MCP Server Auth mit Microsoft ⇐ C#

[Anonymous]

Ich arbeite an einem Proof-of-Concept-MCP-Server, der sich mit Microsoft authentifiziert. Gruppe < /li>
< /ul>
Hier ist meine Programm-CS-Datei, in der die Middleware festgelegt wird: < /p>
{
public static void Main(string[] args)
{
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

string tenantId = GlobalConfig.EmcpPocTenantId;
string clientId = GlobalConfig.EmcpPocClientId;
string instance = "https://login.microsoftonline.com/";

var isDevelopment = builder.Environment.IsDevelopment();

builder.Services.AddEndpointsApiExplorer();

builder.Services.AddAuthentication(options =>
{
options.DefaultChallengeScheme = McpAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.Authority = $"{instance}{tenantId}/v2.0";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidAudience = $"api://{clientId}",
ValidIssuer = $"{instance}{tenantId}/v2.0",
NameClaimType = "name",
RoleClaimType = "roles"
};

options.MetadataAddress = $"{instance}{tenantId}/v2.0/.well-known/openid-configuration";

options.Events = new JwtBearerEvents
{
OnTokenValidated = context =>
{
var name = context.Principal?.Identity?.Name ?? "unknown";
var email = context.Principal?.FindFirstValue("preferred_username") ?? "unknown";
Console.WriteLine($"Token validated for: {name} ({email})");
return Task.CompletedTask;
},
OnAuthenticationFailed = context =>
{
Console.WriteLine($"Authentication failed: {context.Exception.Message}");
return Task.CompletedTask;
},
OnChallenge = context =>
{
Console.WriteLine($"Challenging client to authenticate with Entra ID");
return Task.CompletedTask;
}
};
})
.AddMcp(options =>
{
options.ResourceMetadata = new()
{
Resource = new Uri("http://localhost/"),
ResourceDocumentation = new Uri("https://docs.example.com/api/weather"),
AuthorizationServers = { new Uri($"{instance}{tenantId}/v2.0") },
ScopesSupported = ["mcp:tools"],
};
});

builder.Services.AddSingleton(serviceProvider =>
new PostConfigureOptions(null, options =>
{
var httpContextAccessor = serviceProvider.GetService();
if (httpContextAccessor?.HttpContext != null && options.ResourceMetadata != null)
{
var request = httpContextAccessor.HttpContext.Request;
var scheme = request.Scheme;
var host = request.Host.Value;
var baseUrl = $"{scheme}://{host}";

options.ResourceMetadata.Resource = new Uri($"{baseUrl}/");
}
}));

builder.Services.AddAuthorization();
builder.Services.AddHttpContextAccessor();
builder.Services.AddMcpServer().WithHttpTransport(options =>
{
options.Stateless = true;
}).WithTools();

WebApplication app = builder.Build();

app.UseAuthentication();
app.UseAuthorization();

app.MapMcp().RequireAuthorization();
app.Run();
}
}
< /code>
Ich erhalte diesen Fehler, nachdem ich den MCP -Client in VSCODE gestartet und angemeldet habe. Weiß jemand, was mein Problem ist? Ich würde die Hilfe aufrichtig schätzen!>