feat: initial commit from workspace-mcp
Some checks failed
Check Maintainer Edits Enabled / check-maintainer-edits (pull_request) Has been cancelled
Check Maintainer Edits Enabled / check-maintainer-edits-internal (pull_request) Has been cancelled
Docker Build and Push to GHCR / build-and-push (pull_request) Has been cancelled
Ruff / ruff (pull_request) Has been cancelled
Some checks failed
Check Maintainer Edits Enabled / check-maintainer-edits (pull_request) Has been cancelled
Check Maintainer Edits Enabled / check-maintainer-edits-internal (pull_request) Has been cancelled
Docker Build and Push to GHCR / build-and-push (pull_request) Has been cancelled
Ruff / ruff (pull_request) Has been cancelled
This commit is contained in:
62
.env.oauth21
Normal file
62
.env.oauth21
Normal file
@@ -0,0 +1,62 @@
|
||||
# OAuth 2.1 Configuration Example
|
||||
# Copy this to .env and update with your Google OAuth credentials
|
||||
|
||||
# Required: Google OAuth 2.0 Client Credentials
|
||||
# Note: OAuth 2.1 will automatically use GOOGLE_OAUTH_CLIENT_ID and GOOGLE_OAUTH_CLIENT_SECRET
|
||||
# if OAUTH2_CLIENT_ID and OAUTH2_CLIENT_SECRET are not set
|
||||
|
||||
GOOGLE_OAUTH_CLIENT_ID="your-google-client-id"
|
||||
GOOGLE_OAUTH_CLIENT_SECRET="your-google-client-secret"
|
||||
|
||||
# Development Settings (set to true for localhost testing)
|
||||
OAUTH2_ALLOW_INSECURE_TRANSPORT=false
|
||||
OAUTH2_ENABLE_DEBUG=false
|
||||
|
||||
# Legacy Compatibility (recommended during migration)
|
||||
OAUTH2_ENABLE_LEGACY_AUTH=true
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# FastMCP OAuth Proxy Storage Backends (OAuth 2.1)
|
||||
#
|
||||
# Storage backend for OAuth proxy state. Options: memory, disk, valkey
|
||||
# Default: FastMCP's built-in default (disk on Mac/Windows, memory on Linux)
|
||||
#
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_STORAGE_BACKEND=memory|disk|valkey
|
||||
#
|
||||
# ---------------------------------------------------------------------------
|
||||
# Memory Storage (default on Linux)
|
||||
# - Fast, no persistence, data lost on restart
|
||||
# - Best for: development, testing, stateless deployments
|
||||
#
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_STORAGE_BACKEND=memory
|
||||
#
|
||||
# ---------------------------------------------------------------------------
|
||||
# Disk Storage (default on Mac/Windows)
|
||||
# - Persists across restarts, single-server only
|
||||
# - Best for: single-server production, persistent caching
|
||||
#
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_STORAGE_BACKEND=disk
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_DISK_DIRECTORY=~/.fastmcp/oauth-proxy
|
||||
#
|
||||
# ---------------------------------------------------------------------------
|
||||
# Valkey/Redis Storage
|
||||
# - Distributed, multi-server support
|
||||
# - Best for: production, multi-server deployments, cloud native
|
||||
#
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_STORAGE_BACKEND=valkey
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_HOST=localhost
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_PORT=6379
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_USE_TLS=false
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_DB=0
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_USERNAME=
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_PASSWORD=
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_REQUEST_TIMEOUT_MS=5000
|
||||
# WORKSPACE_MCP_OAUTH_PROXY_VALKEY_CONNECTION_TIMEOUT_MS=10000
|
||||
#
|
||||
# ---------------------------------------------------------------------------
|
||||
# Encryption:
|
||||
# - Disk and Valkey storage are encrypted with Fernet.
|
||||
# - Key derived from FASTMCP_SERVER_AUTH_GOOGLE_JWT_SIGNING_KEY if set,
|
||||
# otherwise from GOOGLE_OAUTH_CLIENT_SECRET.
|
||||
# - For stable decryption across client-secret rotations, set
|
||||
# FASTMCP_SERVER_AUTH_GOOGLE_JWT_SIGNING_KEY explicitly.
|
||||
Reference in New Issue
Block a user