more cleaning up

Author: patrickkang

examples/example-fastmcp-mcp/.env.example

@@ -2,4 +2,5 @@
 AUTH0_DOMAIN=your-tenant.auth0.com
 AUTH0_AUDIENCE=https://api.example.com
 MCP_SERVER_URL=http://localhost:3001
-PORT=3001
+PORT=3001
+DEBUG=false

examples/example-fastmcp-mcp/src/auth0/__init__.py

@@ -5,35 +5,29 @@
 including token verification, middleware, and scoped tool decorators.
 """
 
-import os
-
-from dotenv import load_dotenv
 from mcp.server.auth.routes import create_protected_resource_routes
-from pydantic import AnyHttpUrl
 from starlette.middleware import Middleware
 from starlette.routing import Route, Router
 
-from .middeware import Auth0Middleware
+from .middleware import Auth0Middleware
 
-# Load environment variables
-load_dotenv()
 
 class Auth0Mcp:
-    def __init__(self, name: str):
+    def __init__(self, name: str, audience: str, domain: str):
         self.name = name
-        self.audience = os.getenv("AUTH0_AUDIENCE", "https://api.example.com")
-        self.domain = os.getenv("AUTH0_DOMAIN", "your-tenant.auth0.com")
+        self.audience = audience
+        self.domain = domain
+        if not self.audience or not self.domain:
+            raise RuntimeError("audience and domain must be provided")
 
     def auth_metadata_router(self) -> Router:
         """
         Returns a router that serves the OAuth Protected Resource Metadata
         at the standard endpoint: /.well-known/oauth-protected-resource
         """
-        routes: list[Route] = []
-
-        routes = create_protected_resource_routes(
-            resource_url=AnyHttpUrl(self.audience),
-            authorization_servers=[AnyHttpUrl(f"https://{self.domain}")],
+        routes: list[Route] = create_protected_resource_routes(
+            resource_url=self.audience,
+            authorization_servers=[f"https://{self.domain}"],
             scopes_supported=[
                 "openid",
                 "profile",
@@ -45,12 +39,4 @@ def auth_metadata_router(self) -> Router:
         return Router(routes=routes)
 
     def auth_middleware(self) -> list[Middleware]:
-        middleware: list[Middleware] = []
-
-        middleware.append(
-            Middleware(
-                Auth0Middleware
-            )
-        )
-
-        return middleware
+        return [Middleware(Auth0Middleware, domain=self.domain, audience=self.audience)]

…ample-fastmcp-mcp/src/auth0/middeware.py …mple-fastmcp-mcp/src/auth0/middleware.pyexamples/example-fastmcp-mcp/src/auth0/middeware.py renamed to examples/example-fastmcp-mcp/src/auth0/middleware.py examples/example-fastmcp-mcp/src/auth0/middeware.py renamed to examples/example-fastmcp-mcp/src/auth0/middleware.py

@@ -13,14 +13,16 @@
 class Auth0Middleware(BaseHTTPMiddleware):
     """
     Middleware that requires a valid Bearer token in the Authorization header.
-    This will validate the token using Auth0 SDK Client and add the auth info to request.scope["auth"].
+    Validates the token using Auth0 SDK Client and stores auth info in request.state.auth.
     """
 
-    def __init__(self, app: ASGIApp):
+    def __init__(self, app: ASGIApp, domain: str, audience: str):
         super().__init__(app)
+        if not domain or not audience:
+            raise RuntimeError("domain and audience must be provided")
         self.client = ApiClient(ApiClientOptions(
-            domain=os.getenv("AUTH0_DOMAIN", "your-tenant.auth0.com"),
-            audience=os.getenv("AUTH0_AUDIENCE", "https://api.example.com")
+            domain=domain,
+            audience=audience
         ))
 
     async def dispatch(self, request: Request, call_next):
@@ -50,7 +52,6 @@ async def dispatch(self, request: Request, call_next):
 
             # Set up authentication context
             auth_data = {
-                "token": token,
                 "client_id": clientId,
                 "scopes": decoded_and_verified_token.get("scope", "").split()
                          if decoded_and_verified_token.get("scope") else []
@@ -66,7 +67,7 @@ async def dispatch(self, request: Request, call_next):
                     extra[field] = decoded_and_verified_token.get(field)
 
             auth_data["extra"] = extra
-            request.scope["auth"] = auth_data
+            request.state.auth = auth_data
 
             return await call_next(request)
         except VerifyAccessTokenError as e:

examples/example-fastmcp-mcp/src/auth0/tools.py

@@ -88,5 +88,5 @@ async def scope_checked_wrapper(*args, **kwargs):
 
 
 def get_auth_info(request) -> dict:
-    """Get authentication info from request."""
-    return request.scope.get("auth", {})
+    """Get authentication info from request state."""
+    return getattr(request.state, 'auth', {})

examples/example-fastmcp-mcp/src/server.py

@@ -3,18 +3,25 @@
 import os
 from collections.abc import AsyncIterator
 
+from dotenv import load_dotenv
 from starlette.applications import Starlette
 from starlette.middleware.cors import CORSMiddleware
 from starlette.routing import Mount
 
 from .auth0 import Auth0Mcp
 from .mcp import mcp
 
+load_dotenv()
+
 # Configure logging
 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
 
-auth0_mcp = Auth0Mcp(name="Example FastMCP Server")
+auth0_mcp = Auth0Mcp(
+    name="Example FastMCP Server",
+    audience=os.getenv("AUTH0_AUDIENCE"),
+    domain=os.getenv("AUTH0_DOMAIN")
+)
 
 @contextlib.asynccontextmanager
 async def lifespan(app: Starlette) -> AsyncIterator[None]:
@@ -26,7 +33,7 @@ async def lifespan(app: Starlette) -> AsyncIterator[None]:
         yield
 
 starlette_app = Starlette(
-    debug=True,
+    debug=os.getenv("DEBUG", "true").lower() == "true",
     routes=[
         # Add discovery metadata route
         *auth0_mcp.auth_metadata_router().routes,

examples/example-fastmcp-mcp/src/tools.py

@@ -23,8 +23,7 @@ def echo(text: str) -> str:
     annotations={"readOnlyHint": True}
 )
 def greet(name: str, ctx: Context) -> str:
-    if not name or name.strip() == "":
-        name = "world"
+    name = (name or "").strip() or "world"
     request = ctx.request_context.request
     auth_info = get_auth_info(request)
     user_id = auth_info.get("extra", {}).get("sub")