[Feature Request] Add Support for Authorization Headers in MCPToolkit

[RonaldJEN]

Required prerequisites

• I have searched the Issue Tracker and Discussions that this hasn't already been reported. (+1 or comment there if it has.)
• Consider asking first in a Discussion.

Motivation

The current MCPToolkit class does not support adding authorization headers in SSE connections, making it impossible to connect to MCP servers that require authentication. When attempting to connect to protected MCP server endpoints, the connection is rejected (typically with a 401 error) due to the inability to provide authentication credentials.

Solution

The current MCPToolkit class does not support adding authorization headers in SSE connections, making it impossible to connect to MCP servers that require authentication. When attempting to connect to protected MCP server endpoints, the connection is rejected (typically with a 401 error) due to the inability to provide authentication credentials.

Current Code Limitations

In the camel/toolkits/mcp_toolkit.py file, the connection method establishes connections using sse_client without providing an option to pass authentication headers:

if urlparse(self.command_or_url).scheme in ("http", "https"):
    (read_stream, write_stream,) = await self._exit_stack.enter_async_context(
        sse_client(self.command_or_url)
    )

This prevents adding necessary authentication information, such as Bearer tokens, to the SSE connection.

Proposed Implementation

I suggest adding support for authentication headers in the MCPToolkit class with the following changes:

1. Add a headers parameter to the constructor:

def __init__(
    self,
    command_or_url: str,
    args: Optional[List[str]] = None,
    env: Optional[Dict[str, str]] = None,
    timeout: Optional[float] = None,
    headers: Optional[Dict[str, str]] = None,  # New headers parameter
):
    # ... existing code ...
    self.headers = headers or {}

2. Pass the headers to sse_client in the connection method:

if urlparse(self.command_or_url).scheme in ("http", "https"):
    (read_stream, write_stream,) = await self._exit_stack.enter_async_context(
        sse_client(self.command_or_url, headers=self.headers)  # Pass headers
    )

Use Cases

This feature is essential for connecting to MCP servers that require API keys, OAuth tokens, or other forms of authentication. Typical use cases include:

1. Secure API access in enterprise environments
2. Public API services requiring access control
3. User authentication in multi-tenant environments

Example Usage

After implementation, client code would be able to use it as follows:

api_key = "your-secret-token"
headers = {"Authorization": f"Bearer {api_key}"}
mcp_toolkit = MCPToolkit("http://example.com/sse", headers=headers)

async with mcp_toolkit.connection() as toolkit:
    # Normal toolkit usage...

Technical Notes

It's necessary to confirm whether the underlying sse_client function supports a headers parameter. If not, deeper code modifications might be required.

Thank you for considering this feature request!

Alternatives

No response

Additional context

No response

[Wendong-Fan]

thanks @RonaldJEN for opening this issue!