feat: Add authentication to the endpoints

ppaez-life360 · ppaez-life360 · commit d09de5117ccb · 2025-09-16T16:36:03.000+02:00
diff --git a/README.md b/README.md
@@ -15,6 +15,7 @@
     - [2.1 Configuration](#21-configuration)
     - [2.2 Example usage](#22-example-usage)
   - [Named Servers](#named-servers)
+  - [Authentication](#authentication)
   - [Installation](#installation)
     - [Installing via Smithery](#installing-via-smithery)
     - [Installing via PyPI](#installing-via-pypi)
@@ -126,6 +127,7 @@ Arguments
 | `--cwd`                              | No                         | The working directory to pass to the MCP stdio server process.                              | /tmp                                        |
 | `--pass-environment`                 | No                         | Pass through all environment variables when spawning the server                             | --no-pass-environment                       |
 | `--allow-origin`                     | No                         | Allowed origins for the SSE server. Can be used multiple times. Default is no CORS allowed. | --allow-origin "\*"                           |
+| `--api-key`                          | No                         | API key for authentication. Can also be set via MCP_PROXY_API_KEY env var.                 | --api-key YOUR_SECRET_KEY                  |
 | `--stateless`                        | No                         | Enable stateless mode for streamable http transports. Default is False                      | --no-stateless                              |
 | `--named-server NAME COMMAND_STRING` | No                         | Defines a named stdio server.                                                               | --named-server fetch 'uvx mcp-server-fetch' |
 | `--named-server-config FILE_PATH`    | No                         | Path to a JSON file defining named stdio servers.                                           | --named-server-config /path/to/servers.json |
@@ -211,6 +213,46 @@ The JSON file should follow this structure:
 - `enabled`: (Optional) If `false`, this server definition will be skipped. Defaults to `true`.
 - `timeout` and `transportType`: These fields are present in standard MCP client configurations but are currently **ignored** by `mcp-proxy` when loading named servers. The transport type is implicitly "stdio".
 
+## Authentication
+
+The MCP proxy supports optional API key authentication to protect your endpoints. When enabled, all requests to `/sse` and `/mcp` endpoints (including named server paths like `/servers/*/sse` and `/servers/*/mcp`) require a valid API key.
+
+### Configuration
+
+You can configure authentication in two ways:
+
+1. **Command-line argument**: `--api-key YOUR_SECRET_KEY`
+2. **Environment variable**: `MCP_PROXY_API_KEY=YOUR_SECRET_KEY`
+
+If no API key is configured, authentication is disabled by default (backward compatible).
+
+### Usage
+
+When authentication is enabled, clients must include the API key in their requests using the `X-API-Key` header (case-insensitive):
+
+```bash
+# Example: Connecting to a protected SSE endpoint
+curl -H "X-API-Key: YOUR_SECRET_KEY" http://localhost:8080/sse
+
+# Example: Starting a protected server
+mcp-proxy --port 8080 --api-key YOUR_SECRET_KEY uvx mcp-server-fetch
+
+# Example: Using environment variable
+export MCP_PROXY_API_KEY=YOUR_SECRET_KEY
+mcp-proxy --port 8080 uvx mcp-server-fetch
+```
+
+### Protected Endpoints
+
+- `/sse` and `/servers/*/sse` - SSE endpoints
+- `/mcp` and `/servers/*/mcp` - MCP endpoints
+- `/messages/*` - Message endpoints
+
+### Unprotected Endpoints
+
+- `/status` - Health check endpoint (always accessible)
+- OPTIONS requests - CORS preflight requests
+
 ## Installation
 
 ### Installing via Smithery
@@ -361,6 +403,7 @@ SSE server options:
   --sse-host SSE_HOST   (deprecated) Same as --host
   --allow-origin ALLOW_ORIGIN [ALLOW_ORIGIN ...]
                         Allowed origins for the SSE server. Can be used multiple times. Default is no CORS allowed.
+  --api-key API_KEY     API key for authentication. Can also be set via MCP_PROXY_API_KEY env var. If not provided, authentication is disabled.
 
 Examples:
   mcp-proxy http://localhost:8080/sse
@@ -372,6 +415,7 @@ Examples:
   mcp-proxy --port 8080 --named-server-config /path/to/servers.json -- my-default-command --arg1
   mcp-proxy --port 8080 -e KEY VALUE -e ANOTHER_KEY ANOTHER_VALUE -- my-default-command
   mcp-proxy --port 8080 --allow-origin='*' -- my-default-command
+  mcp-proxy --port 8080 --api-key YOUR_SECRET_KEY -- my-default-command
 ```
 
 ### Example config file
diff --git a/src/mcp_proxy/__main__.py b/src/mcp_proxy/__main__.py
@@ -201,6 +201,14 @@ def _add_arguments_to_parser(parser: argparse.ArgumentParser) -> None:
             "Default is no CORS allowed."
         ),
     )
+    mcp_server_group.add_argument(
+        "--api-key",
+        default=os.getenv("MCP_PROXY_API_KEY"),
+        help=(
+            "API key for authentication. Can also be set via MCP_PROXY_API_KEY env var. "
+            "If not provided, authentication is disabled."
+        ),
+    )
 
 
 def _setup_logging(*, debug: bool) -> logging.Logger:
@@ -335,6 +343,7 @@ def _create_mcp_settings(args_parsed: argparse.Namespace) -> MCPServerSettings:
         stateless=args_parsed.stateless,
         allow_origins=args_parsed.allow_origin if len(args_parsed.allow_origin) > 0 else None,
         log_level="DEBUG" if args_parsed.debug else "INFO",
+        api_key=args_parsed.api_key,
     )
 
 
diff --git a/src/mcp_proxy/auth.py b/src/mcp_proxy/auth.py
@@ -0,0 +1,53 @@
+"""Simple authentication middleware for MCP proxy."""
+
+import logging
+
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.requests import Request
+from starlette.responses import JSONResponse, Response
+
+logger = logging.getLogger(__name__)
+
+
+class AuthMiddleware(BaseHTTPMiddleware):
+    """Simple API key authentication middleware."""
+
+    def __init__(self, app, api_key: str | None = None) -> None:
+        """Initialize middleware with optional API key."""
+        super().__init__(app)
+        self.api_key = api_key
+
+    async def dispatch(self, request: Request, call_next) -> Response:
+        """Check API key for protected endpoints."""
+        # Skip auth if no API key configured
+        if not self.api_key:
+            return await call_next(request)
+
+        # Allow OPTIONS (CORS preflight) and /status endpoint
+        if request.method == "OPTIONS" or request.url.path == "/status":
+            return await call_next(request)
+
+        # Check if path needs protection (/sse, /mcp, /messages, /servers/*/sse, /servers/*/mcp)
+        path = request.url.path
+        needs_auth = (
+            path.startswith("/sse") or
+            path.startswith("/mcp") or
+            path.startswith("/messages") or
+            "/sse" in path or
+            "/mcp" in path
+        )
+
+        if not needs_auth:
+            return await call_next(request)
+
+        # Check for API key in headers (case-insensitive)
+        api_key = request.headers.get("x-api-key", "")
+
+        if api_key != self.api_key:
+            logger.warning("Auth failed for %s %s", request.method, path)
+            return JSONResponse(
+                {"error": "Unauthorized"},
+                status_code=401
+            )
+
+        return await call_next(request)
diff --git a/src/mcp_proxy/mcp_server.py b/src/mcp_proxy/mcp_server.py
@@ -21,6 +21,7 @@
 from starlette.routing import BaseRoute, Mount, Route
 from starlette.types import Receive, Scope, Send
 
+from .auth import AuthMiddleware
 from .proxy_server import create_proxy_server
 
 logger = logging.getLogger(__name__)
@@ -35,6 +36,7 @@ class MCPServerSettings:
     stateless: bool = False
     allow_origins: list[str] | None = None
     log_level: Literal["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"] = "INFO"
+    api_key: str | None = None
 
 
 # To store last activity for multiple servers if needed, though status endpoint is global for now.
@@ -169,6 +171,10 @@ async def combined_lifespan(_app: Starlette) -> AsyncIterator[None]:
             return
 
         middleware: list[Middleware] = []
+        if mcp_settings.api_key:
+            middleware.append(
+                Middleware(AuthMiddleware, api_key=mcp_settings.api_key),
+            )
         if mcp_settings.allow_origins:
             middleware.append(
                 Middleware(
diff --git a/tests/test_auth_simple.py b/tests/test_auth_simple.py
@@ -0,0 +1,155 @@
+"""Simplified tests for authentication middleware."""
+
+import pytest
+from starlette.applications import Starlette
+from starlette.middleware import Middleware
+from starlette.responses import JSONResponse
+from starlette.routing import Route
+from starlette.testclient import TestClient
+
+from mcp_proxy.auth import AuthMiddleware
+
+
+async def dummy_endpoint(request):
+    """Simple endpoint for testing."""
+    return JSONResponse({"message": "success"})
+
+
+async def status_endpoint(request):
+    """Status endpoint."""
+    return JSONResponse({"status": "ok"})
+
+
+def create_app_without_auth():
+    """Create app without authentication."""
+    routes = [
+        Route("/sse", dummy_endpoint),
+        Route("/mcp/test", dummy_endpoint),
+        Route("/messages/test", dummy_endpoint),
+        Route("/status", status_endpoint),
+        Route("/other", dummy_endpoint),
+    ]
+    return Starlette(routes=routes)
+
+
+def create_app_with_auth():
+    """Create app with authentication."""
+    routes = [
+        Route("/sse", dummy_endpoint),
+        Route("/mcp/test", dummy_endpoint),
+        Route("/messages/test", dummy_endpoint),
+        Route("/status", status_endpoint),
+        Route("/other", dummy_endpoint),
+        Route("/servers/test/sse", dummy_endpoint),
+        Route("/servers/test/mcp", dummy_endpoint),
+    ]
+    middleware = [Middleware(AuthMiddleware, api_key="test-api-key")]
+    return Starlette(routes=routes, middleware=middleware)
+
+
+def test_no_auth_allows_all():
+    """Test that all requests work without authentication configured."""
+    app = create_app_without_auth()
+    with TestClient(app) as client:
+        assert client.get("/sse").status_code == 200
+        assert client.get("/mcp/test").status_code == 200
+        assert client.get("/status").status_code == 200
+
+
+def test_auth_blocks_protected_endpoints():
+    """Test that protected endpoints are blocked without API key."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        response = client.get("/sse")
+        assert response.status_code == 401
+        assert response.json() == {"error": "Unauthorized"}
+
+        response = client.get("/mcp/test")
+        assert response.status_code == 401
+
+        response = client.get("/messages/test")
+        assert response.status_code == 401
+
+
+def test_auth_allows_with_key():
+    """Test that requests work with correct API key."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        headers = {"x-api-key": "test-api-key"}
+
+        response = client.get("/sse", headers=headers)
+        assert response.status_code == 200
+        assert response.json() == {"message": "success"}
+
+        response = client.get("/mcp/test", headers=headers)
+        assert response.status_code == 200
+
+
+def test_auth_blocks_wrong_key():
+    """Test that requests are blocked with wrong API key."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        headers = {"x-api-key": "wrong-key"}
+
+        response = client.get("/sse", headers=headers)
+        assert response.status_code == 401
+
+
+def test_status_not_protected():
+    """Test that /status endpoint is not protected."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        response = client.get("/status")
+        assert response.status_code == 200
+        assert response.json() == {"status": "ok"}
+
+
+def test_other_endpoints_not_protected():
+    """Test that non-SSE/MCP endpoints are not protected."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        response = client.get("/other")
+        assert response.status_code == 200
+
+
+def test_options_allowed():
+    """Test that OPTIONS requests are allowed without auth."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        response = client.options("/sse")
+        assert response.status_code != 401
+
+
+def test_case_insensitive_header():
+    """Test that API key header is case-insensitive."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        # Different case variations
+        headers = {"X-API-KEY": "test-api-key"}
+        response = client.get("/sse", headers=headers)
+        assert response.status_code == 200
+
+        headers = {"X-Api-Key": "test-api-key"}
+        response = client.get("/sse", headers=headers)
+        assert response.status_code == 200
+
+
+def test_named_servers_protected():
+    """Test that named server endpoints are protected."""
+    app = create_app_with_auth()
+    with TestClient(app) as client:
+        # Without auth
+        response = client.get("/servers/test/sse")
+        assert response.status_code == 401
+
+        response = client.get("/servers/test/mcp")
+        assert response.status_code == 401
+
+        # With auth
+        headers = {"x-api-key": "test-api-key"}
+        response = client.get("/servers/test/sse", headers=headers)
+        assert response.status_code == 200
+
+        response = client.get("/servers/test/mcp", headers=headers)
+        assert response.status_code == 200
+
diff --git a/tests/test_mcp_server.py b/tests/test_mcp_server.py
@@ -621,6 +621,51 @@ async def test_run_mcp_server_exception_handling(
             assert "Connection failed" in str(e)  # noqa: PT017
 
 
+async def test_run_mcp_server_with_authentication(
+    mock_stdio_params: StdioServerParameters,
+) -> None:
+    """Test run_mcp_server with authentication enabled."""
+    auth_settings = MCPServerSettings(
+        bind_host="127.0.0.1",
+        port=8080,
+        api_key="test-secret-key",
+    )
+
+    with (
+        patch("mcp_proxy.mcp_server.stdio_client") as mock_stdio_client,
+        patch("mcp_proxy.mcp_server.ClientSession") as mock_client_session,
+        patch("mcp_proxy.mcp_server.create_proxy_server") as mock_create_proxy,
+        patch("mcp_proxy.mcp_server.create_single_instance_routes") as mock_create_routes,
+        patch("mcp_proxy.mcp_server.Starlette") as mock_starlette,
+        patch("uvicorn.Server") as mock_uvicorn_server,
+    ):
+        # Setup mocks
+        mock_stdio_context, mock_session_context, mock_session, mock_http_manager, mock_routes = (
+            setup_async_context_mocks()
+        )
+        mock_stdio_client.return_value = mock_stdio_context
+        mock_client_session.return_value = mock_session_context
+
+        mock_proxy = AsyncMock()
+        mock_create_proxy.return_value = mock_proxy
+        mock_create_routes.return_value = (mock_routes, mock_http_manager)
+
+        mock_server_instance = AsyncMock()
+        mock_uvicorn_server.return_value = mock_server_instance
+
+        # Run the function
+        await run_mcp_server(auth_settings, mock_stdio_params, {})
+
+        # Verify Starlette was called with AuthMiddleware
+        mock_starlette.assert_called_once()
+        call_args = mock_starlette.call_args
+        middleware = call_args.kwargs["middleware"]
+
+        assert len(middleware) == 1
+        assert middleware[0].cls.__name__ == "AuthMiddleware"
+        assert middleware[0].kwargs == {"api_key": "test-secret-key"}
+
+
 async def test_run_mcp_server_both_default_and_named_servers(
     mock_settings: MCPServerSettings,
     mock_stdio_params: StdioServerParameters,
@@ -672,3 +717,4 @@ async def test_run_mcp_server_both_default_and_named_servers(
         )
 
         mock_server_instance.serve.assert_called_once()
+
