fastmcp 2.9.2__py3-none-any.whl → 2.10.1__py3-none-any.whl

fastmcp/prompts/prompt.py

@@ -9,9 +9,9 @@ from collections.abc import Awaitable, Callable, Sequence
 from typing import Any
 
 import pydantic_core
+from mcp.types import ContentBlock, PromptMessage, Role, TextContent
 from mcp.types import Prompt as MCPPrompt
 from mcp.types import PromptArgument as MCPPromptArgument
-from mcp.types import PromptMessage, Role, TextContent
 from pydantic import Field, TypeAdapter
 
 from fastmcp.exceptions import PromptError
@@ -21,7 +21,6 @@ from fastmcp.utilities.json_schema import compress_schema
 from fastmcp.utilities.logging import get_logger
 from fastmcp.utilities.types import (
     FastMCPBaseModel,
-    MCPContent,
     find_kwarg_by_type,
     get_cached_typeadapter,
 )
@@ -30,7 +29,7 @@ logger = get_logger(__name__)
 
 
 def Message(
-    content: str | MCPContent, role: Role | None = None, **kwargs: Any
+    content: str | ContentBlock, role: Role | None = None, **kwargs: Any
 ) -> PromptMessage:
     """A user-friendly constructor for PromptMessage."""
     if isinstance(content, str):
@@ -100,6 +99,7 @@ class Prompt(FastMCPComponent, ABC):
             "name": self.name,
             "description": self.description,
             "arguments": arguments,
+            "title": self.title,
         }
         return MCPPrompt(**kwargs | overrides)
 
@@ -107,6 +107,7 @@ class Prompt(FastMCPComponent, ABC):
     def from_function(
         fn: Callable[..., PromptResult | Awaitable[PromptResult]],
         name: str | None = None,
+        title: str | None = None,
         description: str | None = None,
         tags: set[str] | None = None,
         enabled: bool | None = None,
@@ -120,7 +121,12 @@ class Prompt(FastMCPComponent, ABC):
         - A sequence of any of the above
         """
         return FunctionPrompt.from_function(
-            fn=fn, name=name, description=description, tags=tags, enabled=enabled
+            fn=fn,
+            name=name,
+            title=title,
+            description=description,
+            tags=tags,
+            enabled=enabled,
         )
 
     @abstractmethod
@@ -142,6 +148,7 @@ class FunctionPrompt(Prompt):
         cls,
         fn: Callable[..., PromptResult | Awaitable[PromptResult]],
         name: str | None = None,
+        title: str | None = None,
         description: str | None = None,
         tags: set[str] | None = None,
         enabled: bool | None = None,
@@ -233,6 +240,7 @@ class FunctionPrompt(Prompt):
 
         return cls(
             name=func_name,
+            title=title,
             description=description,
             arguments=arguments,
             tags=tags or set(),

fastmcp/resources/resource.py

@@ -62,9 +62,10 @@ class Resource(FastMCPComponent, abc.ABC):
 
     @staticmethod
     def from_function(
-        fn: Callable[[], Any],
+        fn: Callable[..., Any],
         uri: str | AnyUrl,
         name: str | None = None,
+        title: str | None = None,
         description: str | None = None,
         mime_type: str | None = None,
         tags: set[str] | None = None,
@@ -74,6 +75,7 @@ class Resource(FastMCPComponent, abc.ABC):
             fn=fn,
             uri=uri,
             name=name,
+            title=title,
             description=description,
             mime_type=mime_type,
             tags=tags,
@@ -111,6 +113,7 @@ class Resource(FastMCPComponent, abc.ABC):
             "name": self.name,
             "description": self.description,
             "mimeType": self.mime_type,
+            "title": self.title,
         }
         return MCPResource(**kwargs | overrides)
 
@@ -141,14 +144,15 @@ class FunctionResource(Resource):
     - other types will be converted to JSON
     """
 
-    fn: Callable[[], Any]
+    fn: Callable[..., Any]
 
     @classmethod
     def from_function(
         cls,
-        fn: Callable[[], Any],
+        fn: Callable[..., Any],
         uri: str | AnyUrl,
         name: str | None = None,
+        title: str | None = None,
         description: str | None = None,
         mime_type: str | None = None,
         tags: set[str] | None = None,
@@ -161,6 +165,7 @@ class FunctionResource(Resource):
             fn=fn,
             uri=uri,
             name=name or fn.__name__,
+            title=title,
             description=description or inspect.getdoc(fn),
             mime_type=mime_type or "text/plain",
             tags=tags or set(),

fastmcp/resources/template.py

@@ -86,6 +86,7 @@ class ResourceTemplate(FastMCPComponent):
         fn: Callable[..., Any],
         uri_template: str,
         name: str | None = None,
+        title: str | None = None,
         description: str | None = None,
         mime_type: str | None = None,
         tags: set[str] | None = None,
@@ -95,6 +96,7 @@ class ResourceTemplate(FastMCPComponent):
             fn=fn,
             uri_template=uri_template,
             name=name,
+            title=title,
             description=description,
             mime_type=mime_type,
             tags=tags,
@@ -144,6 +146,7 @@ class ResourceTemplate(FastMCPComponent):
             "name": self.name,
             "description": self.description,
             "mimeType": self.mime_type,
+            "title": self.title,
         }
         return MCPResourceTemplate(**kwargs | overrides)
 
@@ -197,6 +200,7 @@ class FunctionResourceTemplate(ResourceTemplate):
         fn: Callable[..., Any],
         uri_template: str,
         name: str | None = None,
+        title: str | None = None,
         description: str | None = None,
         mime_type: str | None = None,
         tags: set[str] | None = None,
@@ -278,6 +282,7 @@ class FunctionResourceTemplate(ResourceTemplate):
         return cls(
             uri_template=uri_template,
             name=func_name,
+            title=title,
             description=description,
             mime_type=mime_type or "text/plain",
             fn=fn,

fastmcp/server/auth/auth.py

@@ -43,3 +43,18 @@ class OAuthProvider(
         self.client_registration_options = client_registration_options
         self.revocation_options = revocation_options
         self.required_scopes = required_scopes
+
+    async def verify_token(self, token: str) -> AccessToken | None:
+        """
+        Verify a bearer token and return access info if valid.
+
+        This method implements the TokenVerifier protocol by delegating
+        to our existing load_access_token method.
+
+        Args:
+            token: The token string to validate
+
+        Returns:
+            AccessToken object if valid, None if invalid or expired
+        """
+        return await self.load_access_token(token)

fastmcp/server/auth/providers/bearer.py

@@ -1,6 +1,6 @@
 import time
 from dataclasses import dataclass
-from typing import Any, TypedDict
+from typing import Any
 
 import httpx
 from authlib.jose import JsonWebKey, JsonWebToken
@@ -18,6 +18,7 @@ from mcp.shared.auth import (
     OAuthToken,
 )
 from pydantic import AnyHttpUrl, SecretStr, ValidationError
+from typing_extensions import TypedDict
 
 from fastmcp.server.auth.auth import (
     ClientRegistrationOptions,
@@ -112,6 +113,7 @@ class RSAKeyPair:
         Returns:
             Signed JWT token string
         """
+        # TODO : Add support for configurable algorithms
         jwt = JsonWebToken(["RS256"])
 
         now = int(time.time())
@@ -150,7 +152,7 @@ class RSAKeyPair:
 class BearerAuthProvider(OAuthProvider):
     """
     Simple JWT Bearer Token validator for hosted MCP servers.
-    Uses RS256 asymmetric encryption. Supports either static public key
+    Uses RS256 asymmetric encryption by default but supports all JWA algorithms. Supports either static public key
     or JWKS URI for key rotation.
 
     Note that this provider DOES NOT permit client registration or revocation, or any OAuth flows.
@@ -162,6 +164,7 @@ class BearerAuthProvider(OAuthProvider):
         public_key: str | None = None,
         jwks_uri: str | None = None,
         issuer: str | None = None,
+        algorithm: str | None = None,
         audience: str | list[str] | None = None,
         required_scopes: list[str] | None = None,
     ):
@@ -172,6 +175,7 @@ class BearerAuthProvider(OAuthProvider):
             public_key: RSA public key in PEM format (for static key)
             jwks_uri: URI to fetch keys from (for key rotation)
             issuer: Expected issuer claim (optional)
+            algorithm: Algorithm to use for verification (optional, defaults to RS256)
             audience: Expected audience claim - can be a string or list of strings (optional)
             required_scopes: List of required scopes for access (optional)
         """
@@ -180,6 +184,24 @@ class BearerAuthProvider(OAuthProvider):
         if public_key and jwks_uri:
             raise ValueError("Provide either public_key or jwks_uri, not both")
 
+        if not algorithm:
+            algorithm = "RS256"
+        if algorithm not in {
+            "HS256",
+            "HS384",
+            "HS512",
+            "RS256",
+            "RS384",
+            "RS512",
+            "ES256",
+            "ES384",
+            "ES512",
+            "PS256",
+            "PS384",
+            "PS512",
+        }:
+            raise ValueError(f"Unsupported algorithm: {algorithm}.")
+
         # Only pass issuer to parent if it's a valid URL, otherwise use default
         # This allows the issuer claim validation to work with string issuers per RFC 7519
         try:
@@ -195,11 +217,12 @@ class BearerAuthProvider(OAuthProvider):
             required_scopes=required_scopes,
         )
 
+        self.algorithm = algorithm
         self.issuer = issuer
         self.audience = audience
         self.public_key = public_key
         self.jwks_uri = jwks_uri
-        self.jwt = JsonWebToken(["RS256"])
+        self.jwt = JsonWebToken([self.algorithm])  # Use RS256 by default
         self.logger = get_logger(__name__)
 
         # Simple JWKS cache
@@ -384,6 +407,21 @@ class BearerAuthProvider(OAuthProvider):
             return scope_claim
         return []
 
+    async def verify_token(self, token: str) -> AccessToken | None:
+        """
+        Verify a bearer token and return access info if valid.
+
+        This method implements the TokenVerifier protocol by delegating
+        to our existing load_access_token method.
+
+        Args:
+            token: The JWT token string to validate
+
+        Returns:
+            AccessToken object if valid, None if invalid or expired
+        """
+        return await self.load_access_token(token)
+
     # --- Unused OAuth server methods ---
     async def get_client(self, client_id: str) -> OAuthClientInformationFull | None:
         raise NotImplementedError("Client management not supported")

fastmcp/server/auth/providers/bearer_env.py

@@ -17,6 +17,7 @@ class EnvBearerAuthProviderSettings(BaseSettings):
     public_key: str | None = None
     jwks_uri: str | None = None
     issuer: str | None = None
+    algorithm: str | None = None
     audience: str | None = None
     required_scopes: list[str] | None = None
 
@@ -33,6 +34,7 @@ class EnvBearerAuthProvider(BearerAuthProvider):
         public_key: str | None | EllipsisType = ...,
         jwks_uri: str | None | EllipsisType = ...,
         issuer: str | None | EllipsisType = ...,
+        algorithm: str | None | EllipsisType = ...,
         audience: str | None | EllipsisType = ...,
         required_scopes: list[str] | None | EllipsisType = ...,
     ):
@@ -43,6 +45,7 @@ class EnvBearerAuthProvider(BearerAuthProvider):
             public_key: RSA public key in PEM format (for static key)
             jwks_uri: URI to fetch keys from (for key rotation)
             issuer: Expected issuer claim (optional)
+            algorithm: Algorithm to use for verification (optional)
             audience: Expected audience claim (optional)
             required_scopes: List of required scopes for access (optional)
         """
@@ -50,6 +53,7 @@ class EnvBearerAuthProvider(BearerAuthProvider):
             "public_key": public_key,
             "jwks_uri": jwks_uri,
             "issuer": issuer,
+            "algorithm": algorithm,
             "audience": audience,
             "required_scopes": required_scopes,
         }

fastmcp/server/auth/providers/in_memory.py

@@ -271,6 +271,21 @@ class InMemoryOAuthProvider(OAuthProvider):
             return token_obj
         return None
 
+    async def verify_token(self, token: str) -> AccessToken | None:
+        """
+        Verify a bearer token and return access info if valid.
+
+        This method implements the TokenVerifier protocol by delegating
+        to our existing load_access_token method.
+
+        Args:
+            token: The token string to validate
+
+        Returns:
+            AccessToken object if valid, None if invalid or expired
+        """
+        return await self.load_access_token(token)
+
     def _revoke_internal(
         self, access_token_str: str | None = None, refresh_token_str: str | None = None
     ):

fastmcp/server/context.py

@@ -1,4 +1,4 @@
-from __future__ import annotations as _annotations
+from __future__ import annotations
 
 import asyncio
 import warnings
@@ -6,12 +6,15 @@ from collections.abc import Generator
 from contextlib import contextmanager
 from contextvars import ContextVar, Token
 from dataclasses import dataclass
+from enum import Enum
+from typing import Any, Literal, TypeVar, cast, get_origin, overload
 
 from mcp import LoggingLevel, ServerSession
 from mcp.server.lowlevel.helper_types import ReadResourceContents
 from mcp.server.lowlevel.server import request_ctx
 from mcp.shared.context import RequestContext
 from mcp.types import (
+    ContentBlock,
     CreateMessageResult,
     ModelHint,
     ModelPreferences,
@@ -24,12 +27,20 @@ from starlette.requests import Request
 
 import fastmcp.server.dependencies
 from fastmcp import settings
+from fastmcp.server.elicitation import (
+    AcceptedElicitation,
+    CancelledElicitation,
+    DeclinedElicitation,
+    ScalarElicitationType,
+    get_elicitation_schema,
+)
 from fastmcp.server.server import FastMCP
 from fastmcp.utilities.logging import get_logger
-from fastmcp.utilities.types import MCPContent
+from fastmcp.utilities.types import get_cached_typeadapter
 
 logger = get_logger(__name__)
 
+T = TypeVar("T")
 _current_context: ContextVar[Context | None] = ContextVar("context", default=None)
 _flush_lock = asyncio.Lock()
 
@@ -167,7 +178,10 @@ class Context:
         if level is None:
             level = "info"
         await self.session.send_log_message(
-            level=level, data=message, logger=logger_name
+            level=level,
+            data=message,
+            logger=logger_name,
+            related_request_id=self.request_id,
         )
 
     @property
@@ -261,7 +275,7 @@ class Context:
         temperature: float | None = None,
         max_tokens: int | None = None,
         model_preferences: ModelPreferences | str | list[str] | None = None,
-    ) -> MCPContent:
+    ) -> ContentBlock:
         """
         Send a sampling request to the client and await the response.
 
@@ -293,10 +307,136 @@ class Context:
             temperature=temperature,
             max_tokens=max_tokens,
             model_preferences=self._parse_model_preferences(model_preferences),
+            related_request_id=self.request_id,
         )
 
         return result.content
 
+    @overload
+    async def elicit(
+        self,
+        message: str,
+        response_type: None,
+    ) -> (
+        AcceptedElicitation[dict[str, Any]] | DeclinedElicitation | CancelledElicitation
+    ): ...
+
+    """When response_type is None, the accepted elicitaiton will contain an
+    empty dict"""
+
+    @overload
+    async def elicit(
+        self,
+        message: str,
+        response_type: type[T],
+    ) -> AcceptedElicitation[T] | DeclinedElicitation | CancelledElicitation: ...
+
+    """When response_type is not None, the accepted elicitaiton will contain the
+    response data"""
+
+    @overload
+    async def elicit(
+        self,
+        message: str,
+        response_type: list[str],
+    ) -> AcceptedElicitation[str] | DeclinedElicitation | CancelledElicitation: ...
+
+    """When response_type is a list of strings, the accepted elicitaiton will
+    contain the selected string response"""
+
+    async def elicit(
+        self,
+        message: str,
+        response_type: type[T] | list[str] | None = None,
+    ) -> (
+        AcceptedElicitation[T]
+        | AcceptedElicitation[dict[str, Any]]
+        | AcceptedElicitation[str]
+        | DeclinedElicitation
+        | CancelledElicitation
+    ):
+        """
+        Send an elicitation request to the client and await the response.
+
+        Call this method at any time to request additional information from
+        the user through the client. The client must support elicitation,
+        or the request will error.
+
+        Note that the MCP protocol only supports simple object schemas with
+        primitive types. You can provide a dataclass, TypedDict, or BaseModel to
+        comply. If you provide a primitive type, an object schema with a single
+        "value" field will be generated for the MCP interaction and
+        automatically deconstructed into the primitive type upon response.
+
+        If the response_type is None, the generated schema will be that of an
+        empty object in order to comply with the MCP protocol requirements.
+        Clients must send an empty object ("{}")in response.
+
+        Args:
+            message: A human-readable message explaining what information is needed
+            response_type: The type of the response, which should be a primitive
+                type or dataclass or BaseModel. If it is a primitive type, an
+                object schema with a single "value" field will be generated.
+        """
+        if response_type is None:
+            schema = {"type": "object", "properties": {}}
+        else:
+            # if the user provided a list of strings, treat it as a Literal
+            if isinstance(response_type, list):
+                if not all(isinstance(item, str) for item in response_type):
+                    raise ValueError(
+                        "List of options must be a list of strings. Received: "
+                        f"{response_type}"
+                    )
+                # Convert list of options to Literal type and wrap
+                choice_literal = Literal[tuple(response_type)]  # type: ignore
+                response_type = ScalarElicitationType[choice_literal]  # type: ignore
+            # if the user provided a primitive scalar, wrap it in an object schema
+            elif response_type in {bool, int, float, str}:
+                response_type = ScalarElicitationType[response_type]  # type: ignore
+            # if the user provided a Literal type, wrap it in an object schema
+            elif get_origin(response_type) is Literal:
+                response_type = ScalarElicitationType[response_type]  # type: ignore
+            # if the user provided an Enum type, wrap it in an object schema
+            elif isinstance(response_type, type) and issubclass(response_type, Enum):
+                response_type = ScalarElicitationType[response_type]  # type: ignore
+
+            response_type = cast(type[T], response_type)
+
+            schema = get_elicitation_schema(response_type)
+
+        result = await self.session.elicit(
+            message=message,
+            requestedSchema=schema,
+            related_request_id=self.request_id,
+        )
+
+        if result.action == "accept":
+            if response_type is not None:
+                type_adapter = get_cached_typeadapter(response_type)
+                validated_data = cast(
+                    T | ScalarElicitationType[T],
+                    type_adapter.validate_python(result.content),
+                )
+                if isinstance(validated_data, ScalarElicitationType):
+                    return AcceptedElicitation[T](data=validated_data.value)
+                else:
+                    return AcceptedElicitation[T](data=validated_data)
+            elif result.content:
+                raise ValueError(
+                    "Elicitation expected an empty response, but received: "
+                    f"{result.content}"
+                )
+            else:
+                return AcceptedElicitation[dict[str, Any]](data={})
+        elif result.action == "decline":
+            return DeclinedElicitation()
+        elif result.action == "cancel":
+            return CancelledElicitation()
+        else:
+            # This should never happen, but handle it just in case
+            raise ValueError(f"Unexpected elicitation action: {result.action}")
+
     def get_http_request(self) -> Request:
         """Get the active starlette request."""