jason/google-mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

oauth2.1 truly works

Browse Source
This commit is contained in:
Taylor Wilsdon
2025-08-02 18:25:08 -04:00
parent 9470a41dde
commit c45bb3956c
7 changed files with 233 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
core/server.py
View File

@@ -453,7 +453,7 @@ async def oauth_authorization_server(request: Request):
"code_challenge_methods_supported": ["S256"],
"pkce_required": True,
"grant_types_supported": ["authorization_code", "refresh_token"],
"scopes_supported": ["openid", "email", "profile"],
"scopes_supported": SCOPES,
"token_endpoint_auth_methods_supported": ["client_secret_basic", "client_secret_post"]
},
headers={
@@ -567,6 +567,13 @@ async def oauth_authorize(request: Request):
# Ensure response_type is code
params["response_type"] = "code"
# Merge client scopes with our full SCOPES list
client_scopes = params.get("scope", "").split() if params.get("scope") else []
# Always include all Google Workspace scopes for full functionality
all_scopes = set(client_scopes) | set(SCOPES)
params["scope"] = " ".join(sorted(all_scopes))
logger.info(f"OAuth 2.1 authorization: Requesting scopes: {params['scope']}")
# Build Google authorization URL
google_auth_url = "https://accounts.google.com/o/oauth2/v2/auth?" + urlencode(params)