fix the authorization resource for EXTERNAL_OAUTH21_PROVIDER=true

2026-01-28 13:09:48 -05:00
parent 94825ac415
commit de461c7c7f
2 changed files with 58 additions and 4 deletions
--- a/core/server.py
+++ b/core/server.py
@@ -359,15 +359,19 @@ def configure_server_for_http():
                    base_url=config.get_oauth_base_url(),
                    redirect_path=config.redirect_path,
                    required_scopes=required_scopes,
+                    resource_server_url=config.get_oauth_base_url(),
                )
-                # Disable protocol-level auth, expect bearer tokens in tool calls
-                server.auth = None
+                server.auth = provider
+                
                logger.info(
-                    "OAuth 2.1 enabled with EXTERNAL provider mode - protocol-level auth disabled"
+                    "OAuth 2.1 enabled with EXTERNAL provider mode"
                )
                logger.info(
                    "Expecting Authorization bearer tokens in tool call headers"
                )
+                logger.info(
+                    "Protected resource metadata points to Google's authorization server"
+                )
            else:
                # Standard OAuth 2.1 mode: use FastMCP's GoogleProvider
                provider = GoogleProvider(