From ec496687ba3b15d7f0a284a63cf57e5f97525403 Mon Sep 17 00:00:00 2001 From: Olivier Chafik Date: Wed, 18 Jun 2025 22:14:44 +0100 Subject: [PATCH 1/2] simpleStreamableHttp: tweak example code --- .../server/demoInMemoryOAuthProvider.ts | 24 +++++++++---------- src/examples/server/simpleStreamableHttp.ts | 2 +- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/src/examples/server/demoInMemoryOAuthProvider.ts b/src/examples/server/demoInMemoryOAuthProvider.ts index fe8d3f9cf..073a003f8 100644 --- a/src/examples/server/demoInMemoryOAuthProvider.ts +++ b/src/examples/server/demoInMemoryOAuthProvider.ts @@ -35,17 +35,8 @@ export class DemoInMemoryAuthProvider implements OAuthServerProvider { params: AuthorizationParams, client: OAuthClientInformationFull}>(); private tokens = new Map(); - private validateResource?: (resource?: URL) => boolean; - - constructor({mcpServerUrl}: {mcpServerUrl?: URL} = {}) { - if (mcpServerUrl) { - const expectedResource = resourceUrlFromServerUrl(mcpServerUrl); - this.validateResource = (resource?: URL) => { - if (!resource) return false; - return resource.toString() === expectedResource.toString(); - }; - } - } + + constructor(private validateResource?: (resource?: URL) => boolean) {} async authorize( client: OAuthClientInformationFull, @@ -153,13 +144,20 @@ export class DemoInMemoryAuthProvider implements OAuthServerProvider { } -export const setupAuthServer = (authServerUrl: URL, mcpServerUrl: URL): OAuthMetadata => { +export const setupAuthServer = ({authServerUrl, mcpServerUrl, strictResource}: {authServerUrl: URL, mcpServerUrl: URL, strictResource: boolean}): OAuthMetadata => { // Create separate auth server app // NOTE: This is a separate app on a separate port to illustrate // how to separate an OAuth Authorization Server from a Resource // server in the SDK. The SDK is not intended to be provide a standalone // authorization server. - const provider = new DemoInMemoryAuthProvider({mcpServerUrl}); + + const validateResource = strictResource ? resource => { + if (!resource) return false; + const expectedResource = resourceUrlFromServerUrl(mcpServerUrl); + return resource.toString() === expectedResource.toString(); + } : undefined; + + const provider = new DemoInMemoryAuthProvider(validateResource); const authApp = express(); authApp.use(express.json()); // For introspection requests diff --git a/src/examples/server/simpleStreamableHttp.ts b/src/examples/server/simpleStreamableHttp.ts index 37c5f0be7..6406bc213 100644 --- a/src/examples/server/simpleStreamableHttp.ts +++ b/src/examples/server/simpleStreamableHttp.ts @@ -432,7 +432,7 @@ if (useOAuth) { const mcpServerUrl = new URL(`http://localhost:${MCP_PORT}/mcp`); const authServerUrl = new URL(`http://localhost:${AUTH_PORT}`); - const oauthMetadata: OAuthMetadata = setupAuthServer(authServerUrl, mcpServerUrl); + const oauthMetadata: OAuthMetadata = setupAuthServer({authServerUrl, mcpServerUrl, strictResource: strictOAuth}); const tokenVerifier = { verifyAccessToken: async (token: string) => { From 18195769827195abff5f1528078c771b957de4ec Mon Sep 17 00:00:00 2001 From: Olivier Chafik Date: Thu, 19 Jun 2025 11:32:27 +0100 Subject: [PATCH 2/2] fix types --- src/examples/server/demoInMemoryOAuthProvider.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/examples/server/demoInMemoryOAuthProvider.ts b/src/examples/server/demoInMemoryOAuthProvider.ts index 073a003f8..274a504a1 100644 --- a/src/examples/server/demoInMemoryOAuthProvider.ts +++ b/src/examples/server/demoInMemoryOAuthProvider.ts @@ -151,7 +151,7 @@ export const setupAuthServer = ({authServerUrl, mcpServerUrl, strictResource}: { // server in the SDK. The SDK is not intended to be provide a standalone // authorization server. - const validateResource = strictResource ? resource => { + const validateResource = strictResource ? (resource?: URL) => { if (!resource) return false; const expectedResource = resourceUrlFromServerUrl(mcpServerUrl); return resource.toString() === expectedResource.toString();