Serve oauth protected resource metadata endpoint

Author: ardaguclu

pkg/config/config.go

@@ -19,10 +19,11 @@ type StaticConfig struct {
 	// When true, expose only tools annotated with readOnlyHint=true
 	ReadOnly bool `toml:"read_only,omitempty"`
 	// When true, disable tools annotated with destructiveHint=true
-	DisableDestructive bool     `toml:"disable_destructive,omitempty"`
-	EnabledTools       []string `toml:"enabled_tools,omitempty"`
-	DisabledTools      []string `toml:"disabled_tools,omitempty"`
-	RequireOAuth       bool     `toml:"require_oauth,omitempty"`
+	DisableDestructive  bool     `toml:"disable_destructive,omitempty"`
+	EnabledTools        []string `toml:"enabled_tools,omitempty"`
+	DisabledTools       []string `toml:"disabled_tools,omitempty"`
+	RequireOAuth        bool     `toml:"require_oauth,omitempty"`
+	AuthorizationServer string   `toml:"authorization_server,omitempty"`
 }
 
 type GroupVersionKind struct {

pkg/http/authorization.go

@@ -23,7 +23,7 @@ const (
 func AuthorizationMiddleware(requireOAuth bool, mcpServer *mcp.Server) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if r.URL.Path == "/healthz" {
+			if r.URL.Path == "/healthz" || r.URL.Path == "/.well-known/oauth-protected-resource" {
 				next.ServeHTTP(w, r)
 				return
 			}

pkg/http/http.go

@@ -2,6 +2,7 @@ package http
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"net/http"
 	"os"
@@ -35,6 +36,28 @@ func Serve(ctx context.Context, mcpServer *mcp.Server, staticConfig *config.Stat
 	mux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusOK)
 	})
+	mux.HandleFunc("/.well-known/oauth-protected-resource", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/json")
+
+		var authServers []string
+		if staticConfig.AuthorizationServer != "" {
+			authServers = []string{staticConfig.AuthorizationServer}
+		} else {
+			// Fallback to Kubernetes API server host if authorization_server is not configured
+			if apiServerHost := mcpServer.GetKubernetesAPIServerHost(); apiServerHost != "" {
+				authServers = []string{apiServerHost}
+			}
+		}
+
+		response := map[string]interface{}{
+			"authorization_servers": authServers,
+		}
+
+		w.WriteHeader(http.StatusOK)
+		if err := json.NewEncoder(w).Encode(response); err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+		}
+	})
 
 	ctx, cancel := context.WithCancel(ctx)
 	defer cancel()

pkg/kubernetes-mcp-server/cmd/root.go

@@ -56,6 +56,7 @@ type MCPServerOptions struct {
 	ReadOnly           bool
 	DisableDestructive bool
 	RequireOAuth       bool
+	AuthorizationURL   string
 
 	ConfigPath   string
 	StaticConfig *config.StaticConfig
@@ -110,7 +111,8 @@ func NewMCPServer(streams genericiooptions.IOStreams) *cobra.Command {
 	cmd.Flags().BoolVar(&o.DisableDestructive, "disable-destructive", o.DisableDestructive, "If true, tools annotated with destructiveHint=true are disabled")
 	cmd.Flags().BoolVar(&o.RequireOAuth, "require-oauth", o.RequireOAuth, "If true, requires OAuth authorization as defined in the Model Context Protocol (MCP) specification. This flag is ignored if transport type is stdio")
 	cmd.Flags().MarkHidden("require-oauth")
-
+	cmd.Flags().StringVar(&o.AuthorizationURL, "authorization-url", o.AuthorizationURL, "OAuth authorization server URL for protected resource endpoint. If not provided, the Kubernetes API server host will be used. Only valid if require-oauth is enabled.")
+	cmd.Flags().MarkHidden("authorization-url")
 	return cmd
 }
 
@@ -164,6 +166,9 @@ func (m *MCPServerOptions) loadFlags(cmd *cobra.Command) {
 	if cmd.Flag("require-oauth").Changed {
 		m.StaticConfig.RequireOAuth = m.RequireOAuth
 	}
+	if cmd.Flag("authorization-url").Changed {
+		m.StaticConfig.AuthorizationServer = m.AuthorizationURL
+	}
 }
 
 func (m *MCPServerOptions) initializeLogging() {
@@ -182,6 +187,9 @@ func (m *MCPServerOptions) Validate() error {
 	if m.Port != "" && (m.SSEPort > 0 || m.HttpPort > 0) {
 		return fmt.Errorf("--port is mutually exclusive with deprecated --http-port and --sse-port flags")
 	}
+	if !m.StaticConfig.RequireOAuth && m.StaticConfig.AuthorizationServer != "" {
+		return fmt.Errorf("authorization-url is only valid if require-oauth is enabled")
+	}
 	return nil
 }
 

pkg/kubernetes/kubernetes.go

@@ -125,6 +125,13 @@ func (m *Manager) Close() {
 	}
 }
 
+func (m *Manager) GetAPIServerHost() string {
+	if m.cfg == nil {
+		return ""
+	}
+	return m.cfg.Host
+}
+
 func (m *Manager) ToDiscoveryClient() (discovery.CachedDiscoveryInterface, error) {
 	return m.discoveryClient, nil
 }

pkg/mcp/mcp.go

@@ -114,6 +114,14 @@ func (s *Server) VerifyToken(ctx context.Context, token string, audience string)
 	return s.k.VerifyToken(ctx, token, audience)
 }
 
+// GetKubernetesAPIServerHost returns the Kubernetes API server host from the configuration.
+func (s *Server) GetKubernetesAPIServerHost() string {
+	if s.k == nil {
+		return ""
+	}
+	return s.k.GetAPIServerHost()
+}
+
 func (s *Server) Close() {
 	if s.k != nil {
 		s.k.Close()