PyPI - golf-mcp - Versions diffs - 0.1.6__tar.gz → 0.1.7__tar.gz - Mend

golf-mcp 0.1.6tar.gz → 0.1.7tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of golf-mcp might be problematic. Click here for more details.

Files changed (67) hide show

{golf_mcp-0.1.6/src/golf_mcp.egg-info → golf_mcp-0.1.7}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: golf-mcp
-Version: 0.1.6
+Version: 0.1.7
 Summary: Framework for building MCP servers
 Author-email: Antoni Gmitruk <antoni@golf.dev>
 License-Expression: Apache-2.0

{golf_mcp-0.1.6 → golf_mcp-0.1.7}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "golf-mcp"
-version = "0.1.6"
+version = "0.1.7"
 description = "Framework for building MCP servers"
 authors = [
     {name = "Antoni Gmitruk", email = "antoni@golf.dev"}
@@ -64,7 +64,7 @@ golf = ["examples/**/*"]
 [tool.poetry]
 name = "golf-mcp"
-version = "0.1.6"
+version = "0.1.7"
 description = "Framework for building MCP servers with zero boilerplate"
 authors = ["Antoni Gmitruk <antoni@golf.dev>"]
 license = "Apache-2.0"

golf_mcp-0.1.7/src/golf/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ __version__ = "0.1.7"

{golf_mcp-0.1.6 → golf_mcp-0.1.7}/src/golf/auth/api_key.py RENAMED Viewed

@@ -20,6 +20,10 @@ class ApiKeyConfig(BaseModel):
         "",
         description="Optional prefix to strip from the header value (e.g., 'Bearer ')"
     )
+    required: bool = Field(
+        True,
+        description="Whether API key is required for all requests"
+    )
 # Global configuration storage
@@ -28,7 +32,8 @@ _api_key_config: Optional[ApiKeyConfig] = None
 def configure_api_key(
     header_name: str = "X-API-Key",
-    header_prefix: str = ""
+    header_prefix: str = "",
+    required: bool = True
 ) -> None:
     """Configure API key extraction from request headers.
@@ -37,21 +42,31 @@ def configure_api_key(
     Args:
         header_name: Name of the header containing the API key (default: "X-API-Key")
         header_prefix: Optional prefix to strip from the header value (e.g., "Bearer ")
-        case_sensitive: Whether header name matching should be case-sensitive
+        required: Whether API key is required for all requests (default: True)
     Example:
         # In pre_build.py
         from golf.auth.api_key import configure_api_key
+        # Require API key for all requests
+        configure_api_key(
+            header_name="Authorization",
+            header_prefix="Bearer ",
+            required=True
+        )
+        # Or make API key optional (pass-through mode)
         configure_api_key(
             header_name="Authorization",
-            header_prefix="Bearer "
+            header_prefix="Bearer ",
+            required=False
         )
     """
     global _api_key_config
     _api_key_config = ApiKeyConfig(
         header_name=header_name,
-        header_prefix=header_prefix
+        header_prefix=header_prefix,
+        required=required
     )

{golf_mcp-0.1.6 → golf_mcp-0.1.7}/src/golf/core/builder_auth.py RENAMED Viewed

@@ -136,6 +136,7 @@ def generate_api_key_auth_code(server_name: str) -> str:
         "from golf.auth.api_key import get_api_key_config",
         "from starlette.middleware.base import BaseHTTPMiddleware",
         "from starlette.requests import Request",
+        "from starlette.responses import JSONResponse",
         "",
         f"mcp = FastMCP({repr(server_name)})",
         "",
@@ -147,6 +148,7 @@ def generate_api_key_auth_code(server_name: str) -> str:
         "            # Extract API key from the configured header",
         "            header_name = api_key_config.header_name",
         "            header_prefix = api_key_config.header_prefix",
+        "            is_required = api_key_config.required",
         "            ",
         "            # Case-insensitive header lookup",
         "            api_key = None",
@@ -159,6 +161,14 @@ def generate_api_key_auth_code(server_name: str) -> str:
         "            if api_key and header_prefix and api_key.startswith(header_prefix):",
         "                api_key = api_key[len(header_prefix):]",
         "            ",
+        "            # Check if API key is required but not provided",
+        "            if is_required and not api_key:",
+        "                return JSONResponse(",
+        "                    {\"error\": \"API key required\"},",
+        "                    status_code=401,",
+        f"                    headers={{\"WWW-Authenticate\": f'{{header_name}} realm=\"API Key Required\"'}}",
+        "                )",
+        "            ",
         "            # Store the API key in context for tools to access",
         "            set_api_key(api_key)",
         "        ",

golf_mcp-0.1.7/src/golf/examples/api_key/.env ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ OTEL_EXPORTER_OTLP_ENDPOINT="http://localhost:4318/v1/traces"
2	+ OTEL_SERVICE_NAME="golf-mcp"

{golf_mcp-0.1.6 → golf_mcp-0.1.7}/src/golf/examples/api_key/README.md RENAMED Viewed

@@ -35,30 +35,44 @@ The server is configured in `pre_build.py` to extract GitHub tokens from the `Au
 ```python
 configure_api_key(
     header_name="Authorization",
-    header_prefix="Bearer "
+    header_prefix="Bearer ",
+    required=True  # Reject requests without a valid API key
 )
 ```
-This configuration handles GitHub's token format: `Authorization: Bearer ghp_xxxxxxxxxxxx`
+This configuration:
+- Handles GitHub's token format: `Authorization: Bearer ghp_xxxxxxxxxxxx`
+- **Enforces authentication**: When `required=True` (default), requests without a valid API key will be rejected with a 401 Unauthorized error
+- For optional authentication (pass-through mode), set `required=False`
 ## How It Works
 1. **Client sends request** with GitHub token in the Authorization header
-2. **Golf middleware** extracts the token based on your configuration
-3. **Tools retrieve token** using `get_api_key()`
-4. **Token is forwarded** to GitHub API in the appropriate format
-5. **GitHub validates** the token and returns results
+2. **Golf middleware** checks if API key is required and present
+3. **If required and missing**, the request is rejected with 401 Unauthorized
+4. **If present**, the token is extracted based on your configuration
+5. **Tools retrieve token** using `get_api_key()`
+6. **Token is forwarded** to GitHub API in the appropriate format
+7. **GitHub validates** the token and returns results
 ## Running the Server
 1. Build and run:
    ```bash
-   golf build dev
+   golf build
    golf run
    ```
 2. The server will start on `http://127.0.0.1:3000` (configurable in `golf.json`)
+3. Test authentication enforcement:
+   ```bash
+   # This will fail with 401 Unauthorized
+   curl http://localhost:3000/mcp
+   # This will succeed
+   curl -H "Authorization: Bearer ghp_your_token_here" http://localhost:3000/mcp
+   ```
 ## GitHub Token Permissions

{golf_mcp-0.1.6 → golf_mcp-0.1.7}/src/golf/examples/api_key/pre_build.py RENAMED Viewed

@@ -6,5 +6,6 @@ from golf.auth import configure_api_key
 # GitHub expects: Authorization: Bearer ghp_xxxx or Authorization: token ghp_xxxx
 configure_api_key(
     header_name="Authorization",
-    header_prefix="Bearer "  # Will handle both "Bearer " and "token " prefixes
+    header_prefix="Bearer ",  # Will handle both "Bearer " and "token " prefixes
+    required=True  # Reject requests without a valid API key
 )

golf_mcp-0.1.7/src/golf/examples/basic/.env ADDED Viewed

@@ -0,0 +1,5 @@
+GITHUB_CLIENT_ID="Ov23liPVrFkEzGhXro5A"
+GITHUB_CLIENT_SECRET="4f050336d569559705963d88cf8ec8b3ce10441a"
+JWT_SECRET="example-jwt-secret-for-development-only"
+OTEL_EXPORTER_OTLP_ENDPOINT="http://localhost:4318/v1/traces"
+OTEL_SERVICE_NAME="golf-mcp"

{golf_mcp-0.1.6 → golf_mcp-0.1.7/src/golf_mcp.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: golf-mcp
-Version: 0.1.6
+Version: 0.1.7
 Summary: Framework for building MCP servers
 Author-email: Antoni Gmitruk <antoni@golf.dev>
 License-Expression: Apache-2.0

{golf_mcp-0.1.6 → golf_mcp-0.1.7}/src/golf_mcp.egg-info/SOURCES.txt RENAMED Viewed

@@ -30,6 +30,7 @@ src/golf/core/parser.py
 src/golf/core/telemetry.py
 src/golf/core/transformer.py
 src/golf/examples/__init__.py
+src/golf/examples/api_key/.env
 src/golf/examples/api_key/README.md
 src/golf/examples/api_key/golf.json
 src/golf/examples/api_key/pre_build.py

golf_mcp-0.1.6/src/golf/__init__.py DELETED Viewed

	@@ -1 +0,0 @@
1	- __version__ = "0.1.6"

golf_mcp-0.1.6/src/golf/examples/basic/.env DELETED Viewed

@@ -1,3 +0,0 @@
-GITHUB_CLIENT_ID="Ov23liPVrFkEzGhXro5A"
-GITHUB_CLIENT_SECRET="4f050336d569559705963d88cf8ec8b3ce10441a"
-JWT_SECRET="example-jwt-secret-for-development-only"