit 1 +fi # Assign command line arguments to variables. GIT_TOKEN=$1 WORK_DIR=$2 VERSION_TYPE=$3 # possible values: major, minor, patch - Check if GIT_TOKEN is empty -if [ -z "$GIT_TOKEN" ]; then - echo "❌ Error: GIT_TOKEN is not set." - exit 1 -fi - -# Check if WORK_DIR is empty -if [ -z "$WORK_DIR" ]; then - echo "❌ Error: WORK_DIR is not set." - exit 1 -fi - -# Validate VERSION_TYPE -if [[ "$VERSION_TYPE" != "major" && "$VERSION_TYPE" != "minor" && "$VERSION_TYPE" != "patch" ]]; then - echo "❌ Error: VERSION_TYPE must be one of: major, minor, or patch." - exit 1 -fi - BUILD_DIRECTORY="$WORK_DIR/build" RELEASE_DIRECTORY="$BUILD_DIRECTORY/releases" +# Configuration variables. +GIT_EMAIL="iam-cloud@wso2.com" +GIT_USERNAME="wso2-iam-cloud-bot" +UPSTREAM_REPO_URL="https://github.com/wso2/open-mcp-auth-proxy.git" +UPSTREAM_BRANCH="main" + +# Configure git. +git config --global user.email "${GIT_EMAIL}" +git config --global user.name "${GIT_USERNAME}" + # Navigate to the working directory. cd "${WORK_DIR}" +# Set 'origin' to point to the upstream repository. +git remote set-url origin "${UPSTREAM_REPO_URL}" + +# Ensure the latest changes are pulled. +git checkout ${UPSTREAM_BRANCH} +git pull + # Create the release directory. if [ ! -d "$RELEASE_DIRECTORY" ]; then mkdir -p "$RELEASE_DIRECTORY" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e55f6b6..63e56b6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,6 +10,9 @@ name: Release on: + pull_request: + branches: [ main ] + types: [closed] workflow_dispatch: inputs: version_type: diff --git a/Makefile b/Makefile index c9ef883..1a8495b 100644 --- a/Makefile +++ b/Makefile @@ -31,18 +31,21 @@ build: clean test build-linux build-linux-arm build-darwin build-linux: mkdir -p $(BUILD_DIR)/linux GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ + -X 'main.buildDate=$$(date -u '+%Y-%m-%d %H:%M:%S UTC')'" \ -o $(BUILD_DIR)/linux/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/linux build-linux-arm: mkdir -p $(BUILD_DIR)/linux-arm GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ + -X 'main.buildDate=$$(date -u '+%Y-%m-%d %H:%M:%S UTC')'" \ -o $(BUILD_DIR)/linux-arm/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/linux-arm build-darwin: mkdir -p $(BUILD_DIR)/darwin GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ + -X 'main.buildDate=$$(date -u '+%Y-%m-%d %H:%M:%S UTC')'" \ -o $(BUILD_DIR)/darwin/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/darwin From 9ad508f127f4d628f4d01011e15082779637c56f Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Fri, 18 Apr 2025 11:49:30 +0530 Subject: [PATCH 02/13] Debug release workflow --- .github/scripts/release.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index 3cc1041..2afe872 100644 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -82,8 +82,13 @@ echo "Creating release packages for version $NEW_VERSION..." # List of supported OSes. oses=("linux" "linux-arm" "darwin") +cd "${BUILD_DIRECTORY}" + +ls -a + # Navigate to the release directory. -cd "${RELEASE_DIRECTORY}" +#cd "${RELEASE_DIRECTORY}" +cd "/releases" for os in "${oses[@]}"; do os_dir="../$os" From b8718bb636537f05c68c21f93f6b25149c2abb60 Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Fri, 18 Apr 2025 12:25:16 +0530 Subject: [PATCH 03/13] Remove git pull --- .github/scripts/release.sh | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index 2afe872..9188b94 100644 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -28,26 +28,9 @@ VERSION_TYPE=$3 # possible values: major, minor, patch BUILD_DIRECTORY="$WORK_DIR/build" RELEASE_DIRECTORY="$BUILD_DIRECTORY/releases" -# Configuration variables. -GIT_EMAIL="iam-cloud@wso2.com" -GIT_USERNAME="wso2-iam-cloud-bot" -UPSTREAM_REPO_URL="https://github.com/wso2/open-mcp-auth-proxy.git" -UPSTREAM_BRANCH="main" - -# Configure git. -git config --global user.email "${GIT_EMAIL}" -git config --global user.name "${GIT_USERNAME}" - # Navigate to the working directory. cd "${WORK_DIR}" -# Set 'origin' to point to the upstream repository. -git remote set-url origin "${UPSTREAM_REPO_URL}" - -# Ensure the latest changes are pulled. -git checkout ${UPSTREAM_BRANCH} -git pull - # Create the release directory. if [ ! -d "$RELEASE_DIRECTORY" ]; then mkdir -p "$RELEASE_DIRECTORY" From 0de291fc8724e50521f4125bf54c02c20d571659 Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Fri, 18 Apr 2025 12:29:10 +0530 Subject: [PATCH 04/13] Fix copy command --- .github/scripts/release.sh | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index 9188b94..57d2823 100644 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -65,13 +65,8 @@ echo "Creating release packages for version $NEW_VERSION..." # List of supported OSes. oses=("linux" "linux-arm" "darwin") -cd "${BUILD_DIRECTORY}" - -ls -a - # Navigate to the release directory. -#cd "${RELEASE_DIRECTORY}" -cd "/releases" +cd "${RELEASE_DIRECTORY}" for os in "${oses[@]}"; do os_dir="../$os" From 10f87b881d8a13f529f903f899b7e622dc0ebe26 Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Fri, 18 Apr 2025 13:36:13 +0530 Subject: [PATCH 05/13] Configure the release to be triggered on workflow dispatch only --- .github/scripts/release.sh | 18 ++++++++++++++++++ .github/workflows/release.yml | 3 --- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index 57d2823..ebffc94 100644 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -25,6 +25,24 @@ GIT_TOKEN=$1 WORK_DIR=$2 VERSION_TYPE=$3 # possible values: major, minor, patch + Check if GIT_TOKEN is empty +if [ -z "$GIT_TOKEN" ]; then + echo "❌ Error: GIT_TOKEN is not set." + exit 1 +fi + +# Check if WORK_DIR is empty +if [ -z "$WORK_DIR" ]; then + echo "❌ Error: WORK_DIR is not set." + exit 1 +fi + +# Validate VERSION_TYPE +if [[ "$VERSION_TYPE" != "major" && "$VERSION_TYPE" != "minor" && "$VERSION_TYPE" != "patch" ]]; then + echo "❌ Error: VERSION_TYPE must be one of: major, minor, or patch." + exit 1 +fi + BUILD_DIRECTORY="$WORK_DIR/build" RELEASE_DIRECTORY="$BUILD_DIRECTORY/releases" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 63e56b6..e55f6b6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,9 +10,6 @@ name: Release on: - pull_request: - branches: [ main ] - types: [closed] workflow_dispatch: inputs: version_type: From 0f9a8716a80c2cf59738a66232f1ecbc3583efad Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Fri, 18 Apr 2025 15:10:46 +0530 Subject: [PATCH 06/13] Fix verbose logs --- Makefile | 3 --- 1 file changed, 3 deletions(-) diff --git a/Makefile b/Makefile index 1a8495b..c9ef883 100644 --- a/Makefile +++ b/Makefile @@ -31,21 +31,18 @@ build: clean test build-linux build-linux-arm build-darwin build-linux: mkdir -p $(BUILD_DIR)/linux GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ - -X 'main.buildDate=$$(date -u '+%Y-%m-%d %H:%M:%S UTC')'" \ -o $(BUILD_DIR)/linux/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/linux build-linux-arm: mkdir -p $(BUILD_DIR)/linux-arm GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ - -X 'main.buildDate=$$(date -u '+%Y-%m-%d %H:%M:%S UTC')'" \ -o $(BUILD_DIR)/linux-arm/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/linux-arm build-darwin: mkdir -p $(BUILD_DIR)/darwin GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ - -X 'main.buildDate=$$(date -u '+%Y-%m-%d %H:%M:%S UTC')'" \ -o $(BUILD_DIR)/darwin/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/darwin From 9ce9509cceb1b7fcb6f3b76118ca285a7320e5a0 Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Mon, 21 Apr 2025 15:29:48 +0530 Subject: [PATCH 07/13] Fix issues in makefile (#26) --- .github/scripts/release.sh | 2 +- Makefile | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index 35568a2..2a1f6a9 100644 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -19,7 +19,7 @@ GIT_TOKEN=$1 WORK_DIR=$2 VERSION_TYPE=$3 # possible values: major, minor, patch - Check if GIT_TOKEN is empty +# Check if GIT_TOKEN is empty if [ -z "$GIT_TOKEN" ]; then echo "❌ Error: GIT_TOKEN is not set." exit 1 diff --git a/Makefile b/Makefile index c9ef883..b0d0926 100644 --- a/Makefile +++ b/Makefile @@ -30,19 +30,19 @@ build: clean test build-linux build-linux-arm build-darwin build-linux: mkdir -p $(BUILD_DIR)/linux - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ + GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION)" \ -o $(BUILD_DIR)/linux/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/linux build-linux-arm: mkdir -p $(BUILD_DIR)/linux-arm - GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ + GOOS=linux GOARCH=arm CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION)" \ -o $(BUILD_DIR)/linux-arm/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/linux-arm build-darwin: mkdir -p $(BUILD_DIR)/darwin - GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION) \ + GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION)" \ -o $(BUILD_DIR)/darwin/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/darwin From 87a1cbe21a5af7dbe2be38b5c748c3f81e474f43 Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Sat, 26 Apr 2025 20:02:45 +0530 Subject: [PATCH 08/13] Update release.yml --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e55f6b6..0c51bc7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: with: ref: 'main' fetch-depth: 0 - token: ${{ secrets.GIT_BOT_PAT }} + token: ${{ secrets.GITHUB_TOKEN }} - uses: actions/checkout@v2 - name: Set up Go 1.x @@ -60,5 +60,5 @@ jobs: - name: Update artifact version, package, commit, and create release. env: - GITHUB_TOKEN: ${{ secrets.GIT_BOT_PAT }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: bash ./.github/scripts/release.sh $GITHUB_TOKEN ${{ github.workspace }} ${{ github.event.inputs.version_type }} From 4a5cf4e1cc2c5b8ab5ee4cfa0c94080d6493530c Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Sun, 27 Apr 2025 17:23:13 +0530 Subject: [PATCH 09/13] Update README.md --- README.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 71b4b60..6be3ece 100644 --- a/README.md +++ b/README.md @@ -47,15 +47,7 @@ Open MCP Auth Proxy sits between MCP clients and your MCP server to: ### Basic Usage -1. The repository comes with a default `config.yaml` file that contains the basic configuration: - -```yaml -listen_port: 8080 -base_url: "http://localhost:8000" # Your MCP server URL -paths: - sse: "/sse" - messages: "/messages/" -``` +1. Download the latest release from [Github releases](https://github.com/wso2/open-mcp-auth-proxy/releases/latest). 2. Start the proxy in demo mode (uses pre-configured authentication with Asgardeo sandbox): @@ -63,6 +55,16 @@ paths: ./openmcpauthproxy --demo ``` +> The repository comes with a default `config.yaml` file that contains the basic configuration: +> +> ```yaml +> listen_port: 8080 +> base_url: "http://localhost:8000" # Your MCP server URL +> paths: +> sse: "/sse" +> messages: "/messages/" +> ``` + 3. Connect using an MCP client like [MCP Inspector](https://github.com/shashimalcse/inspector)(This is a temporary fork with fixes for authentication [issues](https://github.com/modelcontextprotocol/typescript-sdk/issues/257) in the original implementation) ## Connect an Identity Provider From 0bbc20ca5a1c4f804fb901071109f4a426d8b8de Mon Sep 17 00:00:00 2001 From: Pavindu Lakshan Date: Sat, 3 May 2025 01:06:41 +0530 Subject: [PATCH 10/13] Remove unnecessary fields from PR template --- pull_request_template.md | 51 ++++------------------------------------ 1 file changed, 5 insertions(+), 46 deletions(-) diff --git a/pull_request_template.md b/pull_request_template.md index 9b32185..c401a06 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -1,52 +1,11 @@ ## Purpose -> Describe the problems, issues, or needs driving this feature/fix and include links to related issues in the following format: Resolves issue1, issue2, etc. + -## Goals -> Describe the solutions that this feature/fix will introduce to resolve the problems described above - -## Approach -> Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here. - -## User stories -> Summary of user stories addressed by this change> - -## Release note -> Brief description of the new feature or bug fix as it will appear in the release notes - -## Documentation -> Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact - -## Training -> Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable - -## Certification -> Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why. - -## Marketing -> Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable - -## Automation tests - - Unit tests - > Code coverage information - - Integration tests - > Details about the test cases and coverage - -## Security checks - - Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no - - Ran FindSecurityBugs plugin and verified report? yes/no - - Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no - -## Samples -> Provide high-level details about the samples related to this feature +## Related Issues + ## Related PRs -> List any other related PRs + ## Migrations (if applicable) -> Describe migration steps and platforms on which migration has been tested - -## Test environment -> List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested - -## Learning -> Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem. \ No newline at end of file + From e0beca18cf64b26234348c6ad2b3d71b96ee8703 Mon Sep 17 00:00:00 2001 From: Angel Nunez Mencias Date: Mon, 19 May 2025 10:25:27 +0200 Subject: [PATCH 11/13] adjust configuration to kvant --- .github/workflows/ci.yaml | 71 +++++++++++++++++++++++++++++++++++++++ Dockerfile | 47 ++++++++++++++++++++++++++ cmd/proxy/main.go | 6 ++-- config.yaml | 48 +++++++++++++++++--------- 4 files changed, 153 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/ci.yaml create mode 100644 Dockerfile diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..775003e --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,71 @@ +name: Build and Push container +run-name: Build and Push container +on: + workflow_dispatch: + #schedule: + # - cron: "0 10 * * *" + push: + branches: + - 'main' + - 'master' + tags: + - 'v*' + pull_request: + branches: + - 'main' + - 'master' +env: + IMAGE: git.kvant.cloud/${{github.repository}} +jobs: + build_concierge_backend: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set current time + uses: https://github.com/gerred/actions/current-time@master + id: current_time + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to git.kvant.cloud registry + uses: docker/login-action@v3 + with: + registry: git.kvant.cloud + username: ${{ vars.ORG_PACKAGE_WRITER_USERNAME }} + password: ${{ secrets.ORG_PACKAGE_WRITER_TOKEN }} + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + # list of Docker images to use as base name for tags + images: | + ${{env.IMAGE}} + # generate Docker tags based on the following events/attributes + tags: | + type=schedule + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{version}} + + - name: Build and push to gitea registry + uses: docker/build-push-action@v6 + with: + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + context: . + provenance: mode=max + sbom: true + build-args: | + BUILD_DATE=${{ steps.current_time.outputs.time }} + cache-from: | + type=registry,ref=${{ env.IMAGE }}:buildcache + type=registry,ref=${{ env.IMAGE }}:${{ github.ref_name }} + type=registry,ref=${{ env.IMAGE }}:main + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max,image-manifest=true diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..2f0b940 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,47 @@ +FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.24@sha256:d9db32125db0c3a680cfb7a1afcaefb89c898a075ec148fdc2f0f646cc2ed509 AS build + +ARG TARGETPLATFORM +ARG BUILDPLATFORM +ARG TARGETOS +ARG TARGETARCH + +WORKDIR /workspace + +RUN apt update -qq && apt install -qq -y git bash curl g++ + +# Download libraries +ADD go.* . +RUN go mod download + +# Build +ADD cmd cmd +ADD internal internal +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o webhook -ldflags '-w -extldflags "-static"' -o openmcpauthproxy ./cmd/proxy + +#Test +RUN CGO_ENABLED=1 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go test -v -race ./... + + +# Build production container +FROM --platform=${BUILDPLATFORM:-linux/amd64} ubuntu:24.04 + +RUN apt-get update \ + && apt-get install --no-install-recommends -y \ + python3-pip \ + python-is-python3 \ + npm \ + && apt-get autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR /app +COPY --from=build /workspace/openmcpauthproxy /app/ + +ADD config.yaml /app +RUN find . + + +ENTRYPOINT ["/app/openmcpauthproxy"] + +ARG IMAGE_SOURCE +LABEL org.opencontainers.image.source=$IMAGE_SOURCE diff --git a/cmd/proxy/main.go b/cmd/proxy/main.go index 6424f18..c43dd7d 100644 --- a/cmd/proxy/main.go +++ b/cmd/proxy/main.go @@ -12,7 +12,7 @@ import ( "github.com/wso2/open-mcp-auth-proxy/internal/authz" "github.com/wso2/open-mcp-auth-proxy/internal/config" "github.com/wso2/open-mcp-auth-proxy/internal/constants" - "github.com/wso2/open-mcp-auth-proxy/internal/logging" + logger "github.com/wso2/open-mcp-auth-proxy/internal/logging" "github.com/wso2/open-mcp-auth-proxy/internal/proxy" "github.com/wso2/open-mcp-auth-proxy/internal/subprocess" "github.com/wso2/open-mcp-auth-proxy/internal/util" @@ -58,7 +58,7 @@ func main() { logger.Warn("%v", err) logger.Warn("Subprocess may fail to start due to missing dependencies") } - + procManager = subprocess.NewManager() if err := procManager.Start(cfg); err != nil { logger.Warn("Failed to start subprocess: %v", err) @@ -95,7 +95,7 @@ func main() { // 5. Build the main router mux := proxy.NewRouter(cfg, provider) - listen_address := fmt.Sprintf(":%d", cfg.ListenPort) + listen_address := fmt.Sprintf("0.0.0.0:%d", cfg.ListenPort) // 6. Start the server srv := &http.Server{ diff --git a/config.yaml b/config.yaml index 5621195..af627c9 100644 --- a/config.yaml +++ b/config.yaml @@ -6,13 +6,8 @@ base_url: "http://localhost:8000" # Base URL for the MCP server port: 8000 # Port for the MCP server timeout_seconds: 10 -# Path configuration -paths: - sse: "/sse" # SSE endpoint path - messages: "/messages/" # Messages endpoint path - # Transport mode configuration -transport_mode: "sse" # Options: "sse" or "stdio" +transport_mode: "stdio" # Options: "sse" or "stdio" # stdio-specific configuration (used only when transport_mode is "stdio") stdio: @@ -22,13 +17,10 @@ stdio: # env: # Environment variables (optional) # - "NODE_ENV=development" -# Path mapping (optional) -path_mapping: - -# CORS configuration +# CORS settings cors: allowed_origins: - - "http://localhost:5173" + - "http://localhost:6274" # Origin of your frontend/client app allowed_methods: - "GET" - "POST" @@ -40,8 +32,32 @@ cors: - "mcp-protocol-version" allow_credentials: true -# Demo configuration for Asgardeo -demo: - org_name: "openmcpauthdemo" - client_id: "N0U9e_NNGr9mP_0fPnPfPI0a6twa" - client_secret: "qFHfiBp5gNGAO9zV4YPnDofBzzfInatfUbHyPZvM0jka" +# Keycloak endpoint path mappings +path_mapping: + sse: "/sse" # SSE endpoint path + messages: "/messages/" # Messages endpoint path + /token: /realms/master/protocol/openid-connect/token + /register: /realms/master/clients-registrations/openid-connect + +# Keycloak configuration block +default: + base_url: "https://iam.phoenix-systems.ch" + jwks_url: "https://iam.phoenix-systems.ch/realms/kvant/protocol/openid-connect/certs" + path: + /.well-known/oauth-authorization-server: + response: + issuer: "https://iam.phoenix-systems.ch/realms/kvant" + jwks_uri: "https://iam.phoenix-systems.ch/realms/kvant/protocol/openid-connect/certs" + authorization_endpoint: "https://iam.phoenix-systems.ch/realms/kvant/protocol/openid-connect/auth" + response_types_supported: + - "code" + grant_types_supported: + - "authorization_code" + - "refresh_token" + code_challenge_methods_supported: + - "S256" + - "plain" + /token: + addBodyParams: + - name: "audience" + value: "mcp_proxy" \ No newline at end of file From c3e2abd2bce076d4257d401859b656e6b8f81870 Mon Sep 17 00:00:00 2001 From: Angel Nunez Mencias Date: Mon, 2 Jun 2025 03:41:06 +0200 Subject: [PATCH 12/13] change cmd --- Dockerfile | 1 - config.yaml | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2f0b940..3dc86da 100644 --- a/Dockerfile +++ b/Dockerfile @@ -38,7 +38,6 @@ WORKDIR /app COPY --from=build /workspace/openmcpauthproxy /app/ ADD config.yaml /app -RUN find . ENTRYPOINT ["/app/openmcpauthproxy"] diff --git a/config.yaml b/config.yaml index af627c9..ef70fbb 100644 --- a/config.yaml +++ b/config.yaml @@ -6,13 +6,15 @@ base_url: "http://localhost:8000" # Base URL for the MCP server port: 8000 # Port for the MCP server timeout_seconds: 10 + # Transport mode configuration transport_mode: "stdio" # Options: "sse" or "stdio" # stdio-specific configuration (used only when transport_mode is "stdio") stdio: enabled: true - user_command: "npx -y @modelcontextprotocol/server-github" + user_command: uvx mcp-server-time --local-timezone=Europe/Zurich + #user_command: "npx -y @modelcontextprotocol/server-github" work_dir: "" # Working directory (optional) # env: # Environment variables (optional) # - "NODE_ENV=development" From 8e80e2956c273df612ae6114484c6321c2d513be Mon Sep 17 00:00:00 2001 From: Angel Nunez Mencias Date: Mon, 2 Jun 2025 03:55:14 +0200 Subject: [PATCH 13/13] add uvx --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 3dc86da..dc468b1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,6 +34,8 @@ RUN apt-get update \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* +RUN pip install uvenv --break-system-packages + WORKDIR /app COPY --from=build /workspace/openmcpauthproxy /app/