Evaluate MCP SDK OAuth 2.0 auth for central/remote deployment

[krisrowe]

Summary

The official MCP Python SDK (mcp v1.24.0+) includes a full OAuth 2.0 Authorization Server implementation in mcp.server.auth. This could enable hosting gwsa as a central remote MCP server with proper client/user authentication, rather than only supporting local single-user stdio transport.

What the SDK Provides

Auth Module (mcp.server.auth)

Component	Purpose
OAuthAuthorizationServerProvider	Protocol to implement OAuth 2.0 AS
BearerAuthBackend	Starlette backend validating Authorization: Bearer headers
RequireAuthMiddleware	ASGI middleware enforcing auth + required scopes
TokenVerifier	Protocol for token verification

OAuth 2.0 Endpoints (via handlers)

• /authorize - authorization endpoint
• /token - token exchange (auth code → access, refresh token rotation)
• /register - Dynamic Client Registration (DCR)
• /revoke - token revocation

Transport Options

• Current: stdio (local single-user)
• Remote: SSE or Streamable HTTP transport with OAuth

Potential Integration Approach

1. Implement OAuthAuthorizationServerProvider that proxies to Google OAuth (similar to existing profile-based auth, but for MCP clients)
2. Add SSE/HTTP transport option alongside existing stdio
3. Configuration flag to enable remote mode with auth
4. Map Google OAuth scopes to MCP tool access (e.g., mail:read scope required for email tools)

Questions to Evaluate

• How does MCP client identity map to Google user identity?
• Should we use DCR or pre-register known clients?
• Token storage: reuse existing profile system or separate?
• How to handle multi-user scenarios (one MCP server, multiple Google accounts)?
• What's the right scope granularity for MCP tools?

References

• MCP Python SDK
• SDK auth module: mcp.server.auth.provider, mcp.server.auth.middleware