mdr

echo_server.py

@@ -1,27 +1,147 @@
+from fastapi import FastAPI, Request, HTTPException
 from fastmcp import FastMCP
-from fastmcp.server.auth import RemoteAuthProvider
-from fastmcp.server.auth.providers.jwt import JWTVerifier
-from pydantic import AnyHttpUrl
+from authlib.integrations.starlette_client import OAuth
+from starlette.middleware.sessions import SessionMiddleware
 import os
+from typing import Dict, Any, Optional
 
-# For OAuth 2.0 with Twitter, we'll use JWT verification
-# Twitter provides JWKS for token verification
-token_verifier = JWTVerifier(
-    jwks_uri="https://api.twitter.com/2/oauth2/jwks",
-    issuer="https://api.twitter.com",
-    audience=os.getenv("TWITTER_CLIENT_ID", "your_twitter_client_id"),
+# Validation des variables d'environnement
+required_env_vars = ["CLIENT_ID", "CLIENT_SECRET"]
+missing_vars = [var for var in required_env_vars if not os.getenv(var)]
+if missing_vars:
+    raise ValueError(f"Variables d'environnement manquantes: {', '.join(missing_vars)}")
+
+app = FastAPI()
+app.add_middleware(
+    SessionMiddleware, 
+    secret_key="CHANGE_ME"
 )
 
-# Create the remote auth provider
-auth = RemoteAuthProvider(
-    token_verifier=token_verifier,
-    authorization_servers=[AnyHttpUrl("https://twitter.com")],
-    base_url=os.getenv("BASE_URL", "https://myuniverse01-deploy1.hf.space/echo"),
+# --- Config OAuth Twitter ---
+oauth = OAuth()
+oauth.register(
+    name='twitter',
+    client_id=os.getenv("CLIENT_ID"),
+    client_secret=os.getenv("CLIENT_SECRET"),
+    authorize_url="https://twitter.com/i/oauth2/authorize",
+    access_token_url="https://api.twitter.com/2/oauth2/token",
+    client_kwargs={
+        "scope": "tweet.read users.read offline.access",
+        "token_endpoint_auth_method": "client_secret_post"
+    }
 )
 
-mcp = FastMCP(name="EchoServer", stateless_http=True, auth=auth)
+# --- Fonction d'authentification pour MCP ---
+async def mcp_auth(request: Request) -> Optional[Dict[str, Any]]:
+    """
+    Fonction d'authentification pour FastMCP
+    Retourne les données utilisateur si authentifié, None sinon
+    """
+    user = request.session.get('user')
+    if not user:
+        return None
+    return user
+
+# --- FastMCP Server avec auth intégrée ---
+mcp = FastMCP(
+    name="TwitterMCP", 
+    stateless_http=True,
+    auth=mcp_auth
+)
+
+@mcp.tool()
+async def hello() -> str:
+    """Fonction de test MCP"""
+    return "Hello depuis FastMCP 🎉"
+
+@mcp.tool()
+async def get_current_user(request: Request) -> Dict[str, Any]:
+    """Retourne les informations de l'utilisateur authentifié"""
+    user = request.session.get('user', {})
+    return {
+        "username": user.get('username'),
+        "id": user.get('id'),
+        "name": user.get('name')
+    }
+
+@mcp.tool() 
+async def tweet_something(request: Request, message: str) -> Dict[str, str]:
+    """
+    Exemple d'outil qui pourrait tweeter (nécessiterait les bonnes permissions)
+    """
+    user = request.session.get('user', {})
+    # Ici on pourrait utiliser le token stocké pour poster un tweet
+    return {
+        "status": "success",
+        "message": f"Tweet simulé de @{user.get('username', 'unknown')}: {message}"
+    }
+
+# --- Routes OAuth ---
+@app.get("/login")
+async def login(request: Request):
+    """Initie le processus d'authentification Twitter"""
+    try:
+        redirect_uri = request.url_for("auth_callback")
+        return await oauth.twitter.authorize_redirect(request, redirect_uri)
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=f"Erreur lors de l'initialisation OAuth: {str(e)}")
+
+@app.get("/callback")
+async def auth_callback(request: Request) -> Dict[str, str]:
+    """Gère le callback OAuth et stocke les infos utilisateur"""
+    try:
+        token = await oauth.twitter.authorize_access_token(request)
+        
+        # Récupère les infos de l'utilisateur
+        user_req = await oauth.twitter.get(
+            "https://api.twitter.com/2/users/me",
+            token=token
+        )
+        
+        if user_req.status_code != 200:
+            raise HTTPException(
+                status_code=400, 
+                detail="Impossible de récupérer les informations utilisateur"
+            )
+        
+        userinfo = user_req.json().get('data', {})
+        
+        if not userinfo:
+            raise HTTPException(
+                status_code=400,
+                detail="Données utilisateur invalides"
+            )
+        
+        # Stocke les infos utilisateur et le token en session
+        request.session['user'] = userinfo
+        request.session['token'] = token
+        
+        return {"message": f"Connecté en tant que @{userinfo.get('username', 'utilisateur')}"}
+        
+    except HTTPException:
+        raise
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=f"Erreur lors de l'authentification: {str(e)}")
+
+@app.get("/logout")
+async def logout(request: Request):
+    """Déconnecte l'utilisateur"""
+    request.session.clear()
+    return {"message": "Déconnecté avec succès"}
+
+@app.get("/profile")
+async def get_profile(request: Request):
+    """Retourne le profil de l'utilisateur connecté"""
+    user = request.session.get('user')
+    if not user:
+        raise HTTPException(status_code=401, detail="Non authentifié")
+    return {"user": user}
 
+# --- Route de santé ---
+@app.get("/health")
+async def health_check():
+    """Vérification de l'état de l'application"""
+    return {"status": "ok", "message": "Service opérationnel"}
 
-@mcp.tool(description="A simple echo tool")
-def echo(message: str) -> str:
-    return f"Echo: {message}"
+# --- Intégration FastMCP dans FastAPI ---
+app.mount("/mcp", mcp.app)

requirements.txt

@@ -1,6 +1,63 @@
-fastmcp>=2.12.2
-httpx>=0.27.0
-pydantic>=2.7.0
-selectolax>=0.3.15 
-fastapi
-jinja2
+annotated-types==0.7.0
+anyio==4.10.0
+attrs==25.3.0
+Authlib==1.6.3
+certifi==2025.8.3
+cffi==2.0.0
+charset-normalizer==3.4.3
+click==8.2.1
+cryptography==45.0.7
+cyclopts==3.24.0
+dnspython==2.8.0
+docstring_parser==0.17.0
+docutils==0.22
+email-validator==2.3.0
+exceptiongroup==1.3.0
+fastapi==0.116.1
+fastmcp==2.12.3
+h11==0.16.0
+httpcore==1.0.9
+httpx==0.28.1
+httpx-sse==0.4.1
+idna==3.10
+isodate==0.7.2
+itsdangerous==2.2.0
+jsonschema==4.25.1
+jsonschema-path==0.3.4
+jsonschema-specifications==2025.9.1
+lazy-object-proxy==1.12.0
+markdown-it-py==4.0.0
+MarkupSafe==3.0.2
+mcp==1.14.0
+mdurl==0.1.2
+more-itertools==10.8.0
+openapi-core==0.19.5
+openapi-pydantic==0.5.1
+openapi-schema-validator==0.6.3
+openapi-spec-validator==0.7.2
+parse==1.20.2
+pathable==0.4.4
+pycparser==2.23
+pydantic==2.11.9
+pydantic-settings==2.10.1
+pydantic_core==2.33.2
+Pygments==2.19.2
+pyperclip==1.9.0
+python-dotenv==1.1.1
+python-multipart==0.0.20
+PyYAML==6.0.2
+referencing==0.36.2
+requests==2.32.5
+rfc3339-validator==0.1.4
+rich==14.1.0
+rich-rst==1.3.1
+rpds-py==0.27.1
+six==1.17.0
+sniffio==1.3.1
+sse-starlette==3.0.2
+starlette==0.47.3
+typing-inspection==0.4.1
+typing_extensions==4.15.0
+urllib3==2.5.0
+uvicorn==0.35.0
+Werkzeug==3.1.1