cleaning up

Author: patrickkang

examples/example-fastmcp-mcp/src/auth0/__init__.py

@@ -5,6 +5,8 @@
 including token verification, middleware, and scoped tool decorators.
 """
 
+from __future__ import annotations
+
 import logging
 import os
 from typing import Callable, Union
@@ -30,7 +32,7 @@ def __init__(self, name: str, audience: str, domain: str):
         if not self.audience or not self.domain:
             raise RuntimeError("audience and domain must be provided")
         self.mcp = FastMCP(
-            name="Auth0 Protected MCP Server",
+            name=self.name,
             stateless_http=True,
         )
         self._scopes_supported = {
@@ -111,9 +113,9 @@ def _build_www_authenticate_header(self, error_code: str, description: str, incl
         Build WWW-Authenticate header according to RFC 9728 Section 5.1.
         """
         www_auth_params = [f'error="{error_code}"', f'error_description="{description}"']
-
-        if include_resource_metadata:
-            metadata_url = f"{os.getenv('MCP_SERVER_URL')}/.well-known/oauth-protected-resource"
+        metadata_url = os.getenv('MCP_SERVER_URL')
+        if include_resource_metadata and metadata_url:
+            metadata_url = metadata_url.rstrip("/") + "/.well-known/oauth-protected-resource"
             www_auth_params.append(f'resource_metadata="{metadata_url}"')
 
         return f"Bearer {', '.join(www_auth_params)}"

examples/example-fastmcp-mcp/src/auth0/authz.py

@@ -1,6 +1,5 @@
 from __future__ import annotations
 
-import asyncio
 from collections.abc import Iterable
 from functools import wraps
 
@@ -16,7 +15,7 @@ def require_scopes(required_scopes: Iterable[str]):
     Example:
       @mcp.tool(...)
       @require_scopes(["tool:greet", "tool:whoami"])
-      def my_tool(name: str, ctx: Context) -> str:
+      async def my_tool(name: str, ctx: Context) -> str:
         return f"Hello {name}!"
     """
     required_scopes_list = list(required_scopes)
@@ -37,10 +36,6 @@ async def wrapper(*args, **kwargs):
             if missing_scopes:
                 raise InsufficientScope(f"Missing required scopes: {missing_scopes}")
 
-            # Call the original function
-            if asyncio.iscoroutinefunction(func):
-                return await func(*args, **kwargs)
-            else:
-                return func(*args, **kwargs)
+            return await func(*args, **kwargs)
         return wrapper
     return decorator

examples/example-fastmcp-mcp/src/auth0/errors.py

@@ -1,3 +1,6 @@
+from __future__ import annotations
+
+
 class AuthenticationRequired(Exception):
     """
     Raised when authentication is required but missing.

examples/example-fastmcp-mcp/src/auth0/middleware.py

@@ -29,34 +29,34 @@ async def dispatch(self, request: Request, call_next):
         # Extract Authorization header
         auth_header = request.headers.get("authorization")
         if not auth_header:
-            raise AuthenticationRequired("Missing Authorization header")
+            raise MalformedAuthorizationRequest("Missing Authorization header")
         if not auth_header.lower().startswith("bearer "):
             raise MalformedAuthorizationRequest("Invalid Authorization header format")
 
         # Extract and verify token
-        token = auth_header[7:] # Remove "Bearer " prefix
+        token = auth_header[7:].strip() # Remove "Bearer " prefix
         try:
             decoded_and_verified_token = await self.client.verify_access_token(
                 token,
                 required_claims=["sub"]
             )
 
             # Check for client_id or azp
-            clientId = decoded_and_verified_token.get('client_id') or decoded_and_verified_token.get('azp')
-            if not clientId:
+            client_id = decoded_and_verified_token.get('client_id') or decoded_and_verified_token.get('azp')
+            if not client_id:
                 raise VerifyAccessTokenError("Token is missing 'client_id' or 'azp' claim")
 
             # Set up authentication context
             auth_data = {
-                "client_id": clientId,
+                "client_id": client_id,
                 "scopes": decoded_and_verified_token.get("scope", "").split()
                          if decoded_and_verified_token.get("scope") else []
             }
 
             if decoded_and_verified_token.get('exp'):
-                auth_data["expiresAt"] = decoded_and_verified_token.get('exp')
+                auth_data["expires_at"] = decoded_and_verified_token.get('exp')
 
-            extra = {"sub": decoded_and_verified_token.get('sub'), "client_id": clientId}
+            extra = {"sub": decoded_and_verified_token.get('sub'), "client_id": client_id}
 
             for field in ['azp', 'name', 'email']:
                 if decoded_and_verified_token.get(field):
@@ -66,10 +66,9 @@ async def dispatch(self, request: Request, call_next):
             request.state.auth = auth_data
 
             return await call_next(request)
-        except VerifyAccessTokenError as e:
-            logger.error(f"Token verification failed: {str(e)}")
+        except VerifyAccessTokenError:
+            logger.info("Token verification failed")
             raise AuthenticationRequired("Invalid token")
-        except Exception as e:
-            logger.error(f"Unexpected error in middleware: {str(e)}")
-            # Re-raise unexpected errors to be handled by generic exception handler
+        except Exception:
+            logger.exception("Unexpected error in middleware")
             raise

examples/example-fastmcp-mcp/src/server.py

@@ -1,3 +1,5 @@
+from __future__ import annotations
+
 import contextlib
 import logging
 import os

examples/example-fastmcp-mcp/src/tools.py

@@ -1,4 +1,4 @@
-from json import dumps as jsonDumps
+import json
 
 from mcp.server.fastmcp import Context
 
@@ -15,7 +15,7 @@ def register_tools(auth0Mcp):
 
     # Tool without required scopes
     @mcp.tool()
-    def echo(text: str) -> str:
+    async def echo(text: str) -> str:
         """Echoes the input text"""
         return text
 
@@ -27,7 +27,7 @@ def echo(text: str) -> str:
         annotations={"readOnlyHint": True}
     )
     @require_scopes(["tool:greet"])
-    def greet(name: str, ctx: Context) -> str:
+    async def greet(name: str, ctx: Context) -> str:
         name = (name or "").strip() or "world"
         auth_info = ctx.request_context.request.state.auth
         user_id = auth_info.get("extra", {}).get("sub")
@@ -41,11 +41,11 @@ def greet(name: str, ctx: Context) -> str:
         annotations={"readOnlyHint": True}
     )
     @require_scopes(["tool:whoami"])
-    def whoami(ctx: Context) -> str:
+    async def whoami(ctx: Context) -> str:
         auth_info = ctx.request_context.request.state.auth
 
         response_data = {
             "user": auth_info.get("extra", {}),
             "scopes": auth_info.get("scopes", []),
         }
-        return jsonDumps(response_data, indent=2)
+        return json.dumps(response_data, indent=2)