gitea/gitea-mcp
Fork 22
Code Issues 13 Pull Requests 2 Actions Projects Releases 15 Activity

feat: read token from header in http/sse mode #89

Merged
lunny merged 2 commits from :main into main 2025-09-12 03:57:57 +00:00
Conversation 2 Commits 2 Files Changed 17 +310 -92
darren commented 2025-09-02 21:37:03 +00:00
Contributor
Copy Link

this PR introduces support for per-request authentication tokens in HTTP and SSE modes. The server now inspects incoming requests for an Authorization: Bearer <token> header.

Previously, the server operated with a single, globally configured Gitea token. This change allows different clients to use their own tokens when communicating with the MCP server, enhancing security and flexibility.

To support this, the Gitea API client initialization has been refactored:

  • The global singleton Gitea client has been removed.
  • A new ClientFromContext function creates a Gitea client on-demand, using a token from the request context if available, and falling back to the globally configured token otherwise.
  • All tool functions now retrieve the client from the context for each call.

The README has also been updated to reflect the new configuration option.

Update: #59

this PR introduces support for per-request authentication tokens in HTTP and SSE modes. The server now inspects incoming requests for an `Authorization: Bearer <token>` header. Previously, the server operated with a single, globally configured Gitea token. This change allows different clients to use their own tokens when communicating with the MCP server, enhancing security and flexibility. To support this, the Gitea API client initialization has been refactored: - The global singleton Gitea client has been removed. - A new `ClientFromContext` function creates a Gitea client on-demand, using a token from the request context if available, and falling back to the globally configured token otherwise. - All tool functions now retrieve the client from the context for each call. The README has also been updated to reflect the new configuration option. Update: #59
darren added 1 commit 2025-09-02 21:37:03 +00:00
feat: read token from header in http/sse mode
All checks were successful
check-and-test / check-and-test (pull_request) Successful in 21s
Details
check-and-test / Run govulncheck (pull_request) Successful in 24s
Details
178c5f6fac 
Update: #59
darren requested review from appleboy 2025-09-02 21:41:16 +00:00
hiifong approved these changes 2025-09-03 06:20:52 +00:00
lunny approved these changes 2025-09-03 22:39:41 +00:00
lunny added the enhancement label 2025-09-03 22:39:57 +00:00
lunny added 1 commit 2025-09-12 03:17:32 +00:00
force ci run
All checks were successful
check-and-test / Run govulncheck (pull_request) Successful in 23s
Details
check-and-test / check-and-test (pull_request) Successful in 36s
Details
a036957eca
lunny merged commit d7addd56c4 into main 2025-09-12 03:57:57 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
appleboy
hiifong
lunny
Labels
Clear labels
bug
Something is not working
 duplicate
This issue or pull request already exists
 enhancement
New feature
 help wanted
Need some help
 invalid
Something is wrong
 proposal
question
More information is needed
 wontfix
This won't be fixed
No Label enhancement
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
42wim 6543 a1012112796 Akkuman appleboy axifive betacat0 blumia bwko caicandong ChristopherHX davidsvantesson delvh denyskon fuxiaohei gary-kim garymoon giteabot guillep2k HesterG hiifong jaqra jolheiser jonasfranz jpraet kdumontnu kemzeb kerwin612 khmarbaise KN4CK3R kolaente lafriks lng2020 luhahn lunny mrsdizzie noerw puni9869 richmahn sapk screenshots sillyguodong silverwind smartclip_tim strk tboerger techknowlogick TheFox0x7 tobiasbp typeless volker.raschek wolfogre wxiaoguang yardenshoham yp05327 zeripath Zettat123
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gitea/gitea-mcp#89
No description provided.
Delete Branch ":main"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?