Merge pull request #185 from jessesanford/Issue-123-fix-authconfig-default_scope-usage

shahar4499 · web-flow · commit 2e0aa90589a1 · 2025-07-14T19:11:24.000+03:00
Fixes #123: allow usage of default_scope to be passed
diff --git a/fastapi_mcp/auth/proxy.py b/fastapi_mcp/auth/proxy.py
@@ -199,8 +199,10 @@ async def oauth_authorize_proxy(
         if not scope:
             logger.warning("Client didn't provide any scopes! Using default scopes.")
             scope = default_scope
+            logger.debug(f"Default scope: {scope}")
 
         scopes = scope.split()
+        logger.debug(f"Scopes passed: {scopes}")
         for required_scope in default_scope.split():
             if required_scope not in scopes:
                 scopes.append(required_scope)
diff --git a/fastapi_mcp/server.py b/fastapi_mcp/server.py
@@ -275,6 +275,7 @@ def _setup_auth_2025_03_26(self):
                     client_id=self._auth_config.client_id,
                     authorize_url=self._auth_config.authorize_url,
                     audience=self._auth_config.audience,
+                    default_scope=self._auth_config.default_scope,
                 )
                 if self._auth_config.setup_fake_dynamic_registration:
                     assert self._auth_config.client_secret is not None

Original file line number	Diff line number	Diff line change
`@@ -275,6 +275,7 @@ def _setup_auth_2025_03_26(self):`
`275`	`275`	`client_id=self._auth_config.client_id,`
`276`	`276`	`authorize_url=self._auth_config.authorize_url,`
`277`	`277`	`audience=self._auth_config.audience,`
	`278`	`+ default_scope=self._auth_config.default_scope,`
`278`	`279`	`)`
`279`	`280`	`if self._auth_config.setup_fake_dynamic_registration:`
`280`	`281`	`assert self._auth_config.client_secret is not None`