Add HTTP server mode with OAuth token support #1216
Conversation
This adds HTTP server mode to the GitHub MCP Server, enabling multi-client support with "bring your own token" OAuth functionality. This is useful for enterprise scenarios where a single MCP server instance handles multiple external clients, each authenticating with their own credentials. Key changes: - Add `http` command to start HTTP server on configurable port (default 8080) - Support per-request OAuth tokens via Authorization header - Fall back to GITHUB_PERSONAL_ACCESS_TOKEN env var if no header provided - Modify client factories to extract token from request context - Add comprehensive HTTP server documentation to README This implementation is inspired by PR github#888 by @Dreadnoth, updated to work with the current codebase architecture and dependencies. Co-authored-by: Dreadnoth <[email protected]> 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
This PR adds HTTP server mode to the GitHub MCP Server, enabling multi-client support with per-request OAuth token authentication. This addresses the limitation where GitHub Enterprise Server users couldn't use OAuth forwarding with HTTP mode.
- Introduces an HTTP server command that can handle multiple concurrent clients
- Implements "bring your own token" OAuth functionality via Authorization headers
- Falls back to environment variable token when no Authorization header is provided
Reviewed Changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| internal/ghmcp/server.go | Adds HTTP server implementation with OAuth token extraction and context-aware client factories |
| cmd/github-mcp-server/main.go | Adds http command with port configuration flag |
| README.md | Documents HTTP server mode usage and OAuth token support |
| go.mod | Adds logrus dependency for HTTP server logging |
| Dockerfile | Exposes port 8080 for HTTP server mode |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
|
||
| logrusLogger := logrus.New() | ||
| if cfg.LogFilePath != "" { | ||
| file, err := os.OpenFile(cfg.LogFilePath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600) |
There was a problem hiding this comment.
[nitpick] The file permissions 0600 are appropriate for log files containing potentially sensitive information, but consider using 0640 if the log file needs to be readable by a logging service or monitoring system running under a different user in the same group.
| file, err := os.OpenFile(cfg.LogFilePath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600) | |
| file, err := os.OpenFile(cfg.LogFilePath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0640) |
Copilot uses AI. Check for mistakes.
|
Fingers crossed :) |
Co-authored-by: Copilot <[email protected]>
|
This would be really helpful to have! |
|
Yeah, we have a few PoCs running thi MCP version as server, I don't know why it was ignored |
4 participants
What does this change do
Why is this change needed
Key changes
httpcommand to start HTTP server on configurable port (default 8080)This implementation is based off PR #888 by @Dreadnoth, updated to work with the current codebase architecture and dependencies.
There have also been other attempts at solving this:
🤖 Generated with Claude Code
Closes: