Remove but document mcp auth

Author: marktayl1

docs/mcp_server.md

@@ -0,0 +1,34 @@
+Capturing the notes from auth install before deleting for docs...
+
+### Auth section:
+Requires and app registration as in azure_app_service_auth_setup.md so not deployed by default.
+
+To setup basic auth with FastMCP - bearer token - you can integrate with Azure by using it as your token provider.
+
+``` from fastmcp.server.auth import JWTVerifier```
+
+```
+auth = JWTVerifier(
+    jwks_uri="https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe/discovery/v2.0/keys",
+    #issuer="https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe/v2.0",
+    # This issuer is not correct in the docs. Found by decoding the token.
+    issuer="https://sts.windows.net/52b39610-0746-4c25-a83d-d4f89fadedfe/",
+    algorithm="RS256",
+    audience="api://7a95e70b-062e-4cd3-a88c-603fc70e1c73"
+)
+```
+
+Requires env vars:
+```
+export MICROSOFT_CLIENT_ID="your-client-id"
+export MICROSOFT_CLIENT_SECRET="your-client-secret"
+export MICROSOFT_TENANT="common" # Or your tenant ID
+```
+
+```mcp = FastMCP("My MCP Server", auth=auth)```
+
+For more complex and production - supports OAuth and PKCE
+
+Enabled through MCP enabled base - see lifecycle.py
+
+

src/backend/v3/api/router.py

@@ -727,7 +727,7 @@ async def select_team_endpoint(selection: TeamSelectionRequest, request: Request
         session_id = selection.session_id or str(uuid.uuid4())
 
         # save to in-memory config for current user
-        team_config.set_current_team(user_id=user_id, team_config=team_configuration)
+        team_config.set_current_team(user_id=user_id, team_configuration=team_configuration)
 
         # Track the team selection event
         track_event_if_configured(

src/backend/v3/magentic_agents/common/lifecycle.py

@@ -60,29 +60,29 @@ async def _after_open(self) -> None:
         """Subclasses must build self._agent here."""
         raise NotImplementedError
 
-    # Internals
-    def _build_mcp_headers(self) -> dict:
-        if not self.mcp_cfg.client_id:
-            return {}
-        self.cred = InteractiveBrowserCredential(
-            tenant_id=self.mcp_cfg.tenant_id or None,
-            client_id=self.mcp_cfg.client_id,
-        )
-        tok = self.cred.get_token(f"api://{self.mcp_cfg.client_id}/access_as_user")
-        return {
-            "Authorization": f"Bearer {tok.token}",
-            "Content-Type": "application/json",
-        }
+    # For use when implementing bearer token auth
+    # def _build_mcp_headers(self) -> dict:
+    #     if not self.mcp_cfg.client_id:
+    #         return {}
+    #     self.cred = InteractiveBrowserCredential(
+    #         tenant_id=self.mcp_cfg.tenant_id or None,
+    #         client_id=self.mcp_cfg.client_id,
+    #     )
+    #     tok = self.cred.get_token(f"api://{self.mcp_cfg.client_id}/access_as_user")
+    #     return {
+    #         "Authorization": f"Bearer {tok.token}",
+    #         "Content-Type": "application/json",
+    #     }
 
     async def _enter_mcp_if_configured(self) -> None:
         if not self.mcp_cfg:
             return
-        headers = self._build_mcp_headers()
+        #headers = self._build_mcp_headers()
         plugin = MCPStreamableHttpPlugin(
             name=self.mcp_cfg.name,
             description=self.mcp_cfg.description,
             url=self.mcp_cfg.url,
-            headers=headers,
+            #headers=headers,
         )
         # Enter MCP async context via the stack to ensure correct LIFO cleanup
         if self._stack is None:

src/mcp_server/my_mcp_server/my_mcp_server.py

@@ -4,14 +4,14 @@
 from fastmcp.server.auth import JWTVerifier
 from utils_date import format_date_for_user
 
-auth = JWTVerifier(
-    jwks_uri="https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe/discovery/v2.0/keys",
-    #issuer="https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe/v2.0",
-    # This issuer is not correct in the docs. Found by decoding the token.
-    issuer="https://sts.windows.net/52b39610-0746-4c25-a83d-d4f89fadedfe/",
-    algorithm="RS256",
-    audience="api://7a95e70b-062e-4cd3-a88c-603fc70e1c73"
-)
+# auth = JWTVerifier(
+#     jwks_uri="https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe/discovery/v2.0/keys",
+#     #issuer="https://login.microsoftonline.com/52b39610-0746-4c25-a83d-d4f89fadedfe/v2.0",
+#     # This issuer is not correct in the docs. Found by decoding the token.
+#     issuer="https://sts.windows.net/52b39610-0746-4c25-a83d-d4f89fadedfe/",
+#     algorithm="RS256",
+#     audience="api://7a95e70b-062e-4cd3-a88c-603fc70e1c73"
+# )
 
 class Domain(Enum):
     HR = "hr"
@@ -21,7 +21,7 @@ class Domain(Enum):
     TECH_SUPPORT = "tech_support"
     RETAIL = "Retail"
 
-mcp = FastMCP("My MCP Server", auth=auth)
+mcp = FastMCP("My MCP Server")
 
 formatting_instructions = "Instructions: returning the output of this function call verbatim to the user in markdown. Then write AGENT SUMMARY: and then include a summary of what you did."