ruff

ihrpr · ihrpr · commit 38c574fa0845 · 2025-06-19T23:39:54.000+01:00
diff --git a/examples/servers/simple-auth/mcp_simple_auth/server.py b/examples/servers/simple-auth/mcp_simple_auth/server.py
@@ -18,9 +18,10 @@
 
 from mcp.server.auth.middleware.auth_context import get_access_token
 from mcp.server.auth.settings import AuthSettings
-from .token_verifier import IntrospectionTokenVerifier
 from mcp.server.fastmcp.server import FastMCP
 
+from .token_verifier import IntrospectionTokenVerifier
+
 logger = logging.getLogger(__name__)
 
 
diff --git a/examples/servers/simple-auth/mcp_simple_auth/token_verifier.py b/examples/servers/simple-auth/mcp_simple_auth/token_verifier.py
@@ -1,14 +1,15 @@
 """Example token verifier implementation using OAuth 2.0 Token Introspection (RFC 7662)."""
 
 import logging
+
 from mcp.server.auth.provider import AccessToken
 
 logger = logging.getLogger(__name__)
 
 
 class IntrospectionTokenVerifier:
     """Example token verifier that uses OAuth 2.0 Token Introspection (RFC 7662).
-    
+
     This is a simple example implementation for demonstration purposes.
     Production implementations should consider:
     - Connection pooling and reuse
@@ -25,14 +26,14 @@ async def verify_token(self, token: str) -> AccessToken | None:
         import httpx
 
         # Validate URL to prevent SSRF attacks
-        if not self.introspection_endpoint.startswith(('https://', 'http://localhost', 'http://127.0.0.1')):
+        if not self.introspection_endpoint.startswith(("https://", "http://localhost", "http://127.0.0.1")):
             logger.warning(f"Rejecting introspection endpoint with unsafe scheme: {self.introspection_endpoint}")
             return None
 
         # Configure secure HTTP client
         timeout = httpx.Timeout(10.0, connect=5.0)
         limits = httpx.Limits(max_connections=10, max_keepalive_connections=5)
-        
+
         async with httpx.AsyncClient(
             timeout=timeout,
             limits=limits,
@@ -61,4 +62,4 @@ async def verify_token(self, token: str) -> AccessToken | None:
                 )
             except Exception as e:
                 logger.warning(f"Token introspection failed: {e}")
-                return None
+                return None
diff --git a/src/mcp/server/auth/provider.py b/src/mcp/server/auth/provider.py
@@ -282,9 +282,9 @@ def construct_redirect_uri(redirect_uri_base: str, **params: str | None) -> str:
 
 class ProviderTokenVerifier:
     """Token verifier that uses an OAuthAuthorizationServerProvider.
-    
+
     This is provided for backwards compatibility with existing auth_server_provider
-    configurations. For new implementations using AS/RS separation, consider using 
+    configurations. For new implementations using AS/RS separation, consider using
     the TokenVerifier protocol with a dedicated implementation like IntrospectionTokenVerifier.
     """
 
diff --git a/src/mcp/server/fastmcp/server.py b/src/mcp/server/fastmcp/server.py
@@ -67,8 +67,6 @@
 logger = get_logger(__name__)
 
 
-
-
 class Settings(BaseSettings, Generic[LifespanResultT]):
     """FastMCP server settings.
 
