-
Notifications
You must be signed in to change notification settings - Fork 131
Expand file tree
/
Copy pathserver.php
More file actions
66 lines (54 loc) · 2.16 KB
/
server.php
File metadata and controls
66 lines (54 loc) · 2.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
/*
* This file is part of the official PHP MCP SDK.
*
* A collaboration between Symfony and the PHP Foundation.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
require_once dirname(__DIR__).'/bootstrap.php';
use Http\Discovery\Psr17Factory;
use Laminas\HttpHandlerRunner\Emitter\SapiEmitter;
use Mcp\Server;
use Mcp\Server\Session\FileSessionStore;
use Mcp\Server\Transport\Http\Middleware\AuthorizationMiddleware;
use Mcp\Server\Transport\Http\Middleware\OAuthRequestMetaMiddleware;
use Mcp\Server\Transport\Http\Middleware\ProtectedResourceMetadataMiddleware;
use Mcp\Server\Transport\Http\OAuth\JwksProvider;
use Mcp\Server\Transport\Http\OAuth\JwtTokenValidator;
use Mcp\Server\Transport\Http\OAuth\OidcDiscovery;
use Mcp\Server\Transport\Http\OAuth\ProtectedResourceMetadata;
use Mcp\Server\Transport\StreamableHttpTransport;
$externalIssuer = 'http://localhost:8180/realms/mcp';
$internalIssuer = 'http://keycloak:8180/realms/mcp';
$validator = new JwtTokenValidator(
issuer: [$externalIssuer, $internalIssuer],
audience: 'mcp-server',
jwksProvider: new JwksProvider(new OidcDiscovery()),
jwksUri: $internalIssuer.'/protocol/openid-connect/certs',
);
$protectedResourceMetadata = new ProtectedResourceMetadata(
authorizationServers: [$externalIssuer],
scopesSupported: ['openid'],
resource: 'http://localhost:8000/mcp',
resourceName: 'OAuth Keycloak Example MCP Server',
);
$metadataMiddleware = new ProtectedResourceMetadataMiddleware($protectedResourceMetadata);
$authMiddleware = new AuthorizationMiddleware(
$validator,
$protectedResourceMetadata,
);
$server = Server::builder()
->setServerInfo('OAuth Keycloak Example', '1.0.0')
->setLogger(logger())
->setSession(new FileSessionStore(__DIR__.'/sessions'))
->setDiscovery(__DIR__)
->build();
$transport = new StreamableHttpTransport(
(new Psr17Factory())->createServerRequestFromGlobals(),
logger: logger(),
middleware: [$metadataMiddleware, $authMiddleware, new OAuthRequestMetaMiddleware()],
);
$response = $server->run($transport);
(new SapiEmitter())->emit($response);