chore: switch ngrok helper to oauth-based auth

2025-10-11 07:10:01 +02:00 · 2025-10-11 07:10:01 +02:00 · 1d1dd262c6
parent 63a3f41726
commit 1d1dd262c6
2 changed files with 48 additions and 18 deletions
--- a/docs/NGROK.md
+++ b/docs/NGROK.md
@ -2,12 +2,14 @@

 The `scripts/run_mcp_ngrok.sh` helper launches `mcp-browser` in
 streamable-http mode and exposes it through an ngrok tunnel. By default it uses
-the `builtin-only` server profile so only the minimal proxy tools are visible.
+whatever server is marked as default in your configuration (or you can specify
+one explicitly with `--server`).

 ```bash
 ./scripts/run_mcp_ngrok.sh \
  --allow-origin https://platform.openai.com \
-  --ngrok-basic-auth "user:pass"
+  --ngrok-oauth-provider google \
+  --ngrok-oauth-allow-email you@example.com
 ```

 Key behaviours:
@ -25,8 +27,9 @@ Useful options:
 - `--config ~/.claude/mcp-browser/config.yaml` – point at a custom config file.
 - `--ngrok-region eu` or `--ngrok-domain your-name.ngrok.app` – choose a region
  or reserved domain.
- `--ngrok-basic-auth user:pass` – require HTTP basic auth. Strongly recommended
-  if the tunnel is exposed to the public.
+- `--ngrok-oauth-provider google --ngrok-oauth-allow-email you@example.com` –
+  gate the tunnel behind ngrok’s OAuth support (recommended when exposing the
+  gateway).

 Additional `mcp-browser` arguments can be passed after `--`, for example to
 connect to a streamable HTTP upstream:
@ -37,5 +40,6 @@ connect to a streamable HTTP upstream:
  --transport-url http://127.0.0.1:12306/mcp
 ```

-The resulting public URL terminates at `/mcp`. Configure your MCP client (e.g.
-OpenAI’s MCP interface) with that URL and the optional basic auth credentials.
+The resulting public URL terminates at `/mcp` and is served via HTTPS by ngrok
+automatically. Configure your MCP client (e.g. OpenAI’s MCP interface) with
+that URL plus any OAuth restrictions you defined.
--- a/scripts/run_mcp_ngrok.sh
+++ b/scripts/run_mcp_ngrok.sh
@ -1,18 +1,17 @@
 #!/usr/bin/env bash
 set -euo pipefail
-set -x

 usage() {
  cat <<'USAGE'
 Usage: run_mcp_ngrok.sh [options] [-- additional mcp-browser args]

 Launch mcp-browser in streamable-http mode and expose it via an ngrok HTTPS
-endpoint. Designed to publish only the minimal built-in API (builtin-only
-server) unless overridden.
+endpoint. By default it uses the configured default MCP server, but you can
+override that with --server if needed.

 Options:
  --config PATH            Path to mcp-browser config file.
-  --server NAME            Server entry to use (default: builtin-only).
+  --server NAME            Server entry to use (optional).
  --http-host HOST         Local interface for the gateway (default: 127.0.0.1).
  --http-port PORT         Local port for the gateway (default: auto).
  --http-path PATH         HTTP path prefix (default: /mcp).
@ -20,7 +19,10 @@ Options:
                           (default: https://platform.openai.com).
  --ngrok-domain DOMAIN    Reserved ngrok domain to use (optional).
  --ngrok-region REGION    ngrok region code (optional).
-  --ngrok-basic-auth USER:PASS  Require HTTP basic auth on the tunnel.
+  --ngrok-oauth-provider PROVIDER   Enable ngrok OAuth (e.g. google, github).
+  --ngrok-oauth-allow-email EMAIL  Restrict OAuth to a specific email (repeatable).
+  --ngrok-oauth-allow-domain DOMAIN Restrict OAuth to an email domain (repeatable).
+  --ngrok-oauth-scope SCOPE        Additional OAuth scope (repeatable).
  --ngrok-inspect true|false    Enable ngrok inspector (default: false).
  --mcp-arg ARG             Extra argument passed to mcp-browser (repeatable).
  --ngrok-arg ARG           Extra argument passed to ngrok (repeatable).
@ -37,13 +39,17 @@ USAGE
 MCP_BIN=${MCP_BROWSER_BIN:-mcp-browser}
 NGROK_BIN=${NGROK_BIN:-ngrok}
 CONFIG_PATH=""
+SERVER_NAME=""
 HTTP_HOST="127.0.0.1"
 HTTP_PORT=""
 HTTP_PATH="/mcp"
 ALLOW_ORIGIN="https://platform.openai.com"
 NGROK_DOMAIN=""
 NGROK_REGION=""
-NGROK_BASIC_AUTH=""
+NGROK_OAUTH_PROVIDER=""
+NGROK_OAUTH_ALLOW_EMAILS=()
+NGROK_OAUTH_ALLOW_DOMAINS=()
+NGROK_OAUTH_SCOPES=()
 NGROK_INSPECT="false"
 MCP_EXTRA_ARGS=()
 NGROK_EXTRA_ARGS=()
@ -52,6 +58,8 @@ while [[ $# -gt 0 ]]; do
  case "$1" in
    --config)
      CONFIG_PATH=$2; shift 2;;
+    --server)
+      SERVER_NAME=$2; shift 2;;
    --http-host)
      HTTP_HOST=$2; shift 2;;
    --http-port)
@ -64,8 +72,14 @@ while [[ $# -gt 0 ]]; do
      NGROK_DOMAIN=$2; shift 2;;
    --ngrok-region)
      NGROK_REGION=$2; shift 2;;
-    --ngrok-basic-auth)
-      NGROK_BASIC_AUTH=$2; shift 2;;
+    --ngrok-oauth-provider)
+      NGROK_OAUTH_PROVIDER=$2; shift 2;;
+    --ngrok-oauth-allow-email)
+      NGROK_OAUTH_ALLOW_EMAILS+=("$2"); shift 2;;
+    --ngrok-oauth-allow-domain)
+      NGROK_OAUTH_ALLOW_DOMAINS+=("$2"); shift 2;;
+    --ngrok-oauth-scope)
+      NGROK_OAUTH_SCOPES+=("$2"); shift 2;;
    --ngrok-inspect)
      NGROK_INSPECT=$2; shift 2;;
    --mcp-arg)
@ -115,10 +129,13 @@ HTTP_PATH="/${HTTP_PATH#/}"
 MCP_CMD=("$MCP_BIN" --mode streamable-http \
         --http-host "$HTTP_HOST" --http-port "$HTTP_PORT" \
         --http-path "$HTTP_PATH" --http-allow-origin "$ALLOW_ORIGIN")
+if [[ -n "$SERVER_NAME" ]]; then
+  MCP_CMD+=(--server "$SERVER_NAME")
+fi
 if [[ -n "$CONFIG_PATH" ]]; then
  MCP_CMD+=(--config "$CONFIG_PATH")
 fi
-#[[ ${#MCP_EXTRA_ARGS[@]} -gt 0 ]] && MCP_CMD+=("${MCP_EXTRA_ARGS[@]}")
+[[ ${#MCP_EXTRA_ARGS[@]} -gt 0 ]] && MCP_CMD+=("${MCP_EXTRA_ARGS[@]}")

 MCP_LOG=$(mktemp -t mcp-browser-gateway.XXXXXX.log)
 NGROK_LOG=$(mktemp -t ngrok-mcp.XXXXXX.log)
@ -152,7 +169,7 @@ if [[ $? -ne 0 ]]; then
  exit 1
 fi

-NGROK_CMD=("$NGROK_BIN" http --scheme=http "http://$HTTP_HOST:$HTTP_PORT")
+NGROK_CMD=("$NGROK_BIN" http "http://$HTTP_HOST:$HTTP_PORT")
 NGROK_CMD+=(--request-header-add "X-MCP-Gateway:true")
 NGROK_CMD+=(--response-header-add "Cache-Control:no-store")
 NGROK_CMD+=(--inspect="$NGROK_INSPECT")
@ -162,8 +179,17 @@ fi
 if [[ -n "$NGROK_REGION" ]]; then
  NGROK_CMD+=(--region "$NGROK_REGION")
 fi
-if [[ -n "$NGROK_BASIC_AUTH" ]]; then
-  NGROK_CMD+=(--basic-auth "$NGROK_BASIC_AUTH")
+if [[ -n "$NGROK_OAUTH_PROVIDER" ]]; then
+  NGROK_CMD+=(--oauth="$NGROK_OAUTH_PROVIDER")
+  for email in "${NGROK_OAUTH_ALLOW_EMAILS[@]}"; do
+    NGROK_CMD+=(--oauth-allow-email "$email")
+  done
+  for domain in "${NGROK_OAUTH_ALLOW_DOMAINS[@]}"; do
+    NGROK_CMD+=(--oauth-allow-domain "$domain")
+  done
+  for scope in "${NGROK_OAUTH_SCOPES[@]}"; do
+    NGROK_CMD+=(--oauth-scope "$scope")
+  done
 fi
 [[ ${#NGROK_EXTRA_ARGS[@]} -gt 0 ]] && NGROK_CMD+=("${NGROK_EXTRA_ARGS[@]}")