Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature Request] Add Support for Authorization Headers in MCPToolkit #1834

Open
2 tasks done
RonaldJEN opened this issue Mar 13, 2025 · 1 comment
Open
2 tasks done
Assignees
Labels
enhancement New feature or request
Milestone

Comments

@RonaldJEN
Copy link

Required prerequisites

Motivation

The current MCPToolkit class does not support adding authorization headers in SSE connections, making it impossible to connect to MCP servers that require authentication. When attempting to connect to protected MCP server endpoints, the connection is rejected (typically with a 401 error) due to the inability to provide authentication credentials.

Solution

The current MCPToolkit class does not support adding authorization headers in SSE connections, making it impossible to connect to MCP servers that require authentication. When attempting to connect to protected MCP server endpoints, the connection is rejected (typically with a 401 error) due to the inability to provide authentication credentials.

Current Code Limitations

In the camel/toolkits/mcp_toolkit.py file, the connection method establishes connections using sse_client without providing an option to pass authentication headers:

if urlparse(self.command_or_url).scheme in ("http", "https"):
    (read_stream, write_stream,) = await self._exit_stack.enter_async_context(
        sse_client(self.command_or_url)
    )

This prevents adding necessary authentication information, such as Bearer tokens, to the SSE connection.

Proposed Implementation

I suggest adding support for authentication headers in the MCPToolkit class with the following changes:

  1. Add a headers parameter to the constructor:
def __init__(
    self,
    command_or_url: str,
    args: Optional[List[str]] = None,
    env: Optional[Dict[str, str]] = None,
    timeout: Optional[float] = None,
    headers: Optional[Dict[str, str]] = None,  # New headers parameter
):
    # ... existing code ...
    self.headers = headers or {}
  1. Pass the headers to sse_client in the connection method:
if urlparse(self.command_or_url).scheme in ("http", "https"):
    (read_stream, write_stream,) = await self._exit_stack.enter_async_context(
        sse_client(self.command_or_url, headers=self.headers)  # Pass headers
    )

Use Cases

This feature is essential for connecting to MCP servers that require API keys, OAuth tokens, or other forms of authentication. Typical use cases include:

  1. Secure API access in enterprise environments
  2. Public API services requiring access control
  3. User authentication in multi-tenant environments

Example Usage

After implementation, client code would be able to use it as follows:

api_key = "your-secret-token"
headers = {"Authorization": f"Bearer {api_key}"}
mcp_toolkit = MCPToolkit("http://example.com/sse", headers=headers)

async with mcp_toolkit.connection() as toolkit:
    # Normal toolkit usage...

Technical Notes

It's necessary to confirm whether the underlying sse_client function supports a headers parameter. If not, deeper code modifications might be required.

Thank you for considering this feature request!

Alternatives

No response

Additional context

No response

@RonaldJEN RonaldJEN added the enhancement New feature or request label Mar 13, 2025
@MuggleJinx MuggleJinx self-assigned this Mar 13, 2025
@Wendong-Fan Wendong-Fan modified the milestones: Sprint 1, Sprint 25 Mar 13, 2025
@Wendong-Fan
Copy link
Member

thanks @RonaldJEN for opening this issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
Status: No status
Development

No branches or pull requests

3 participants