Hugging Face's logo

Spaces:
freddyaboulton
/
fastmcp-oauth
Sleeping

App Files Community
fastmcp-oauth / app.py
freddyaboulton's picture
freddyaboulton HF Staff
Update app.py
4a4584d verified
raw
history blame contribute delete
4.54 kB
 from pydantic import AnyHttpUrl
from mcp.server.auth.provider import AccessToken, TokenVerifier
from mcp.server.auth.settings import AuthSettings
from mcp.server.fastmcp import FastMCP
from fastapi import FastAPI, Request
from starlette.responses import JSONResponse, RedirectResponse, Response
import contextlib
import httpx
class SimpleTokenVerifier(TokenVerifier):
"""Simple token verifier for demonstration."""
async def verify_token(self, token: str) -> AccessToken | None:
pass # This is where you would implement actual token validation
# Create FastMCP instance as a Resource Server
mcp = FastMCP(
"Weather Service",
# Token verifier for authentication
token_verifier=SimpleTokenVerifier(),
# Auth settings for RFC 9728 Protected Resource Metadata
auth=AuthSettings(
issuer_url=AnyHttpUrl("https://huggingface.co/.well-known/oauth-authorization-server"), # Authorization Server URL
resource_server_url=AnyHttpUrl("https://freddyaboulton-fastmcp-oauth.hf.space/mcp"), # This server's URL
required_scopes=["inference-api"],
),
)
@mcp.tool()
async def get_weather(city: str = "London") -> dict[str, str]:
"""Get weather data for a city"""
return {
"city": city,
"temperature": "22",
"condition": "Partly cloudy",
"humidity": "65%",
}
@contextlib.asynccontextmanager
async def lifespan(app: FastAPI):
async with contextlib.AsyncExitStack() as stack:
await stack.enter_async_context(mcp.session_manager.run())
yield
app = FastAPI(lifespan=lifespan)
@app.get("/mcp/.well-known/oauth-protected-resource")
async def _():
return RedirectResponse("/.well-known/oauth-protected-resource")
app.mount("/", mcp.streamable_http_app())
# @app.get("/")
# async def _():
# return JSONResponse({"message": "Welcome to the Weather Service!"})
# @app.get("/.well-known/oauth-protected-resource")
# async def _():
# return RedirectResponse("/weather_mcp/.well-known/oauth-protected-resource")
# @app.get("/authorize")
# async def authorize_proxy(request: Request):
# """Forward GET requests to Hugging Face OAuth authorize endpoint"""
# target_url = "https://huggingface.co/oauth/authorize"
# async with httpx.AsyncClient() as client:
# # Prepare the request data
# headers = dict(request.headers)
# # Remove host header to avoid conflicts
# headers.pop("host", None)
# # Get query parameters
# query_params = str(request.url.query) if request.url.query else None
# target_url_with_params = f"{target_url}?{query_params}" if query_params else target_url
# # Forward the request
# response = await client.request(
# method=request.method,
# url=target_url_with_params,
# headers=headers,
# follow_redirects=False
# )
# # Return the response with the same status code, headers, and content
# return Response(
# content=response.content,
# status_code=response.status_code,
# headers=dict(response.headers)
# )
# @app.post("/register")
# async def register_proxy(request: Request):
# """Forward requests to Hugging Face OAuth register endpoint"""
# target_url = "https://huggingface.co/oauth/register"
# async with httpx.AsyncClient() as client:
# # Prepare the request data
# headers = dict(request.headers)
# # Remove host header to avoid conflicts
# headers.pop("host", None)
# # Get query parameters
# query_params = str(request.url.query) if request.url.query else None
# target_url_with_params = f"{target_url}?{query_params}" if query_params else target_url
# # Get request body if present
# body = await request.body()
# # Forward the request
# response = await client.request(
# method=request.method,
# url=target_url_with_params,
# headers=headers,
# content=body,
# follow_redirects=False
# )
# # Return the response with the same status code, headers, and content
# return Response(
# content=response.content,
# status_code=response.status_code,
# headers=dict(response.headers)
# )
if __name__ == "__main__":
import uvicorn
uvicorn.run(app, host="0.0.0.0", port=7860)