From 99d77357b14e64a55af37442a00bbd6a48a60247 Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Fri, 2 May 2025 16:47:05 +0100 Subject: [PATCH 1/8] first cut at a per-client consent flow --- .../simple-auth/mcp_simple_auth/server.py | 10 + src/mcp/server/auth/handlers/authorize.py | 21 ++ src/mcp/server/auth/handlers/consent.py | 212 ++++++++++++++++++ src/mcp/server/auth/provider.py | 21 ++ src/mcp/server/auth/routes.py | 9 + 5 files changed, 273 insertions(+) create mode 100644 src/mcp/server/auth/handlers/consent.py diff --git a/examples/servers/simple-auth/mcp_simple_auth/server.py b/examples/servers/simple-auth/mcp_simple_auth/server.py index 2f1e4086f..b5ffbf327 100644 --- a/examples/servers/simple-auth/mcp_simple_auth/server.py +++ b/examples/servers/simple-auth/mcp_simple_auth/server.py @@ -73,6 +73,8 @@ def __init__(self, settings: ServerSettings): # Store GitHub tokens with MCP tokens using the format: # {"mcp_token": "github_token"} self.token_mapping: dict[str, str] = {} + # Track which clients have been granted consent + self.client_consent: dict[str, bool] = {} async def get_client(self, client_id: str) -> OAuthClientInformationFull | None: """Get OAuth client information.""" @@ -81,6 +83,14 @@ async def get_client(self, client_id: str) -> OAuthClientInformationFull | None: async def register_client(self, client_info: OAuthClientInformationFull): """Register a new OAuth client.""" self.clients[client_info.client_id] = client_info + + async def has_client_consent(self, client: OAuthClientInformationFull) -> bool: + """Check if a client has already provided consent.""" + return self.client_consent.get(client.client_id, False) + + async def grant_client_consent(self, client: OAuthClientInformationFull) -> None: + """Grant consent for a client.""" + self.client_consent[client.client_id] = True async def authorize( self, client: OAuthClientInformationFull, params: AuthorizationParams diff --git a/src/mcp/server/auth/handlers/authorize.py b/src/mcp/server/auth/handlers/authorize.py index 8f3768908..d82c26060 100644 --- a/src/mcp/server/auth/handlers/authorize.py +++ b/src/mcp/server/auth/handlers/authorize.py @@ -1,6 +1,7 @@ import logging from dataclasses import dataclass from typing import Any, Literal +from urllib.parse import urlencode from pydantic import AnyHttpUrl, AnyUrl, BaseModel, Field, RootModel, ValidationError from starlette.datastructures import FormData, QueryParams @@ -218,6 +219,26 @@ async def error_response( ) try: + # Check if client has already consented + has_consent = await self.provider.has_client_consent(client) + + if not has_consent: + # Redirect to consent page with necessary parameters + consent_url = "/consent" + "?" + urlencode({ + "client_id": auth_request.client_id, + "redirect_uri": str(redirect_uri), + "state": state or "", + "scopes": " ".join(scopes) if scopes else "", + "code_challenge": auth_request.code_challenge, + "response_type": auth_request.response_type, + }) + + return RedirectResponse( + url=consent_url, + status_code=302, + headers={"Cache-Control": "no-store"}, + ) + # Let the provider pick the next URI to redirect to return RedirectResponse( url=await self.provider.authorize( diff --git a/src/mcp/server/auth/handlers/consent.py b/src/mcp/server/auth/handlers/consent.py new file mode 100644 index 000000000..58eb821fd --- /dev/null +++ b/src/mcp/server/auth/handlers/consent.py @@ -0,0 +1,212 @@ +from dataclasses import dataclass +from typing import Any +from urllib.parse import urlencode + +from starlette.requests import Request +from starlette.responses import HTMLResponse, RedirectResponse, Response + +from mcp.server.auth.handlers.authorize import AuthorizationHandler +from mcp.server.auth.provider import OAuthAuthorizationServerProvider + + +@dataclass +class ConsentHandler: + provider: OAuthAuthorizationServerProvider[Any, Any, Any] + + async def handle(self, request: Request) -> Response: + # This handles both showing the consent form (GET) and processing consent (POST) + + if request.method == "GET": + # Show consent form + return await self._show_consent_form(request) + elif request.method == "POST": + # Process consent + return await self._process_consent(request) + else: + return HTMLResponse(status_code=405, content="Method not allowed") + + async def _show_consent_form(self, request: Request) -> HTMLResponse: + client_id = request.query_params.get("client_id", "") + redirect_uri = request.query_params.get("redirect_uri", "") + state = request.query_params.get("state", "") + scopes = request.query_params.get("scopes", "") + code_challenge = request.query_params.get("code_challenge", "") + response_type = request.query_params.get("response_type", "") + + # TODO: get this passed in + target_url = "/consent" + + # Create a simple consent form + + html_content = f""" + + + + Authorization Required + + + + + +
+

Authorization Request

+

The application {client_id} is requesting access to your resources.

+ +
+ Client ID: {client_id}
+ Redirect URI: {redirect_uri} +
+ +
+ Requested Permissions: + {self._format_scopes(scopes)} +
+ +
+ + + + + + + +
+ + +
+
+
+ + +""" + return HTMLResponse(content=html_content) + + async def _process_consent(self, request: Request) -> RedirectResponse: + form_data = await request.form() + action = form_data.get("action") + + if action == "approve": + # Grant consent and continue with authorization + client_id = form_data.get("client_id") + if client_id: + client = await self.provider.get_client(client_id) + if client: + await self.provider.grant_client_consent(client) + + # Redirect back to authorization endpoint with original parameters + auth_params = urlencode({ + k: v for k, v in form_data.items() + if k in ["client_id", "redirect_uri", "state", "scopes", "code_challenge", "response_type"] + }) + + return RedirectResponse( + # TODO: get this passed in + url=f"/authorize?{auth_params}", + status_code=302, + headers={"Cache-Control": "no-store"}, + ) + else: + # User denied consent + redirect_uri = form_data.get("redirect_uri") + state = form_data.get("state") + + error_params = { + "error": "access_denied", + "error_description": "User denied the authorization request" + } + if state: + error_params["state"] = state + + if redirect_uri: + return RedirectResponse( + url=f"{redirect_uri}?{urlencode(error_params)}", + status_code=302, + headers={"Cache-Control": "no-store"}, + ) + else: + return HTMLResponse( + status_code=400, + content=f"Access denied: {error_params['error_description']}" + ) + + def _format_scopes(self, scopes: str) -> str: + if not scopes: + return "

No specific permissions requested

" + + scope_list = scopes.split() + if not scope_list: + return "

No specific permissions requested

" + + scope_html = "" + for scope in scope_list: + scope_html += f'
{scope}
' + + return scope_html diff --git a/src/mcp/server/auth/provider.py b/src/mcp/server/auth/provider.py index be1ac1dbc..8162802ea 100644 --- a/src/mcp/server/auth/provider.py +++ b/src/mcp/server/auth/provider.py @@ -174,6 +174,27 @@ async def authorize( """ ... + async def has_client_consent(self, client: OAuthClientInformationFull) -> bool: + """ + Check if a client has already provided consent. + + Args: + client: The client to check consent status for. + + Returns: + True if the client has provided consent, False otherwise. + """ + ... + + async def grant_client_consent(self, client: OAuthClientInformationFull) -> None: + """ + Grant consent for a client. + + Args: + client: The client to grant consent for. + """ + ... + async def load_authorization_code( self, client: OAuthClientInformationFull, authorization_code: str ) -> AuthorizationCodeT | None: diff --git a/src/mcp/server/auth/routes.py b/src/mcp/server/auth/routes.py index 4c56ca247..a401507fb 100644 --- a/src/mcp/server/auth/routes.py +++ b/src/mcp/server/auth/routes.py @@ -9,6 +9,7 @@ from starlette.types import ASGIApp from mcp.server.auth.handlers.authorize import AuthorizationHandler +from mcp.server.auth.handlers.consent import ConsentHandler from mcp.server.auth.handlers.metadata import MetadataHandler from mcp.server.auth.handlers.register import RegistrationHandler from mcp.server.auth.handlers.revoke import RevocationHandler @@ -49,6 +50,7 @@ def validate_issuer_url(url: AnyHttpUrl): TOKEN_PATH = "/token" REGISTRATION_PATH = "/register" REVOCATION_PATH = "/revoke" +CONSENT_PATH = "/consent" def cors_middleware( @@ -113,6 +115,13 @@ def create_auth_routes( ), methods=["POST", "OPTIONS"], ), + Route( + CONSENT_PATH, + # do not allow CORS for consent endpoint; + # clients should just redirect to this + endpoint=ConsentHandler(provider).handle, + methods=["GET", "POST"], + ), ] if client_registration_options.enabled: From 15ecf7319a77c3137ed5aec89703f115580aaa95 Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 10:46:59 +0100 Subject: [PATCH 2/8] add consent --- src/mcp/server/auth/handlers/consent.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/mcp/server/auth/handlers/consent.py b/src/mcp/server/auth/handlers/consent.py index 58eb821fd..49b4bf3a4 100644 --- a/src/mcp/server/auth/handlers/consent.py +++ b/src/mcp/server/auth/handlers/consent.py @@ -33,6 +33,13 @@ async def _show_consent_form(self, request: Request) -> HTMLResponse: code_challenge = request.query_params.get("code_challenge", "") response_type = request.query_params.get("response_type", "") + # Get client info to display client_name + client_name = client_id # Default to client_id if we can't get the client + if client_id: + client = await self.provider.get_client(client_id) + if client and hasattr(client, 'client_name'): + client_name = client.client_name + # TODO: get this passed in target_url = "/consent" @@ -118,9 +125,10 @@ async def _show_consent_form(self, request: Request) -> HTMLResponse:

Authorization Request

-

The application {client_id} is requesting access to your resources.

+

The application {client_name} is requesting access to your resources.

+ Application Name: {client_name}
Client ID: {client_id}
Redirect URI: {redirect_uri}
From e05f0b6f27a422cbf49ba4b0ae52c499aea4dafa Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 11:01:59 +0100 Subject: [PATCH 3/8] make consent optional, default true --- src/mcp/server/auth/handlers/consent.py | 26 ++++++++++++++++++++++--- src/mcp/server/auth/routes.py | 19 +++++++++++------- src/mcp/server/auth/settings.py | 2 ++ 3 files changed, 37 insertions(+), 10 deletions(-) diff --git a/src/mcp/server/auth/handlers/consent.py b/src/mcp/server/auth/handlers/consent.py index 49b4bf3a4..053bf83e8 100644 --- a/src/mcp/server/auth/handlers/consent.py +++ b/src/mcp/server/auth/handlers/consent.py @@ -1,5 +1,6 @@ +from abc import ABC, abstractmethod from dataclasses import dataclass -from typing import Any +from typing import Any, Optional from urllib.parse import urlencode from starlette.requests import Request @@ -9,8 +10,27 @@ from mcp.server.auth.provider import OAuthAuthorizationServerProvider +class AbstractConsentHandler(ABC): + """Abstract base class for handling OAuth consent operations.""" + + @abstractmethod + async def handle(self, request: Request) -> Response: + """Handle consent requests - both showing the form and processing submissions.""" + pass + + @abstractmethod + async def _show_consent_form(self, request: Request) -> Response: + """Display the consent form to the user.""" + pass + + @abstractmethod + async def _process_consent(self, request: Request) -> Response: + """Process the user's consent decision.""" + pass + + @dataclass -class ConsentHandler: +class ConsentHandler(AbstractConsentHandler): provider: OAuthAuthorizationServerProvider[Any, Any, Any] async def handle(self, request: Request) -> Response: @@ -157,7 +177,7 @@ async def _show_consent_form(self, request: Request) -> HTMLResponse: """ return HTMLResponse(content=html_content) - async def _process_consent(self, request: Request) -> RedirectResponse: + async def _process_consent(self, request: Request) -> RedirectResponse | HTMLResponse: form_data = await request.form() action = form_data.get("action") diff --git a/src/mcp/server/auth/routes.py b/src/mcp/server/auth/routes.py index a401507fb..6f3d1a08b 100644 --- a/src/mcp/server/auth/routes.py +++ b/src/mcp/server/auth/routes.py @@ -115,13 +115,6 @@ def create_auth_routes( ), methods=["POST", "OPTIONS"], ), - Route( - CONSENT_PATH, - # do not allow CORS for consent endpoint; - # clients should just redirect to this - endpoint=ConsentHandler(provider).handle, - methods=["GET", "POST"], - ), ] if client_registration_options.enabled: @@ -140,6 +133,18 @@ def create_auth_routes( ) ) + if client_registration_options.client_consent_required: + consent_path: str = client_registration_options.client_consent_path or CONSENT_PATH + routes.append( + Route( + consent_path, + # do not allow CORS for consent endpoint; + # clients should just redirect to this + endpoint=ConsentHandler(provider).handle, + methods=["GET", "POST"], + ), + ) + if revocation_options.enabled: revocation_handler = RevocationHandler(provider, client_authenticator) routes.append( diff --git a/src/mcp/server/auth/settings.py b/src/mcp/server/auth/settings.py index 1086bb77e..cc4175a0a 100644 --- a/src/mcp/server/auth/settings.py +++ b/src/mcp/server/auth/settings.py @@ -6,6 +6,8 @@ class ClientRegistrationOptions(BaseModel): client_secret_expiry_seconds: int | None = None valid_scopes: list[str] | None = None default_scopes: list[str] | None = None + client_consent_required: bool = True + client_consent_path: str | None = None class RevocationOptions(BaseModel): From 2a8e67ba2a8248b915b7b2b5396a19abb00640b4 Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 11:05:03 +0100 Subject: [PATCH 4/8] default client consent to false to preserve backwards compatibility --- src/mcp/server/auth/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mcp/server/auth/settings.py b/src/mcp/server/auth/settings.py index cc4175a0a..72e7559b8 100644 --- a/src/mcp/server/auth/settings.py +++ b/src/mcp/server/auth/settings.py @@ -6,7 +6,7 @@ class ClientRegistrationOptions(BaseModel): client_secret_expiry_seconds: int | None = None valid_scopes: list[str] | None = None default_scopes: list[str] | None = None - client_consent_required: bool = True + client_consent_required: bool = False client_consent_path: str | None = None From 011fd078b001c369e3a10aa76c079c3e9599739a Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 11:18:43 +0100 Subject: [PATCH 5/8] require consent in example --- examples/servers/simple-auth/mcp_simple_auth/server.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/examples/servers/simple-auth/mcp_simple_auth/server.py b/examples/servers/simple-auth/mcp_simple_auth/server.py index b5ffbf327..759e84d2d 100644 --- a/examples/servers/simple-auth/mcp_simple_auth/server.py +++ b/examples/servers/simple-auth/mcp_simple_auth/server.py @@ -83,11 +83,11 @@ async def get_client(self, client_id: str) -> OAuthClientInformationFull | None: async def register_client(self, client_info: OAuthClientInformationFull): """Register a new OAuth client.""" self.clients[client_info.client_id] = client_info - + async def has_client_consent(self, client: OAuthClientInformationFull) -> bool: """Check if a client has already provided consent.""" return self.client_consent.get(client.client_id, False) - + async def grant_client_consent(self, client: OAuthClientInformationFull) -> None: """Grant consent for a client.""" self.client_consent[client.client_id] = True @@ -275,6 +275,9 @@ def create_simple_mcp_server(settings: ServerSettings) -> FastMCP: enabled=True, valid_scopes=[settings.mcp_scope], default_scopes=[settings.mcp_scope], + # Because we're redirecting to a different AS during our + # main auth flow. + client_consent_required=True ), required_scopes=[settings.mcp_scope], ) From 429c28f2bec15d51f2e859d24c6be98c9132c30f Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 12:07:02 +0100 Subject: [PATCH 6/8] move consent to example --- .../simple-auth/mcp_simple_auth/server.py | 261 +++++++++++++++++- src/mcp/server/auth/handlers/authorize.py | 20 -- src/mcp/server/auth/handlers/consent.py | 240 ---------------- src/mcp/server/auth/provider.py | 21 -- src/mcp/server/auth/routes.py | 12 - src/mcp/server/auth/settings.py | 2 - 6 files changed, 248 insertions(+), 308 deletions(-) delete mode 100644 src/mcp/server/auth/handlers/consent.py diff --git a/examples/servers/simple-auth/mcp_simple_auth/server.py b/examples/servers/simple-auth/mcp_simple_auth/server.py index 759e84d2d..181130372 100644 --- a/examples/servers/simple-auth/mcp_simple_auth/server.py +++ b/examples/servers/simple-auth/mcp_simple_auth/server.py @@ -10,7 +10,9 @@ from pydantic_settings import BaseSettings, SettingsConfigDict from starlette.exceptions import HTTPException from starlette.requests import Request -from starlette.responses import JSONResponse, RedirectResponse, Response +from starlette.responses import JSONResponse, RedirectResponse, Response, HTMLResponse +from dataclasses import dataclass + from mcp.server.auth.middleware.auth_context import get_access_token from mcp.server.auth.provider import ( @@ -25,6 +27,7 @@ from mcp.server.fastmcp.server import FastMCP from mcp.shared._httpx_utils import create_mcp_http_client from mcp.shared.auth import OAuthClientInformationFull, OAuthToken +from urllib.parse import urlencode logger = logging.getLogger(__name__) @@ -108,16 +111,25 @@ async def authorize( "client_id": client.client_id, } - # Build GitHub authorization URL - auth_url = ( - f"{self.settings.github_auth_url}" - f"?client_id={self.settings.github_client_id}" - f"&redirect_uri={self.settings.github_callback_path}" - f"&scope={self.settings.github_scope}" - f"&state={state}" - ) + # Return our custom consent endpoint, which will then redirect to Github + + # Extract scopes - use default MCP scope if none provided + scopes = params.scopes or [self.settings.mcp_scope] + scopes_string = " ".join(scopes) if isinstance(scopes, list) else str(scopes) + + consent_params = { + "client_id": client.client_id, + "redirect_uri": str(params.redirect_uri), + "state": state, + "scopes": scopes_string, + "code_challenge": params.code_challenge or "", + "response_type": "code" + } + + consent_url = f"{self.settings.server_url}consent?{urlencode(consent_params)}" + print(f"[DEBUGG] {consent_url} {state}") - return auth_url + return consent_url async def handle_github_callback(self, code: str, state: str) -> str: """Handle GitHub OAuth callback.""" @@ -265,6 +277,224 @@ async def revoke_token( del self.tokens[token] +@dataclass +class ConsentHandler: + provider: OAuthAuthorizationServerProvider[Any, Any, Any] + settings: ServerSettings + + async def handle(self, request: Request) -> Response: + # This handles both showing the consent form (GET) and processing consent (POST) + if request.method == "GET": + # Show consent form + return await self._show_consent_form(request) + elif request.method == "POST": + # Process consent + return await self._process_consent(request) + else: + return HTMLResponse(status_code=405, content="Method not allowed") + + async def _show_consent_form(self, request: Request) -> HTMLResponse: + client_id = request.query_params.get("client_id", "") + redirect_uri = request.query_params.get("redirect_uri", "") + state = request.query_params.get("state", "") + scopes = request.query_params.get("scopes", "") + code_challenge = request.query_params.get("code_challenge", "") + response_type = request.query_params.get("response_type", "") + + # Get client info to display client_name + client_name = client_id # Default to client_id if we can't get the client + if client_id: + client = await self.provider.get_client(client_id) + if client and hasattr(client, 'client_name'): + client_name = client.client_name + + # TODO: get this passed in + target_url = "/consent" + + # Create a simple consent form + + html_content = f""" + + + + Authorization Required + + + + + +
+

Authorization Request

+

The application {client_name} is requesting access to your resources.

+ +
+ Application Name: {client_name}
+ Client ID: {client_id}
+ Redirect URI: {redirect_uri} +
+ +
+ Requested Permissions: + {self._format_scopes(scopes)} +
+ +
+ + + + + + + +
+ + +
+
+
+ + +""" + return HTMLResponse(content=html_content) + + async def _process_consent(self, request: Request) -> RedirectResponse | HTMLResponse: + form_data = await request.form() + action = form_data.get("action") + state = form_data.get("state") + + if action == "approve": + # Grant consent and continue with authorization + client_id = form_data.get("client_id") + if client_id: + client = await self.provider.get_client(client_id) + if client: + # TODO: move this out of provider + await self.provider.grant_client_consent(client) + + + auth_url = ( + f"{self.settings.github_auth_url}" + f"?client_id={self.settings.github_client_id}" + f"&redirect_uri={self.settings.github_callback_path}" + f"&scope={self.settings.github_scope}" + f"&state={state}" + ) + + return RedirectResponse( + # TODO: get this passed in + url=auth_url, + status_code=302, + headers={"Cache-Control": "no-store"}, + ) + else: + # User denied consent + redirect_uri = form_data.get("redirect_uri") + state = form_data.get("state") + + error_params = { + "error": "access_denied", + "error_description": "User denied the authorization request" + } + if state: + error_params["state"] = state + + if redirect_uri: + return RedirectResponse( + url=f"{redirect_uri}?{urlencode(error_params)}", + status_code=302, + headers={"Cache-Control": "no-store"}, + ) + else: + return HTMLResponse( + status_code=400, + content=f"Access denied: {error_params['error_description']}" + ) + + def _format_scopes(self, scopes: str) -> str: + if not scopes: + return "

No specific permissions requested

" + + scope_list = scopes.split() + if not scope_list: + return "

No specific permissions requested

" + + scope_html = "" + for scope in scope_list: + scope_html += f'
{scope}
' + + return scope_html + + + + def create_simple_mcp_server(settings: ServerSettings) -> FastMCP: """Create a simple FastMCP server with GitHub OAuth.""" oauth_provider = SimpleGitHubOAuthProvider(settings) @@ -275,9 +505,8 @@ def create_simple_mcp_server(settings: ServerSettings) -> FastMCP: enabled=True, valid_scopes=[settings.mcp_scope], default_scopes=[settings.mcp_scope], - # Because we're redirecting to a different AS during our - # main auth flow. - client_consent_required=True + # Turning off consent since we'll handle it via custom endpoint + client_consent_required=False ), required_scopes=[settings.mcp_scope], ) @@ -292,6 +521,12 @@ def create_simple_mcp_server(settings: ServerSettings) -> FastMCP: auth=auth_settings, ) + consent_handler = ConsentHandler(provider=oauth_provider, settings=settings) + + @app.custom_route("/consent", methods=["GET", "POST"]) + async def example_consent_handler(request: Request) -> Response: + return await consent_handler.handle(request) + @app.custom_route("/github/callback", methods=["GET"]) async def github_callback_handler(request: Request) -> Response: """Handle GitHub OAuth callback.""" diff --git a/src/mcp/server/auth/handlers/authorize.py b/src/mcp/server/auth/handlers/authorize.py index d82c26060..36c331dce 100644 --- a/src/mcp/server/auth/handlers/authorize.py +++ b/src/mcp/server/auth/handlers/authorize.py @@ -219,26 +219,6 @@ async def error_response( ) try: - # Check if client has already consented - has_consent = await self.provider.has_client_consent(client) - - if not has_consent: - # Redirect to consent page with necessary parameters - consent_url = "/consent" + "?" + urlencode({ - "client_id": auth_request.client_id, - "redirect_uri": str(redirect_uri), - "state": state or "", - "scopes": " ".join(scopes) if scopes else "", - "code_challenge": auth_request.code_challenge, - "response_type": auth_request.response_type, - }) - - return RedirectResponse( - url=consent_url, - status_code=302, - headers={"Cache-Control": "no-store"}, - ) - # Let the provider pick the next URI to redirect to return RedirectResponse( url=await self.provider.authorize( diff --git a/src/mcp/server/auth/handlers/consent.py b/src/mcp/server/auth/handlers/consent.py deleted file mode 100644 index 053bf83e8..000000000 --- a/src/mcp/server/auth/handlers/consent.py +++ /dev/null @@ -1,240 +0,0 @@ -from abc import ABC, abstractmethod -from dataclasses import dataclass -from typing import Any, Optional -from urllib.parse import urlencode - -from starlette.requests import Request -from starlette.responses import HTMLResponse, RedirectResponse, Response - -from mcp.server.auth.handlers.authorize import AuthorizationHandler -from mcp.server.auth.provider import OAuthAuthorizationServerProvider - - -class AbstractConsentHandler(ABC): - """Abstract base class for handling OAuth consent operations.""" - - @abstractmethod - async def handle(self, request: Request) -> Response: - """Handle consent requests - both showing the form and processing submissions.""" - pass - - @abstractmethod - async def _show_consent_form(self, request: Request) -> Response: - """Display the consent form to the user.""" - pass - - @abstractmethod - async def _process_consent(self, request: Request) -> Response: - """Process the user's consent decision.""" - pass - - -@dataclass -class ConsentHandler(AbstractConsentHandler): - provider: OAuthAuthorizationServerProvider[Any, Any, Any] - - async def handle(self, request: Request) -> Response: - # This handles both showing the consent form (GET) and processing consent (POST) - - if request.method == "GET": - # Show consent form - return await self._show_consent_form(request) - elif request.method == "POST": - # Process consent - return await self._process_consent(request) - else: - return HTMLResponse(status_code=405, content="Method not allowed") - - async def _show_consent_form(self, request: Request) -> HTMLResponse: - client_id = request.query_params.get("client_id", "") - redirect_uri = request.query_params.get("redirect_uri", "") - state = request.query_params.get("state", "") - scopes = request.query_params.get("scopes", "") - code_challenge = request.query_params.get("code_challenge", "") - response_type = request.query_params.get("response_type", "") - - # Get client info to display client_name - client_name = client_id # Default to client_id if we can't get the client - if client_id: - client = await self.provider.get_client(client_id) - if client and hasattr(client, 'client_name'): - client_name = client.client_name - - # TODO: get this passed in - target_url = "/consent" - - # Create a simple consent form - - html_content = f""" - - - - Authorization Required - - - - - -
-

Authorization Request

-

The application {client_name} is requesting access to your resources.

- -
- Application Name: {client_name}
- Client ID: {client_id}
- Redirect URI: {redirect_uri} -
- -
- Requested Permissions: - {self._format_scopes(scopes)} -
- -
- - - - - - - -
- - -
-
-
- - -""" - return HTMLResponse(content=html_content) - - async def _process_consent(self, request: Request) -> RedirectResponse | HTMLResponse: - form_data = await request.form() - action = form_data.get("action") - - if action == "approve": - # Grant consent and continue with authorization - client_id = form_data.get("client_id") - if client_id: - client = await self.provider.get_client(client_id) - if client: - await self.provider.grant_client_consent(client) - - # Redirect back to authorization endpoint with original parameters - auth_params = urlencode({ - k: v for k, v in form_data.items() - if k in ["client_id", "redirect_uri", "state", "scopes", "code_challenge", "response_type"] - }) - - return RedirectResponse( - # TODO: get this passed in - url=f"/authorize?{auth_params}", - status_code=302, - headers={"Cache-Control": "no-store"}, - ) - else: - # User denied consent - redirect_uri = form_data.get("redirect_uri") - state = form_data.get("state") - - error_params = { - "error": "access_denied", - "error_description": "User denied the authorization request" - } - if state: - error_params["state"] = state - - if redirect_uri: - return RedirectResponse( - url=f"{redirect_uri}?{urlencode(error_params)}", - status_code=302, - headers={"Cache-Control": "no-store"}, - ) - else: - return HTMLResponse( - status_code=400, - content=f"Access denied: {error_params['error_description']}" - ) - - def _format_scopes(self, scopes: str) -> str: - if not scopes: - return "

No specific permissions requested

" - - scope_list = scopes.split() - if not scope_list: - return "

No specific permissions requested

" - - scope_html = "" - for scope in scope_list: - scope_html += f'
{scope}
' - - return scope_html diff --git a/src/mcp/server/auth/provider.py b/src/mcp/server/auth/provider.py index 8162802ea..be1ac1dbc 100644 --- a/src/mcp/server/auth/provider.py +++ b/src/mcp/server/auth/provider.py @@ -174,27 +174,6 @@ async def authorize( """ ... - async def has_client_consent(self, client: OAuthClientInformationFull) -> bool: - """ - Check if a client has already provided consent. - - Args: - client: The client to check consent status for. - - Returns: - True if the client has provided consent, False otherwise. - """ - ... - - async def grant_client_consent(self, client: OAuthClientInformationFull) -> None: - """ - Grant consent for a client. - - Args: - client: The client to grant consent for. - """ - ... - async def load_authorization_code( self, client: OAuthClientInformationFull, authorization_code: str ) -> AuthorizationCodeT | None: diff --git a/src/mcp/server/auth/routes.py b/src/mcp/server/auth/routes.py index 6f3d1a08b..a1abf6def 100644 --- a/src/mcp/server/auth/routes.py +++ b/src/mcp/server/auth/routes.py @@ -133,18 +133,6 @@ def create_auth_routes( ) ) - if client_registration_options.client_consent_required: - consent_path: str = client_registration_options.client_consent_path or CONSENT_PATH - routes.append( - Route( - consent_path, - # do not allow CORS for consent endpoint; - # clients should just redirect to this - endpoint=ConsentHandler(provider).handle, - methods=["GET", "POST"], - ), - ) - if revocation_options.enabled: revocation_handler = RevocationHandler(provider, client_authenticator) routes.append( diff --git a/src/mcp/server/auth/settings.py b/src/mcp/server/auth/settings.py index 72e7559b8..1086bb77e 100644 --- a/src/mcp/server/auth/settings.py +++ b/src/mcp/server/auth/settings.py @@ -6,8 +6,6 @@ class ClientRegistrationOptions(BaseModel): client_secret_expiry_seconds: int | None = None valid_scopes: list[str] | None = None default_scopes: list[str] | None = None - client_consent_required: bool = False - client_consent_path: str | None = None class RevocationOptions(BaseModel): From 9439a4c65fee2fde27110eddb5c20ec3ee88255b Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 12:15:01 +0100 Subject: [PATCH 7/8] more cleanup --- .../simple-auth/mcp_simple_auth/server.py | 30 +++++++++---------- src/mcp/server/auth/handlers/authorize.py | 1 - src/mcp/server/auth/routes.py | 2 -- 3 files changed, 15 insertions(+), 18 deletions(-) diff --git a/examples/servers/simple-auth/mcp_simple_auth/server.py b/examples/servers/simple-auth/mcp_simple_auth/server.py index 181130372..18cc97d55 100644 --- a/examples/servers/simple-auth/mcp_simple_auth/server.py +++ b/examples/servers/simple-auth/mcp_simple_auth/server.py @@ -127,8 +127,6 @@ async def authorize( } consent_url = f"{self.settings.server_url}consent?{urlencode(consent_params)}" - print(f"[DEBUGG] {consent_url} {state}") - return consent_url async def handle_github_callback(self, code: str, state: str) -> str: @@ -277,10 +275,15 @@ async def revoke_token( del self.tokens[token] -@dataclass class ConsentHandler: - provider: OAuthAuthorizationServerProvider[Any, Any, Any] - settings: ServerSettings + + + + def __init__(self, provider: SimpleGitHubOAuthProvider, settings: ServerSettings, path: str): + self.provider: SimpleGitHubOAuthProvider = provider + self.settings: ServerSettings = settings + self.client_consent: dict[str, bool] = {} + self.path = path async def handle(self, request: Request) -> Response: # This handles both showing the consent form (GET) and processing consent (POST) @@ -308,11 +311,11 @@ async def _show_consent_form(self, request: Request) -> HTMLResponse: if client and hasattr(client, 'client_name'): client_name = client.client_name - # TODO: get this passed in - target_url = "/consent" + target_url = self.path - # Create a simple consent form + # TODO: allow skipping consent if we've already approved this client ID + # Create a simple consent form html_content = f""" @@ -436,9 +439,7 @@ async def _process_consent(self, request: Request) -> RedirectResponse | HTMLRes if client_id: client = await self.provider.get_client(client_id) if client: - # TODO: move this out of provider - await self.provider.grant_client_consent(client) - + self.client_consent[client.client_id] = True auth_url = ( f"{self.settings.github_auth_url}" @@ -505,8 +506,6 @@ def create_simple_mcp_server(settings: ServerSettings) -> FastMCP: enabled=True, valid_scopes=[settings.mcp_scope], default_scopes=[settings.mcp_scope], - # Turning off consent since we'll handle it via custom endpoint - client_consent_required=False ), required_scopes=[settings.mcp_scope], ) @@ -521,9 +520,10 @@ def create_simple_mcp_server(settings: ServerSettings) -> FastMCP: auth=auth_settings, ) - consent_handler = ConsentHandler(provider=oauth_provider, settings=settings) + consent_path = "/consent" + consent_handler = ConsentHandler(provider=oauth_provider, settings=settings, path=consent_path) - @app.custom_route("/consent", methods=["GET", "POST"]) + @app.custom_route(consent_path, methods=["GET", "POST"]) async def example_consent_handler(request: Request) -> Response: return await consent_handler.handle(request) diff --git a/src/mcp/server/auth/handlers/authorize.py b/src/mcp/server/auth/handlers/authorize.py index 36c331dce..8f3768908 100644 --- a/src/mcp/server/auth/handlers/authorize.py +++ b/src/mcp/server/auth/handlers/authorize.py @@ -1,7 +1,6 @@ import logging from dataclasses import dataclass from typing import Any, Literal -from urllib.parse import urlencode from pydantic import AnyHttpUrl, AnyUrl, BaseModel, Field, RootModel, ValidationError from starlette.datastructures import FormData, QueryParams diff --git a/src/mcp/server/auth/routes.py b/src/mcp/server/auth/routes.py index a1abf6def..4c56ca247 100644 --- a/src/mcp/server/auth/routes.py +++ b/src/mcp/server/auth/routes.py @@ -9,7 +9,6 @@ from starlette.types import ASGIApp from mcp.server.auth.handlers.authorize import AuthorizationHandler -from mcp.server.auth.handlers.consent import ConsentHandler from mcp.server.auth.handlers.metadata import MetadataHandler from mcp.server.auth.handlers.register import RegistrationHandler from mcp.server.auth.handlers.revoke import RevocationHandler @@ -50,7 +49,6 @@ def validate_issuer_url(url: AnyHttpUrl): TOKEN_PATH = "/token" REGISTRATION_PATH = "/register" REVOCATION_PATH = "/revoke" -CONSENT_PATH = "/consent" def cors_middleware( From 48eb13d0c459a7abf6362b9926b727715d7e286b Mon Sep 17 00:00:00 2001 From: Paul Carleton Date: Wed, 7 May 2025 12:18:15 +0100 Subject: [PATCH 8/8] more cleanup --- .../servers/simple-auth/mcp_simple_auth/server.py | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/examples/servers/simple-auth/mcp_simple_auth/server.py b/examples/servers/simple-auth/mcp_simple_auth/server.py index 18cc97d55..794353d60 100644 --- a/examples/servers/simple-auth/mcp_simple_auth/server.py +++ b/examples/servers/simple-auth/mcp_simple_auth/server.py @@ -11,8 +11,6 @@ from starlette.exceptions import HTTPException from starlette.requests import Request from starlette.responses import JSONResponse, RedirectResponse, Response, HTMLResponse -from dataclasses import dataclass - from mcp.server.auth.middleware.auth_context import get_access_token from mcp.server.auth.provider import ( @@ -76,8 +74,6 @@ def __init__(self, settings: ServerSettings): # Store GitHub tokens with MCP tokens using the format: # {"mcp_token": "github_token"} self.token_mapping: dict[str, str] = {} - # Track which clients have been granted consent - self.client_consent: dict[str, bool] = {} async def get_client(self, client_id: str) -> OAuthClientInformationFull | None: """Get OAuth client information.""" @@ -87,14 +83,6 @@ async def register_client(self, client_info: OAuthClientInformationFull): """Register a new OAuth client.""" self.clients[client_info.client_id] = client_info - async def has_client_consent(self, client: OAuthClientInformationFull) -> bool: - """Check if a client has already provided consent.""" - return self.client_consent.get(client.client_id, False) - - async def grant_client_consent(self, client: OAuthClientInformationFull) -> None: - """Grant consent for a client.""" - self.client_consent[client.client_id] = True - async def authorize( self, client: OAuthClientInformationFull, params: AuthorizationParams ) -> str: @@ -277,8 +265,6 @@ async def revoke_token( class ConsentHandler: - - def __init__(self, provider: SimpleGitHubOAuthProvider, settings: ServerSettings, path: str): self.provider: SimpleGitHubOAuthProvider = provider self.settings: ServerSettings = settings @@ -299,6 +285,7 @@ async def handle(self, request: Request) -> Response: async def _show_consent_form(self, request: Request) -> HTMLResponse: client_id = request.query_params.get("client_id", "") redirect_uri = request.query_params.get("redirect_uri", "") + # TODO: address csrf state = request.query_params.get("state", "") scopes = request.query_params.get("scopes", "") code_challenge = request.query_params.get("code_challenge", "")