McpInspector resource should not disable token authentication

[timheuer]

Describe the bug

In the current McpInspector resource there is an environment variable that disables the authentication via DANGEROUSLY_OMIT_AUTH -- this is not best practice and we should not have that be the default.

Regression

No response

Steps to reproduce

Run the examples/mcp-inspector apphost project

Expected behavior

The resource should:

• Provide a default token to the MCP_PROXY_AUTH_TOKEN environment variable before the resource starts
• Enable a WithProxyToken method on the builder that would enable someone to pass in the value for that token as a password parameter
• The dashboard URIs that are exposed would have the proxy token appended to them in the URI with a query string of the same name as the environment variable name

Screenshots

No response

IDE and version

VS 2022 Preview

IDE version

No response

Nuget packages

Additional context

No response

Help us help you

Yes, I'd like to be assigned to work on this item

[aaronpowell]

When I did the first implementation there was no way to configure the auth token, it was always generated by the app and dumped stdout, which meant that getting and providing it to the dashboard was a pain, so I just hacked past it 😝.