mcp-s-oauth
by webrix-ai
Overview
Universal OAuth middleware for MCP (Model Context Protocol) servers, enabling authentication with various OAuth providers.
Installation
npm run devEnvironment Variables
- BASE_URL
- GITHUB_CLIENT_ID
- GITHUB_CLIENT_SECRET
- DB_PATH
- TOKEN_EXPIRATION_TIME
Security Notes
Critical Open Redirect Vulnerability: In `src/services/mcp-auth-provider.ts`, the `redirectUri` provided by the client in the `/auth/authorize` request is stored in the OAuth `state` parameter and later used directly for `res.redirect()` in the `/oauth/callback` without validation. An attacker can craft a malicious `redirectUri` to redirect users to their own site after successful external OAuth authentication, potentially intercepting the internal MCP authorization code. Additionally, `skipLocalPkceValidation: true` means the internal MCP authorization code flow does not enforce PKCE, making it vulnerable to authorization code interception attacks. Sensitive OAuth and internal MCP tokens are stored in a local SQLite database, which requires careful management (permissions, encryption at rest) in production.
Similar Servers
jetski
Jetski is an open-source platform providing analytics, authentication, and simplified client setup for Model Context Protocol (MCP) servers by acting as a proxy.
oauth-mcp-proxy
OAuth 2.1 authentication library for Go MCP servers, supporting both mark3labs and official SDKs for token validation and caching.
mcp-server-playground
A playground and reference implementation for a Model Context Protocol (MCP) server, featuring streamable HTTP transport, OAuth proxy for third-party authorization servers like Auth0, and stateful session management.
mcp-oauth
Provider-agnostic OAuth 2.1 Authorization Server library for Model Context Protocol (MCP) servers, enabling URL-based client identifiers with dynamic metadata discovery (CIMD).