ozzynet-mcp-server
The project is a prototype MCP server that manages tool access based on authentication via GitHub. It uses Quarkus for authentication handling and requires users to set up OAuth2 with GitHub.
Simple MCP Server with upstream auth via local rest endpoint
This is a prototype where an MCP server offers tools, but limits their access based on internal state, requiring the user to authenticate via an external url.
In this case, the external url is wrappered with quarkus oidc, requiring authentication via github
The resulting access token for github is then stored within the mcp for the sessionid used by the user
Note: you must edit application.properties to add your client-id and secret for your GitHub OAuth app.
Requirements
- JBang
- OAuth2 App with GitHub
- MCP Client like claude
Creating an OAuth2 App with GitHub
Navigate to https://github.com/settings/developers
Select OAuth Apps from the left nav
Click 'New OAuth App'
Give it a name, and set the callback url to be http://127.0.0.1:8080/auth
Copy the client ID to application.properties Click 'generate a new client secret' and copy the secret to application.properties
Update claude desktop config json...
For windows...
{
"mcpServers": {
"ozzynet": {
"command": "cmd",
"args": [
"/c",
"C:\\Users\\YOURUSERNAME\\.jbang\\bin\\jbang.cmd",
"--quiet",
"org.ozzy:stiletto:1.0.0-SNAPSHOT:runner" ]
}
}
}
For mac...
{
"mcpServers": {
"ozzynet": {
"command": "jbang",
"args": [
"--quiet",
"org.ozzy:stiletto:1.0.0-SNAPSHOT:runner" ]
}
}
}
Testing..
Ask claude to list the issues for a repository ..
eg, list the issues for quarkusio's quarkus repo
Claude will ask permission to invoke the getSessionId tool
Claude will then invoke the listIssues tool, and report it cannot use it, because you need to be authenticated, and will offer you
a link of the form http://127.0.0.1/auth?sessionId=