nat.plugins.mcp.auth.auth_flow_handler#
Attributes#
Classes#
Authentication helper for MCP environments. |
Module Contents#
- logger#
- class MCPAuthenticationFlowHandler#
Bases:
nat.front_ends.console.authentication_flow_handler.ConsoleAuthenticationFlowHandlerAuthentication helper for MCP environments.
This handler is specifically designed for MCP tool discovery scenarios where authentication needs to happen before the default auth_callback is available in the Context. It handles OAuth2 authorization code flow during MCP client startup and tool discovery phases.
Key differences from console handler: - Only supports OAuth2 Authorization Code flow (no HTTP Basic) - Optimized for MCP tool discovery workflows - Designed for single-use authentication during startup
- _server_controller: nat.front_ends.fastapi.fastapi_front_end_controller._FastApiFrontEndController | None = None#
- _server_lock#
- _server_task: asyncio.Task | None = None#
- async authenticate(
- config: nat.data_models.authentication.AuthProviderBaseConfig,
- method: nat.data_models.authentication.AuthFlowType,
Handle the OAuth2 authorization code flow for MCP environments.
- Args:
config: OAuth2 configuration for MCP server method: Authentication method (only OAUTH2_AUTHORIZATION_CODE supported)
- Returns:
AuthenticatedContext with Bearer token for MCP server access
- Raises:
ValueError: If config is invalid for MCP use case NotImplementedError: If method is not OAuth2 Authorization Code
- async _handle_oauth2_auth_code_flow(
- cfg: nat.authentication.oauth2.oauth2_auth_code_flow_provider_config.OAuth2AuthCodeFlowProviderConfig,