quarkus-mcp-server
Verified Safeby quarkiverse
Overview
This server demonstrates a secure Model Context Protocol (MCP) using Server-Sent Events (SSE) for exposing tools, prompts, and resources, with authentication handled by Keycloak or GitHub OAuth2.
Installation
./mvnw quarkus:devEnvironment Variables
- GITHUB_CLIENT_ID
- GITHUB_CLIENT_SECRET
- QUARKUS_KEYCLOAK_DEVSERVICES_JAVA_OPTS
- QUARKUS_OIDC_DEVSERVICES_ENABLED
Security Notes
The server leverages Quarkus's robust security features for OIDC (Keycloak) and OAuth2 (GitHub), offloading authentication to external providers. Secrets like GitHub client ID/secret are configured externally via properties, not hardcoded in the source. Input validation for tool and prompt arguments is implemented and configurable to prevent common injection attacks. There are no direct uses of 'eval' or other highly dangerous patterns identified in the provided source code. The implementation also includes cancellation mechanisms for long-running operations.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
solon-ai
The Model Context Protocol (MCP) server provides a standardized interface for AI models to interact with external tools, resources, and prompt templates through a structured, bidirectional communication protocol.
mcp-annotated-java-sdk
Annotation-driven framework for building Model Context Protocol (MCP) servers in Java, simplifying the definition and integration of resources, prompts, and tools for LLM applications.
MCP-Client-Host-Java
An MCP (Model Context Protocol) client that acts as a server to the MCP host, managing connections to various external MCP servers (tools) and orchestrating tool discovery and execution for AI assistants.