tiennm99/litellm
1
0
Fork 0
mirror of https://github.com/tiennm99/litellm.git synced 2026-06-17 22:48:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a4341ccf833c19f716e00a8fedc66fb257d5bcd6
litellm/tests/mcp_tests/test_mcp_auth_priority.py
T
YutaSaito f487f4e3a9 feat: add dynamic OAuth2 metadata discovery for MCP servers (#16676) 
* feat: add dynamic OAuth2 metadata discovery for MCP servers

* fix: lint error
2025-11-14 18:14:43 -08:00

66 lines
2.3 KiB
Python
Raw Blame History

"""
Simple test to validate MCP auth header priority behavior.
Validates that:
1. auth_value is not required in config.yaml
2. Server-specific headers (x-mcp-server-name-authorization) take precedence over config auth_value
"""
import pytest
from litellm.proxy._experimental.mcp_server.mcp_server_manager import MCPServerManager
from litellm.types.mcp import MCPAuth, MCPTransport, MCPSpecVersion
from litellm.types.mcp_server.mcp_server_manager import MCPServer
def test_mcp_server_works_without_config_auth_value():
"""
Test that MCP servers work without auth_value in config when headers are provided.
This validates that auth_value is truly optional in config.yaml.
"""
# Create a server WITHOUT config auth_value
server_without_config_auth = MCPServer(
server_id="test-server-no-config",
name="Test MCP Server No Config Auth",
server_name="test_server_no_config",
alias="test_no_config",
url="https://api.example.com/mcp",
transport=MCPTransport.http,
auth_type=MCPAuth.authorization,
authentication_token=None, # No config auth
)
manager = MCPServerManager()
# Test that it works with only header auth
client = manager._create_mcp_client(
server=server_without_config_auth,
mcp_auth_header="Bearer token_from_header_only",
)
# Verify header token is used
assert client._mcp_auth_value == "Bearer token_from_header_only"
assert client.auth_type == MCPAuth.authorization
@pytest.mark.parametrize("token_key", ["authentication_token", "auth_value"])
async def test_mcp_server_config_auth_value_header_used(token_key):
"""Ensure auth header is sent when auth token configured in config"""
config = {
"test_server": {
"url": "https://api.example.com/mcp",
"transport": "http",
"auth_type": "bearer_token",
token_key: "example_token",
}
}
manager = MCPServerManager()
await manager.load_servers_from_config(config)
server = next(iter(manager.config_mcp_servers.values()))
client = manager._create_mcp_client(server)
headers = client._get_auth_headers()
assert headers["Authorization"] == "Bearer example_token"
assert client.auth_type == MCPAuth.bearer_token
Reference in New Issue View Git Blame Copy Permalink