Merge pull request #96 from shira-ayal/add-bearer-token-example

Add bearer token example

Author: shahar4499

docs/03_authentication_and_authorization.md

@@ -49,6 +49,8 @@ mcp = FastApiMCP(
 mcp.mount()
 ```
 
+For a complete working example of authorization header, check out the [auth_example_token_passthrough.py](/examples/08_auth_example_token_passthrough.py) in the examples folder.
+
 ## OAuth Flow
 
 FastAPI-MCP supports the full OAuth 2 flow, compliant with [MCP Spec 2025-03-26](https://modelcontextprotocol.io/specification/2025-03-26/basic/authorization).
@@ -138,7 +140,7 @@ For this to work, you have to make sure mcp-remote is running [on a fixed port](
 
 ## Working Example with Auth0
 
-For a complete working example of OAuth integration with Auth0, check out the [auth_example_auth0.py](/examples/08_auth_example_auth0.py) in the examples folder. This example demonstrates the simple case of using Auth0 as an OAuth provider, with a working example of the OAuth flow.
+For a complete working example of OAuth integration with Auth0, check out the [auth_example_auth0.py](/examples/09_auth_example_auth0.py) in the examples folder. This example demonstrates the simple case of using Auth0 as an OAuth provider, with a working example of the OAuth flow.
 
 For it to work, you need an .env file in the root of the project with the following variables:
 

examples/08_auth_example_token_passthrough.py

@@ -0,0 +1,58 @@
+"""
+This example shows how to reject any request without a valid token passed in the Authorization header.
+
+In order to configure the auth header, the config file for the MCP server should looks like this:
+```json
+{
+  "mcpServers": {
+    "remote-example": {
+      "command": "npx",
+      "args": [
+        "mcp-remote",
+        "http://localhost:8000/mcp",
+        "--header",
+        "Authorization:${AUTH_HEADER}"
+      ]
+    },
+    "env": {
+      "AUTH_HEADER": "Bearer <your-token>"
+    }
+  }
+}
+```
+"""
+from examples.shared.apps.items import app # The FastAPI app
+from examples.shared.setup import setup_logging
+
+from fastapi import Depends
+from fastapi.security import HTTPBearer
+
+from fastapi_mcp import FastApiMCP, AuthConfig
+
+setup_logging()
+
+# Scheme for the Authorization header
+token_auth_scheme = HTTPBearer()
+
+# Create a private endpoint
+@app.get("/private")
+async def private(token = Depends(token_auth_scheme)):
+    return token.credentials
+
+# Create the MCP server with the token auth scheme
+mcp = FastApiMCP(
+    app,
+    name="Protected MCP",
+    auth_config=AuthConfig(
+        dependencies=[Depends(token_auth_scheme)],
+    ),
+)
+
+# Mount the MCP server
+mcp.mount()
+
+
+if __name__ == "__main__":
+    import uvicorn
+    
+    uvicorn.run(app, host="0.0.0.0", port=8000)