k7ic.ZSSKJr SSKrSSKrSSKJr SSKJr SSKJ r SSK r SSK r SSK J r SSKJr SSKJr SS KJrJr SS KJrJrJr SS KJr SS KJr SS KJr SSKJ r J!r! SSK"J#r# SSK$J%r% S/r&\%"\'5r("SS\)5r*SSSjjr+"SS\5r,"SS\5r-g)) annotationsN)AsyncGenerator)Any)urlparse)PydanticAdapter) AsyncKeyValue) MemoryStore)OAuthClientProvider TokenStorage)OAuthClientInformationFullOAuthClientMetadata OAuthToken) AnyHttpUrl)override)Server)OAuthCallbackResultcreate_oauth_callback_server)find_available_port) get_loggerOAuthc\rSrSrSrSrg)ClientNotFoundError$zARaised when OAuth client credentials are not found on the server.N)__name__ __module__ __qualname____firstlineno____doc____static_attributes__rS/home/james-whalen/.local/lib/python3.13/site-packages/fastmcp/client/auth/oauth.pyrr$sKr!rc# [R"S0U=(d 0D6IShvN nURUSS9IShvN nURS;aSSS5IShvN gSUR;aSSS5IShvN gSSS5IShvN gNsN\N=NN ![R a SSS5IShvN gf=f!,IShvN (df  g=f7f) z Check if the MCP endpoint requires authentication by making a test request. Returns: True if auth appears to be required, False otherwise Ng@)timeout)iiTzWWW-AuthenticateFr)httpx AsyncClientget status_codeheaders RequestError)mcp_url httpx_kwargsclientresponses r"check_if_auth_requiredr/(s  8L$6B88F #ZZZ==H##z1988"X%5%55988988>9 !! %988  !988s$C)BC)CB$BB$ C) B!C)&B$7 C)B C) C)B"C)B$C) C)"C)$C 8C9 C)CC) C  CC&C  C&"C)c\rSrSr%S\S'S\S'S\S'S\S 'SS jrSS jrSS jrSS jr\ SSj5r \ SSj5r \ SSj5r \ SSj5r Srg)TokenStorageAdapterFstr _server_urlr_key_value_storezPydanticAdapter[OAuthToken]_storage_oauth_tokenz+PydanticAdapter[OAuthClientInformationFull]_storage_client_infocX lXl[["SU[SS9Ul[[ "SU[ SS9Ulg)Nzmcp-oauth-tokenT)default_collection key_valuepydantic_modelraise_on_validation_errorzmcp-oauth-client-info)r4r5rrr6r r7)selfasync_key_value server_urls r"__init__TokenStorageAdapter.__init__LsM% /$3J$?0%%&* % ! %44N$O6%5&* % !r!c URS3$)Nz/tokensr4r=s r"_get_token_cache_key(TokenStorageAdapter._get_token_cache_key\s""#7++r!c URS3$)Nz /client_inforCrDs r"_get_client_info_cache_key.TokenStorageAdapter._get_client_info_cache_key_s""#<00r!c# URRUR5S9IShvN URRUR 5S9IShvN gN4N7fN)key)r6deleterEr7rHrDs r"clearTokenStorageAdapter.clearbsZ''..43L3L3N.OOO''..43R3R3T.UUU PUs!+A&A".A&A$A&$A&cl# URRUR5S9IShvN $N7frK)r6r'rErDs r" get_tokensTokenStorageAdapter.get_tokensfs...22t7P7P7R2SSSS +424c# URRUR5UURS9IShvN gN7fN)rLvaluettl)r6putrE expires_in)r=tokenss r" set_tokensTokenStorageAdapter.set_tokensjs@''++))+!!,   s7A?Acl# URRUR5S9IShvN $N7frK)r7r'rHrDs r"get_client_info#TokenStorageAdapter.get_client_infors9..22//13    rSc# SnUR(a+UR[[R"55- nURR UR 5UUS9IShvN gN7frU)client_secret_expires_atinttimer7rXrH)r= client_inforWs r"set_client_info#TokenStorageAdapter.set_client_infoxsc  / /66TYY[9IIC''++//1,   sA+A5-A3.A5)r5r4r7r6N)r>rr?r3)returnr3rgNone)rgzOAuthToken | None)rZrrgri)rgz!OAuthClientInformationFull | None)rdr rgri)rrrr__annotations__r@rErHrNrrQr[r^rer rr!r"r1r1Fs##55EE ,1VTT        r!r1c^\rSrSrSrS S U4SjjjrS U4SjjrS SjrS SjrSU4Sjjr Sr U=r $)rz OAuth client provider for MCP servers with browser-based authentication. This class provides OAuth authentication for FastMCP clients by opening a browser for user authorization and running a local callback server. c P>[U5nURSUR3nU=(d [5UlSURS3n [ U[ 5(aSRU5n OUb [U5n OSn [SU[U 5/SS/S /U S .U=(d 0D6n U=(d [5n[ U[5(a S S K J n U "S SS9 [XHS9UlXl["T U]IUU URUR&UR(S9 g)a Initialize OAuth client provider for an MCP server. Args: mcp_url: Full URL to the MCP endpoint (e.g. "http://host/mcp/sse/") scopes: OAuth scopes to request. Can be a space-separated string or a list of strings. client_name: Name for this client during registration token_storage: An AsyncKeyValue-compatible token store, tokens are stored in memory if not provided additional_client_metadata: Extra fields for OAuthClientMetadata callback_port: Fixed port for OAuth callback (default: random available port) z://zhttp://localhost:z /callback Nauthorization_code refresh_tokencode) client_name redirect_uris grant_typesresponse_typesscoper)warnzmUsing in-memory token storage is not recommended for production use -- tokens will be lost on server restart.)message stacklevel)r>r?)r?client_metadatastorageredirect_handlercallback_handlerr)rschemenetlocr redirect_port isinstancelistjoinr3r rr warningsrxr1token_storage_adapterserver_base_urlsuperr@r~r)r=r+scopesrs token_storageadditional_client_metadata callback_port parsed_urlr redirect_uri scopes_strr|rx __class__s r"r@OAuth.__init__s@*g& '../s:3D3D2EF+C.A.C*4+=+=*>iH  fd # #&)J  VJJ- #%l34-?"8  */R &6 m[ 1 1 % ;  ;N); " / &+..!22!22  r!c ># [TU]5IShvN URR(aVURRR(a0URR URR5 gggNv7f)zBLoad stored tokens and client info, properly setting token expiry.N)r _initializecontextcurrent_tokensrYupdate_token_expiry)r=rs r"rOAuth._initializesdg!### << & &4<<+F+F+Q+Q LL , ,T\\-H-H I,R & $sBB A7Bc# [R"5IShvN nURUSS9IShvN nURS:Xa [ S5eURS;a[ SUR35eSSS5IShvN [ RSU35 [R"U5 gNNN7!,IShvN (df  NL=f7f) zIOpen browser for authorization, with pre-flight check for invalid client.NF)follow_redirectsiz8OAuth client not found - cached credentials may be stale)i.i/i3i4z#Unexpected authorization response: zOAuth authorization URL: ) r%r&r'r(r RuntimeErrorloggerinfo webbrowseropen)r=authorization_urlr-r.s r"r~OAuth.redirect_handlers$$&&&#ZZ(9EZRRH##s*)N ##+DD"9(:N:N9OP'&  /0A/BCD)*!'R'&&&sUCB;CCB=AC< CB?4C=C?CCC  CCc# [5n[R"5n[URUR UUS9n[R "5IShvN nURUR5 [RSUR35 Sn[R"U5 UR5IShvN UR(a UReURUR4sSSS5 SUl[R""S5IShvN UR$R'5 sSSS5IShvN $GNNN5N !,(df  O%=f![(an[)SUS35UeSnAff=fSUl[R""S5IShvN UR$R'5 OE!SUl[R""S5IShvN UR$R'5 f=fSSS5IShvN O!,IShvN (df  O=f[+S 5e7f) z4Handle OAuth callback and return (auth_code, state).)portr?result_container result_readyNu7🎧 OAuth callback server started on http://localhost:gr@Tg?zOAuth callback timed out after z secondsz+OAuth callback handler could not be started)ranyioEventrrrcreate_task_group start_soonserverr fail_afterwaiterrorrrstate should_exitsleep cancel_scopecancel TimeoutErrorr)r=resultrservertgTIMEOUTes r"rOAuth.callback_handlers%&{{} 6##++#%  **,, MM&,, ' KKI$J\J\I]^ G )%%g.&++---||$ll*!;; 4 /.&*"kk#&&&&&()-,,.''-/.   "5gYhG  /&*"kk#&&&&&(&*"kk#&&&&&()-,,,,,,HIIsAIEIAH2 E76E& E  8E& E7 H2,E"-H2 IE$I E&"H2$I& E4 0E73G4E77 FFFG H2:F=; H2!H<G? = HH2 I+H.,I2I 8H; 9 I Ic># [TU]U5nSnURU5IShvN nU7vnM!N ![a gf=f![a [ R S5 SUlURR5IShvN [TU]U5nSnURU5IShvN nU7vnO![a gf=fM4f=f7f)zHTTPX auth flow with automatic retry on stale cached credentials. If the OAuth flow fails due to invalid/stale client credentials, clears the cache and retries once with fresh registration. Nz@OAuth client not found on server, clearing cache and retrying...F) rasync_auth_flowasendStopAsyncIterationrrdebug _initializedrrN)r=requestgenr.yielded_requestrs r"rOAuth.async_auth_flows ')'2CH,/IIh,?&?O%44H&?)#  LLR  !&D ,,224 4 4')'2CH,/IIh,?&?&?O%44H)  sCA :8 :A : AA CAA AC BC&C:B=; CC CCCCCC)rrrr)NzFastMCP ClientNNN) r+r3rzstr | list[str] | Nonersr3rzAsyncKeyValue | Nonerdict[str, Any] | Nonerz int | Nonerh)rr3rgri)rgztuple[str, str | None])rz httpx.Requestrgz-AsyncGenerator[httpx.Request, httpx.Response]) rrrrrr@rr~rrr __classcell__)rs@r"rrs*.+.2<@$(H H 'H  H , H %: H "H H TJ+*%JN#$# 6##r!)N)r+r3r,rrgbool). __future__rrcrcollections.abcrtypingr urllib.parserrr%key_value.aio.adapters.pydanticrkey_value.aio.protocolsrkey_value.aio.stores.memoryr mcp.client.authr r mcp.shared.authr r rpydanticrtyping_extensionsruvicorn.serverrfastmcp.client.oauth_callbackrrfastmcp.utilities.httprfastmcp.utilities.loggingr__all__rr Exceptionrr/r1rrr!r"rs" *! ;13=  &!70 ) H L)L 9=  5 <= ,= @z zr!