renamed to proxy-oauth

Signed-off-by: Jesse Sanford <108698+jessesanford@users.noreply.github.com>

Author: jessesanford

examples/servers/proxy-auth/README.md

@@ -0,0 +1,95 @@
+# OAuth Proxy Server
+
+This is a minimal OAuth proxy server example for the MCP Python SDK that demonstrates how to create a transparent OAuth proxy for existing OAuth providers.
+
+## Installation
+
+```bash
+# Navigate to the proxy-auth directory
+cd examples/servers/proxy-auth
+
+# Install the package in development mode
+uv add -e .
+```
+
+## Configuration
+
+The servers can be configured using either:
+
+1. **Command-line arguments** (take precedence when provided)
+2. **Environment variables** (loaded from `.env` file when present)
+
+Example `.env` file:
+```
+# Auth Server Configuration
+AUTH_SERVER_HOST=localhost
+AUTH_SERVER_PORT=9000
+AUTH_SERVER_URL=http://localhost:9000
+
+# Resource Server Configuration
+RESOURCE_SERVER_HOST=localhost
+RESOURCE_SERVER_PORT=8001
+RESOURCE_SERVER_URL=http://localhost:8001
+
+# Combo Server Configuration
+COMBO_SERVER_HOST=localhost
+COMBO_SERVER_PORT=8000
+
+# OAuth Provider Configuration
+UPSTREAM_AUTHORIZE=https://github.com/login/oauth/authorize
+UPSTREAM_TOKEN=https://github.com/login/oauth/access_token
+CLIENT_ID=your-client-id
+CLIENT_SECRET=your-client-secret
+DEFAULT_SCOPE=openid
+```
+
+## Running the Servers
+
+The example consists of three server components that can be run using the project scripts defined in pyproject.toml:
+
+### Step 1: Start Authorization Server
+
+```bash
+# Start Authorization Server on port 9000
+uv run mcp-proxy-auth-as --port=9000
+
+# Or rely on environment variables from .env file
+uv run mcp-proxy-auth-as
+```
+
+**What it provides:**
+- OAuth 2.0 flows (authorization, token exchange)
+- Token introspection endpoint for Resource Servers (`/introspect`)
+- Client registration endpoint (`/register`)
+
+### Step 2: Start Resource Server (MCP Server)
+
+```bash
+# In another terminal, start Resource Server on port 8001
+uv run mcp-proxy-auth-rs --port=8001 --auth-server=http://localhost:9000 --transport=streamable-http
+
+# Or rely on environment variables from .env file
+uv run mcp-proxy-auth-rs
+```
+
+### Step 3: Alternatively, Run Combined Server
+
+For simpler testing, you can run a combined proxy server that handles both authentication and resource access:
+
+```bash
+# Run the combined proxy server on port 8000
+uv run mcp-proxy-auth-combo --port=8000 --transport=streamable-http
+
+# Or rely on environment variables from .env file
+uv run mcp-proxy-auth-combo
+```
+
+## How It Works
+
+The proxy OAuth server acts as a transparent proxy between:
+1. Client applications requesting OAuth tokens
+2. Upstream OAuth providers (like GitHub, Google, etc.)
+
+This allows MCP servers to leverage existing OAuth providers without implementing their own authentication systems.
+
+The server code is organized in the `proxy_auth` package for better modularity.

examples/servers/proxy-auth/proxy_auth/__init__.py

@@ -3,6 +3,7 @@
 __version__ = "0.1.0"
 
 # Import key components for easier access
+<<<<<<< HEAD
 from .auth_server import auth_server as auth_server
 from .auth_server import main as auth_server_main
 from .combo_server import combo_server as combo_server
@@ -15,6 +16,20 @@
     "auth_server",
     "resource_server",
     "combo_server",
+=======
+from .auth_server import main as auth_server_main
+from .auth_server import run_server as run_auth_server
+from .combo_server import main as combo_server_main
+from .combo_server import mcp as proxy_server
+from .resource_server import main as resource_server_main
+from .resource_server import mcp as resource_server
+from .token_verifier import IntrospectionTokenVerifier
+
+__all__ = [
+    "run_auth_server",
+    "resource_server",
+    "proxy_server",
+>>>>>>> 37d81fe (renamed to proxy-oauth)
     "IntrospectionTokenVerifier",
     "auth_server_main",
     "resource_server_main",

examples/servers/proxy-auth/proxy_auth/__main__.py

@@ -0,0 +1,7 @@
+"""Main entry point for Combo Proxy OAuth Resource+Auth MCP server."""
+
+import sys
+
+from .combo_server import main
+
+sys.exit(main())  # type: ignore[call-arg]

…s/servers/proxy_oauth/resource_server.py …proxy-auth/proxy_auth/resource_server.pyexamples/servers/proxy_oauth/resource_server.py renamed to examples/servers/proxy-auth/proxy_auth/resource_server.py examples/servers/proxy_oauth/resource_server.py renamed to examples/servers/proxy-auth/proxy_auth/resource_server.py

@@ -1,4 +1,5 @@
 # pyright: reportMissingImports=false
+import argparse
 import base64
 import json
 import logging
@@ -321,4 +322,4 @@ def main():
     resource_server.run(transport=args.transport)
 
 if __name__ == "__main__":
-    resource_server.run(transport="streamable-http")
+    resource_server.run(transport="streamable-http")

…es/servers/proxy_oauth/token_verifier.py …/proxy-auth/proxy_auth/token_verifier.pyexamples/servers/proxy_oauth/token_verifier.py renamed to examples/servers/proxy-auth/proxy_auth/token_verifier.py examples/servers/proxy_oauth/token_verifier.py renamed to examples/servers/proxy-auth/proxy_auth/token_verifier.py

@@ -1,5 +1,5 @@
 [project]
-name = "proxy_oauth"
+name = "proxy_auth"
 version = "0.1.0"
 description = "OAuth Proxy Server"
 authors = [{ name = "Your Name" }]
@@ -14,15 +14,20 @@ dev = [
     "pytest>=6.0",
 ]
 
+[project.scripts]
+mcp-proxy-auth-rs = "proxy_auth.resource_server:main"
+mcp-proxy-auth-as = "proxy_auth.auth_server:main"
+mcp-proxy-auth-combo = "proxy_auth.combo_server:main"
+
 [build-system]
 requires = ["hatchling"]
 build-backend = "hatchling.build"
 
 [tool.hatch.build.targets.wheel]
-packages = ["proxy_oauth"]
+packages = ["proxy_auth"]
 
 [tool.pyright]
-include = ["proxy_oauth"]
+include = ["proxy_auth"]
 venvPath = "."
 venv = ".venv"