golf-mcp 0.1.9__py3-none-any.whl → 0.1.10__py3-none-any.whl

golf/__init__.py

@@ -1 +1 @@
-__version__ = "0.1.9"
+__version__ = "0.1.10"

golf/auth/__init__.py

@@ -11,7 +11,7 @@ from mcp.server.auth.settings import AuthSettings, ClientRegistrationOptions
 
 from .provider import ProviderConfig
 from .oauth import GolfOAuthProvider, create_callback_handler
-from .helpers import get_access_token, get_provider_token, extract_token_from_header, get_api_key, set_api_key
+from .helpers import get_access_token, get_provider_token, extract_token_from_header, get_api_key, set_api_key, debug_api_key_context
 from .api_key import configure_api_key, get_api_key_config, is_api_key_configured
 
 class AuthConfig:

golf/auth/helpers.py

@@ -1,6 +1,6 @@
 """Helper functions for working with authentication in MCP context."""
 
-from typing import Optional
+from typing import Optional, Dict, Any
 from contextvars import ContextVar
 
 # Re-export get_access_token from the MCP SDK
@@ -94,4 +94,114 @@ def get_api_key() -> Optional[str]:
             headers = {"Authorization": f"Bearer {api_key}"}
             ...
     """
-    return _current_api_key.get() 
+    # Try to get directly from HTTP request if available (FastMCP pattern)
+    try:
+        # This follows the FastMCP pattern for accessing HTTP requests
+        from fastmcp.server.dependencies import get_http_request
+        request = get_http_request()
+        
+        if request and hasattr(request, 'state') and hasattr(request.state, 'api_key'):
+            api_key = request.state.api_key
+            return api_key
+        
+        # Get the API key configuration
+        from golf.auth.api_key import get_api_key_config
+        api_key_config = get_api_key_config()
+        
+        if api_key_config and request:
+            # Extract API key from headers
+            header_name = api_key_config.header_name
+            header_prefix = api_key_config.header_prefix
+            
+            # Case-insensitive header lookup
+            api_key = None
+            for k, v in request.headers.items():
+                if k.lower() == header_name.lower():
+                    api_key = v
+                    break
+            
+            # Strip prefix if configured
+            if api_key and header_prefix and api_key.startswith(header_prefix):
+                api_key = api_key[len(header_prefix):]
+            
+            if api_key:
+                return api_key
+    except (ImportError, RuntimeError) as e:
+        # FastMCP not available or not in HTTP context
+        pass
+    except Exception as e:
+        pass
+    
+    # Final fallback: environment variable (for development/testing)
+    import os
+    env_api_key = os.environ.get('API_KEY')
+    if env_api_key:
+        return env_api_key
+    
+    return None
+
+def get_api_key_from_request(request) -> Optional[str]:
+    """Get the API key from a specific request object.
+    
+    This is useful when you have direct access to the request object.
+    
+    Args:
+        request: The Starlette Request object
+        
+    Returns:
+        The API key if available, None otherwise
+    """
+    # Check request state first (set by our middleware)
+    if hasattr(request, 'state') and hasattr(request.state, 'api_key'):
+        return request.state.api_key
+    
+    # Fall back to context variable
+    return _current_api_key.get()
+
+def debug_api_key_context() -> Dict[str, Any]:
+    """Debug function to inspect API key context.
+    
+    Returns a dictionary with debugging information about the current
+    API key context. Useful for troubleshooting authentication issues.
+    
+    Returns:
+        Dictionary with debug information
+    """
+    import asyncio
+    import sys
+    import os
+    
+    debug_info = {
+        "context_var_value": _current_api_key.get(),
+        "has_async_task": False,
+        "task_id": None,
+        "main_module_has_storage": False,
+        "main_module_has_context": False,
+        "request_id_from_context": None,
+        "env_vars": {
+            "API_KEY": bool(os.environ.get('API_KEY')),
+            "GOLF_API_KEY_DEBUG": os.environ.get('GOLF_API_KEY_DEBUG', 'false')
+        }
+    }
+    
+    try:
+        task = asyncio.current_task()
+        if task:
+            debug_info["has_async_task"] = True
+            debug_info["task_id"] = id(task)
+    except:
+        pass
+    
+    try:
+        main_module = sys.modules.get('__main__')
+        if main_module:
+            debug_info["main_module_has_storage"] = hasattr(main_module, 'api_key_storage')
+            debug_info["main_module_has_context"] = hasattr(main_module, 'request_id_context')
+            
+            if hasattr(main_module, 'request_id_context'):
+                request_id_context = getattr(main_module, 'request_id_context')
+                debug_info["request_id_from_context"] = request_id_context.get()
+    except:
+        pass
+    
+    return debug_info 

golf/core/builder.py

@@ -20,6 +20,7 @@ from golf.core.parser import (
 from golf.core.transformer import transform_component
 from golf.core.builder_auth import generate_auth_code, generate_auth_routes
 from golf.auth import get_auth_config
+from golf.auth.api_key import get_api_key_config
 from golf.core.builder_telemetry import (
     generate_telemetry_imports,
     get_otel_dependencies
@@ -548,8 +549,7 @@ class CodeGenerator:
         # Add imports section for different transport methods
         if self.settings.transport == "sse":
             imports.append("import uvicorn")
-            imports.append("from fastmcp.server.http import create_sse_app")
-        elif self.settings.transport != "stdio":
+        elif self.settings.transport in ["streamable-http", "http"]:
             imports.append("import uvicorn")
                 
         # Get transport-specific configuration
@@ -735,12 +735,6 @@ class CodeGenerator:
         server_code_lines.append(mcp_instance_line)
         server_code_lines.append("")
         
-        # Add any post-init code from auth
-        post_init_code = []
-        if auth_components.get("has_auth") and auth_components.get("post_init_code"):
-            post_init_code.extend(auth_components["post_init_code"])
-            post_init_code.append("")
-
         # Main entry point with transport-specific app initialization
         main_code = [
             "if __name__ == \"__main__\":",
@@ -764,16 +758,35 @@ class CodeGenerator:
         
         # Transport-specific run methods
         if self.settings.transport == "sse":
-            main_code.extend([
-                "    # For SSE, FastMCP's run method handles auth integration better",
-                "    mcp.run(transport=\"sse\", host=host, port=port, log_level=\"info\")"
-            ])
-        elif self.settings.transport == "streamable-http":
+            # Check if we need to add API key middleware for SSE
+            api_key_config = get_api_key_config()
+            if auth_components.get("has_auth") and api_key_config:
+                main_code.extend([
+                    "    # For SSE with API key auth, we need to get the app and add middleware",
+                    "    app = mcp.http_app(transport=\"sse\")",
+                    "    app.add_middleware(ApiKeyMiddleware)",
+                    "    # Run with the configured app",
+                    "    uvicorn.run(app, host=host, port=port, log_level=\"info\")"
+                ])
+            else:
+                main_code.extend([
+                    "    # For SSE, FastMCP's run method handles auth integration better",
+                    "    mcp.run(transport=\"sse\", host=host, port=port, log_level=\"info\")"
+                ])
+        elif self.settings.transport in ["streamable-http", "http"]:
             main_code.extend([
                 "    # Create HTTP app and run with uvicorn",
                 "    app = mcp.http_app()",
             ])
             
+            # Check if we need to add API key middleware
+            api_key_config = get_api_key_config()
+            if auth_components.get("has_auth") and api_key_config:
+                main_code.extend([
+                    "    # Add API key middleware",
+                    "    app.add_middleware(ApiKeyMiddleware)",
+                ])
+            
             # Add OpenTelemetry middleware to the HTTP app if enabled
             if self.settings.opentelemetry_enabled:
                 main_code.extend([
@@ -800,7 +813,6 @@ class CodeGenerator:
             env_section + 
             auth_setup_code +
             server_code_lines +
-            post_init_code +
             component_registrations +
             main_code
         )

golf/core/builder_auth.py

@@ -145,7 +145,6 @@ def generate_api_key_auth_components(server_name: str, opentelemetry_enabled: bo
         - setup_code: Auth setup code (middleware setup)
         - fastmcp_args: Dict of arguments to add to FastMCP constructor
         - has_auth: Whether auth is configured
-        - post_init_code: Code to run after FastMCP instance is created
     """
     api_key_config = get_api_key_config()
     if not api_key_config:
@@ -153,24 +152,35 @@ def generate_api_key_auth_components(server_name: str, opentelemetry_enabled: bo
             "imports": [],
             "setup_code": [],
             "fastmcp_args": {},
-            "has_auth": False,
-            "post_init_code": []
+            "has_auth": False
         }
     
     auth_imports = [
         "# API key authentication setup",
-        "from golf.auth.helpers import set_api_key",
-        "from golf.auth.api_key import get_api_key_config",
+        "from golf.auth.api_key import get_api_key_config, configure_api_key",
+        "from golf.auth import set_api_key",
         "from starlette.middleware.base import BaseHTTPMiddleware",
         "from starlette.requests import Request",
         "from starlette.responses import JSONResponse",
+        "import os",
     ]
     
     setup_code_lines = [
-        "# Middleware to extract API key from headers",
+        "# Recreate API key configuration from pre_build.py",
+        f"configure_api_key(",
+        f"    header_name={repr(api_key_config.header_name)},",
+        f"    header_prefix={repr(api_key_config.header_prefix)},",
+        f"    required={repr(api_key_config.required)}",
+        f")",
+        "",
+        "# Simplified API key middleware that validates presence",
         "class ApiKeyMiddleware(BaseHTTPMiddleware):",
         "    async def dispatch(self, request: Request, call_next):",
+        "        # Debug mode from environment",
+        "        debug = os.environ.get('GOLF_API_KEY_DEBUG', '').lower() == 'true'",
+        "        ",
         "        api_key_config = get_api_key_config()",
+        "        ",
         "        if api_key_config:",
         "            # Extract API key from the configured header",
         "            header_name = api_key_config.header_name",
@@ -183,109 +193,39 @@ def generate_api_key_auth_components(server_name: str, opentelemetry_enabled: bo
         "                    api_key = v",
         "                    break",
         "            ",
-        "            # Check if API key is required and missing",
+        "            # Process the API key if found",
+        "            if api_key:",
+        "                # Strip prefix if configured",
+        "                if header_prefix and api_key.startswith(header_prefix):",
+        "                    api_key = api_key[len(header_prefix):]",
+        "                ",
+        "                # Store the API key in request state for tools to access",
+        "                request.state.api_key = api_key",
+        "                ",
+        "                # Also store in context variable for tools",
+        "                set_api_key(api_key)",
+        "            ",
+        "            # Check if API key is required but missing",
         "            if api_key_config.required and not api_key:",
         "                return JSONResponse(",
         "                    {'error': 'unauthorized', 'detail': f'Missing required {header_name} header'},",
         "                    status_code=401,",
         "                    headers={'WWW-Authenticate': f'{header_name} realm=\"MCP Server\"'}",
         "                )",
-        "            ",
-        "            # Strip prefix if configured and present",
-        "            if api_key and header_prefix and api_key.startswith(header_prefix):",
-        "                api_key = api_key[len(header_prefix):]",
-        "            elif api_key and header_prefix and api_key_config.required:",
-        "                # Has API key but wrong format when required",
-        "                return JSONResponse(",
-        "                    {'error': 'unauthorized', 'detail': f'Invalid {header_name} format, expected prefix: {header_prefix}'},",
-        "                    status_code=401,",
-        "                    headers={'WWW-Authenticate': f'{header_name} realm=\"MCP Server\"'}",
-        "                )",
-        "            ",
-        "            # Store the API key in context for tools to access",
-        "            set_api_key(api_key)",
         "        ",
         "        # Continue with the request",
-        "        response = await call_next(request)",
-        "        return response",
+        "        return await call_next(request)",
         "",
     ]
     
     # API key auth is handled via middleware, not FastMCP constructor args
     fastmcp_args = {}
     
-    # Code to run after FastMCP instance is created
-    # FastMCP doesn't expose .app directly, so we need to use custom_route
-    # to add a middleware-like functionality
-    post_init_code = [
-        "# API key authentication via custom middleware function",
-        "# Since FastMCP doesn't expose .app, we'll use a different approach",
-        "import functools",
-        "from starlette.responses import JSONResponse",
-        "",
-        "# Store original method references",
-        "_original_call_tool = mcp._mcp_call_tool if hasattr(mcp, '_mcp_call_tool') else None",
-        "_original_read_resource = mcp._mcp_read_resource if hasattr(mcp, '_mcp_read_resource') else None",
-        "_original_get_prompt = mcp._mcp_get_prompt if hasattr(mcp, '_mcp_get_prompt') else None",
-        "",
-        "# Wrapper to extract API key before processing",
-        "def with_api_key_extraction(original_method):",
-        "    @functools.wraps(original_method)",
-        "    async def wrapper(request, *args, **kwargs):",
-        "        # Extract API key from request headers",
-        "        api_key_config = get_api_key_config()",
-        "        if api_key_config and hasattr(request, 'headers'):",
-        "            header_name = api_key_config.header_name",
-        "            header_prefix = api_key_config.header_prefix",
-        "            ",
-        "            # Case-insensitive header lookup",
-        "            api_key = None",
-        "            for k, v in request.headers.items():",
-        "                if k.lower() == header_name.lower():",
-        "                    api_key = v",
-        "                    break",
-        "            ",
-        "            # Check if API key is required and missing",
-        "            if api_key_config.required and not api_key:",
-        "                return JSONResponse(",
-        "                    {'error': 'unauthorized', 'detail': f'Missing required {header_name} header'},",
-        "                    status_code=401,",
-        "                    headers={'WWW-Authenticate': f'{header_name} realm=\"MCP Server\"'}",
-        "                )",
-        "            ",
-        "            # Strip prefix if configured and present",
-        "            if api_key and header_prefix and api_key.startswith(header_prefix):",
-        "                api_key = api_key[len(header_prefix):]",
-        "            elif api_key and header_prefix and api_key_config.required:",
-        "                # Has API key but wrong format when required",
-        "                return JSONResponse(",
-        "                    {'error': 'unauthorized', 'detail': f'Invalid {header_name} format, expected prefix: {header_prefix}'},",
-        "                    status_code=401,",
-        "                    headers={'WWW-Authenticate': f'{header_name} realm=\"MCP Server\"'}",
-        "                )",
-        "            ",
-        "            # Store the API key in context for tools to access",
-        "            set_api_key(api_key)",
-        "        ",
-        "        # Call the original method",
-        "        return await original_method(request, *args, **kwargs)",
-        "    return wrapper",
-        "",
-        "# Wrap the MCP methods if they exist",
-        "if _original_call_tool:",
-        "    mcp._mcp_call_tool = with_api_key_extraction(_original_call_tool)",
-        "if _original_read_resource:",
-        "    mcp._mcp_read_resource = with_api_key_extraction(_original_read_resource)",
-        "if _original_get_prompt:",
-        "    mcp._mcp_get_prompt = with_api_key_extraction(_original_get_prompt)",
-    ]
-    
     return {
         "imports": auth_imports,
         "setup_code": setup_code_lines,
         "fastmcp_args": fastmcp_args,
-        "has_auth": True,
-        "post_init_code": post_init_code
+        "has_auth": True
     }
 
 

{golf_mcp-0.1.9.dist-info → golf_mcp-0.1.10.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: golf-mcp
-Version: 0.1.9
+Version: 0.1.10
 Summary: Framework for building MCP servers
 Author-email: Antoni Gmitruk <antoni@golf.dev>
 License-Expression: Apache-2.0

{golf_mcp-0.1.9.dist-info → golf_mcp-0.1.10.dist-info}/RECORD

@@ -1,7 +1,7 @@
-golf/__init__.py,sha256=248SFgOW8tTzDpyY6euJ1BwIHMa4uimdKSyc2FGEEZE,21
-golf/auth/__init__.py,sha256=nh22WdganrEtp0YnxX1dmk6euuUFu8zh1BWxi1LGZnI,4107
+golf/__init__.py,sha256=jLGuFdEwhMvHvklOJPvsqvbHQj9TW5k2grc-tedu-YE,22
+golf/auth/__init__.py,sha256=JlpBJp357WFuM0E0j8k46c5EFzsduuquyHqr3aajTYo,4130
 golf/auth/api_key.py,sha256=TWJJ1tyVPSp1vN61opn3DdGKfQkTLX2w-YyLO4eeRPk,2495
-golf/auth/helpers.py,sha256=eKUIhdsaxa9bBtU6BaVZszTtS1ZV1v1fzvCkXV__9pM,2965
+golf/auth/helpers.py,sha256=rmkBTkW3jL_j4aHttcm__E-8RDl_vS5Fg8-Vq79Dmwo,6683
 golf/auth/oauth.py,sha256=MGtuKMSt77yihuZiuiEm33xAlXJynIMcFmMLZRlppdg,31525
 golf/auth/provider.py,sha256=-iIjw1XruxgpWTrwYBX9dbf_sLPlx5vZxZsM0E4Dp64,3931
 golf/cli/__init__.py,sha256=MG53_GB5QcXHJAwSUKhy3xWLWwzc3FrnFbcCg4z6M0w,45
@@ -11,8 +11,8 @@ golf/commands/build.py,sha256=yhcUrK9gHnXNuLPZ2brcmtMgR8wXMBlEBcaBgTKkanI,2295
 golf/commands/init.py,sha256=I-fe7PBDX0vfKCLGXMppD7Uo03LzRbx-bCM2Mt3UzdU,7155
 golf/commands/run.py,sha256=dLrjmpypfvInDkA-KgEUyKrTvkvp59yea5tUyxk_Ej4,1989
 golf/core/__init__.py,sha256=RDSMAkB5NDaV7W5OFJ--miqv6JmvM3rI9ashndqM3X4,52
-golf/core/builder.py,sha256=5N2OwEtpPnjtSYxFzV8f_hBR6BUddD5p7zrPwaHmZjU,48256
-golf/core/builder_auth.py,sha256=ySu_nzoUgGYEP-8DCoSFwgoEW6NMFiQ_MP0v6akOEUI,17217
+golf/core/builder.py,sha256=0yyAK-jdFf-35S1KhM2SiMm0Tk3ydfQn019iDNgem74,48960
+golf/core/builder_auth.py,sha256=R7fZyGiigOPVaqR59l6m_5kJWNL86TbYs7p6qTgmwYs,13637
 golf/core/builder_telemetry.py,sha256=v2LnlHRWg9JqgplfZkV3zm1Jpo8QQBr7hlY8NLhlu8o,2694
 golf/core/config.py,sha256=gZ3eE8VIvDgIrLTizNq9XqkgfMkRg8Pm06gSVV51arA,6806
 golf/core/parser.py,sha256=sCVMWO7sGkSaKkU9LiHC3O9CTcrZxUbxnjdtwP7ne_o,19251
@@ -47,9 +47,9 @@ golf/examples/basic/tools/payments/common.py,sha256=z5shSOZizUEnxBmGUSYghxmNwIvu
 golf/examples/basic/tools/payments/refund.py,sha256=3auhKzuwPLgpoyUDz0p8lUWUY_fXNe0RYadQBxEvpB4,1603
 golf/telemetry/__init__.py,sha256=TFinunN7eFKEHMFUXjPBpz-JzuEu59QzrXwgg85YlQs,397
 golf/telemetry/instrumentation.py,sha256=520owHHBHlm819XD4FJ2dXrGbmGAjOMBXRREJJRgt7o,22890
-golf_mcp-0.1.9.dist-info/licenses/LICENSE,sha256=5_j2f6fTJmvfmUewzElhkpAaXg2grVoxKouOA8ihV6E,11348
-golf_mcp-0.1.9.dist-info/METADATA,sha256=hjiUAnMdRZaAj6yuGpvGu08cFNHPlomW3-XRdfWlRUg,10909
-golf_mcp-0.1.9.dist-info/WHEEL,sha256=zaaOINJESkSfm_4HQVc5ssNzHCPXhJm0kEUakpsEHaU,91
-golf_mcp-0.1.9.dist-info/entry_points.txt,sha256=5y7rHYM8jGpU-nfwdknCm5XsApLulqsnA37MO6BUTYg,43
-golf_mcp-0.1.9.dist-info/top_level.txt,sha256=BQToHcBUufdyhp9ONGMIvPE40jMEtmI20lYaKb4hxOg,5
-golf_mcp-0.1.9.dist-info/RECORD,,
+golf_mcp-0.1.10.dist-info/licenses/LICENSE,sha256=5_j2f6fTJmvfmUewzElhkpAaXg2grVoxKouOA8ihV6E,11348
+golf_mcp-0.1.10.dist-info/METADATA,sha256=l5TFVZ6-xyVSghkCe8raj0EuB5rikTnz4jvcg5fpkLo,10910
+golf_mcp-0.1.10.dist-info/WHEEL,sha256=zaaOINJESkSfm_4HQVc5ssNzHCPXhJm0kEUakpsEHaU,91
+golf_mcp-0.1.10.dist-info/entry_points.txt,sha256=5y7rHYM8jGpU-nfwdknCm5XsApLulqsnA37MO6BUTYg,43
+golf_mcp-0.1.10.dist-info/top_level.txt,sha256=BQToHcBUufdyhp9ONGMIvPE40jMEtmI20lYaKb4hxOg,5
+golf_mcp-0.1.10.dist-info/RECORD,,