Skip to content

Commit 2a23890

Browse files
ochafikochafik
authored
simpleStreamableHttp: fix example code (modelcontextprotocol#660)
1 parent a68dcdf commit 2a23890

File tree

2 files changed

+12
-14
lines changed

2 files changed

+12
-14
lines changed

src/examples/server/demoInMemoryOAuthProvider.ts

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -35,17 +35,8 @@ export class DemoInMemoryAuthProvider implements OAuthServerProvider {
3535
params: AuthorizationParams,
3636
client: OAuthClientInformationFull}>();
3737
private tokens = new Map<string, AuthInfo>();
38-
private validateResource?: (resource?: URL) => boolean;
39-
40-
constructor({mcpServerUrl}: {mcpServerUrl?: URL} = {}) {
41-
if (mcpServerUrl) {
42-
const expectedResource = resourceUrlFromServerUrl(mcpServerUrl);
43-
this.validateResource = (resource?: URL) => {
44-
if (!resource) return false;
45-
return resource.toString() === expectedResource.toString();
46-
};
47-
}
48-
}
38+
39+
constructor(private validateResource?: (resource?: URL) => boolean) {}
4940

5041
async authorize(
5142
client: OAuthClientInformationFull,
@@ -153,13 +144,20 @@ export class DemoInMemoryAuthProvider implements OAuthServerProvider {
153144
}
154145

155146

156-
export const setupAuthServer = (authServerUrl: URL, mcpServerUrl: URL): OAuthMetadata => {
147+
export const setupAuthServer = ({authServerUrl, mcpServerUrl, strictResource}: {authServerUrl: URL, mcpServerUrl: URL, strictResource: boolean}): OAuthMetadata => {
157148
// Create separate auth server app
158149
// NOTE: This is a separate app on a separate port to illustrate
159150
// how to separate an OAuth Authorization Server from a Resource
160151
// server in the SDK. The SDK is not intended to be provide a standalone
161152
// authorization server.
162-
const provider = new DemoInMemoryAuthProvider({mcpServerUrl});
153+
154+
const validateResource = strictResource ? (resource?: URL) => {
155+
if (!resource) return false;
156+
const expectedResource = resourceUrlFromServerUrl(mcpServerUrl);
157+
return resource.toString() === expectedResource.toString();
158+
} : undefined;
159+
160+
const provider = new DemoInMemoryAuthProvider(validateResource);
163161
const authApp = express();
164162
authApp.use(express.json());
165163
// For introspection requests

src/examples/server/simpleStreamableHttp.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -432,7 +432,7 @@ if (useOAuth) {
432432
const mcpServerUrl = new URL(`http://localhost:${MCP_PORT}/mcp`);
433433
const authServerUrl = new URL(`http://localhost:${AUTH_PORT}`);
434434

435-
const oauthMetadata: OAuthMetadata = setupAuthServer(authServerUrl, mcpServerUrl);
435+
const oauthMetadata: OAuthMetadata = setupAuthServer({authServerUrl, mcpServerUrl, strictResource: strictOAuth});
436436

437437
const tokenVerifier = {
438438
verifyAccessToken: async (token: string) => {

0 commit comments

Comments
 (0)