admin/miem_workers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: adds OAuth/OIDC authentication for MCP #11

Merged
admin merged 1 commits from feature/mcp-oauth-oidc into main 2026-04-29 11:35:00 +00:00
Conversation 0 Commits 1 Files Changed 10 +331 -14
admin commented 2026-04-29 11:34:57 +00:00
Owner
Copy Link

Add OAuth/OIDC support for the MCP endpoint while preserving the existing static MCP_TOKEN fallback.

The MCP server can now run in token, oauth, or oauth_or_token auth modes. OAuth access tokens are validated as JWTs using JWKS, issuer, audience, expiration, and the required mcp:tools scope. The server also exposes OAuth protected resource metadata at /.well-known/oauth-protected-resource and returns a WWW-Authenticate challenge for OAuth failures.

Update environment examples, README documentation, dependencies, and bump the service version to 0.3.0. Add tests for static fallback, valid OAuth JWTs, invalid JWTs, missing scopes, missing auth challenges, and protected resource metadata.

Add OAuth/OIDC support for the MCP endpoint while preserving the existing static MCP_TOKEN fallback. The MCP server can now run in token, oauth, or oauth_or_token auth modes. OAuth access tokens are validated as JWTs using JWKS, issuer, audience, expiration, and the required mcp:tools scope. The server also exposes OAuth protected resource metadata at /.well-known/oauth-protected-resource and returns a WWW-Authenticate challenge for OAuth failures. Update environment examples, README documentation, dependencies, and bump the service version to 0.3.0. Add tests for static fallback, valid OAuth JWTs, invalid JWTs, missing scopes, missing auth challenges, and protected resource metadata.
admin added 1 commit 2026-04-29 11:34:58 +00:00
feat: adds OAuth/OIDC authentication for MCP ad0b15cc6e
admin merged commit c7027bb503 into main 2026-04-29 11:35:00 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
admin
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: admin/miem_workers#11
Delete Branch "feature/mcp-oauth-oidc"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?