mcp-s-oauth
by webrix-ai
Overview
Universal OAuth middleware for MCP (Model Context Protocol) servers, enabling authentication with various OAuth providers.
Installation
npm run devEnvironment Variables
- BASE_URL
- GITHUB_CLIENT_ID
- GITHUB_CLIENT_SECRET
- DB_PATH
- TOKEN_EXPIRATION_TIME
Security Notes
Critical Open Redirect Vulnerability: In `src/services/mcp-auth-provider.ts`, the `redirectUri` provided by the client in the `/auth/authorize` request is stored in the OAuth `state` parameter and later used directly for `res.redirect()` in the `/oauth/callback` without validation. An attacker can craft a malicious `redirectUri` to redirect users to their own site after successful external OAuth authentication, potentially intercepting the internal MCP authorization code. Additionally, `skipLocalPkceValidation: true` means the internal MCP authorization code flow does not enforce PKCE, making it vulnerable to authorization code interception attacks. Sensitive OAuth and internal MCP tokens are stored in a local SQLite database, which requires careful management (permissions, encryption at rest) in production.
Similar Servers
jetski
An Open Source MCP Analytics and Authentication Platform that proxies and provides analytics for MCP servers.
oauth-mcp-proxy
Provides server-side OAuth 2.1 authentication for Go Model Context Protocol (MCP) servers, supporting both mark3labs/mcp-go and official go-sdk.
mcp-server-playground
A Model Context Protocol (MCP) server that acts as an OAuth proxy for 3rd party authorization servers like Auth0, provides stateful session management, and exposes various tools for system time, streaming, project keyword searching, and AWS services (S3, ECS, CloudWatch Logs, Bedrock).
mcp-shield
Provides an OAuth proxy for Model Context Protocol (MCP) servers on OpenShift, handling OAuth 2.0 discovery, client registration, token exchange, and enhancing security with a proxy token system.