oauth_cognito_mcp_server/
oauth_cognito_mcp_server.rs

1use oauth_provider_rs::CognitoOAuthProvider;
2use remote_mcp_kernel::{
3    config::{get_cognito_oauth_provider_config, get_cognito_domain, get_cognito_region, get_cognito_user_pool_id, get_bind_socket_addr, get_logging_level}, 
4    error::AppResult, 
5    microkernel::create_full_cognito_microkernel,
6};
7use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
8
9#[tokio::main]
10async fn main() -> AppResult<()> {
11    // Load environment variables
12    dotenv::dotenv().ok();
13
14    // Initialize tracing
15    init_tracing()?;
16
17    tracing::info!("Starting MCP OAuth server with Cognito and microkernel architecture...");
18
19    // Create Cognito OAuth provider
20    let cognito_config = get_cognito_oauth_provider_config()?;
21    let oauth_provider = CognitoOAuthProvider::new_cognito(
22        cognito_config,
23        get_cognito_domain()?,
24        get_cognito_region()?,
25        get_cognito_user_pool_id()?,
26    );
27
28    // Log configuration
29    log_startup_info();
30
31    // Create microkernel server with all handlers composed
32    let microkernel = create_full_cognito_microkernel(oauth_provider);
33
34    // Start the microkernel server
35    let bind_address = get_bind_socket_addr()?;
36    microkernel.serve(bind_address).await?;
37
38    Ok(())
39}
40
41fn init_tracing() -> AppResult<()> {
42    tracing_subscriber::registry()
43        .with(
44            tracing_subscriber::EnvFilter::try_from_default_env()
45                .unwrap_or_else(|_| get_logging_level().as_str().into()),
46        )
47        .with(tracing_subscriber::fmt::layer())
48        .init();
49
50    Ok(())
51}
52
53fn log_startup_info() {
54    use remote_mcp_kernel::config::{get_server_host, get_server_port, get_server_version, get_cognito_client_id, get_cognito_client_secret, get_cognito_domain, get_cognito_region, get_cognito_user_pool_id, get_cognito_scope};
55    
56    println!("🚀 Starting MCP OAuth server with Cognito and microkernel architecture...");
57    println!("📋 Configuration:");
58    println!("  - Architecture: Microkernel (independent handlers)");
59    println!("  - OAuth Provider: AWS Cognito");
60    println!("  - Server: {}:{}", get_server_host(), get_server_port().unwrap_or(8080));
61    println!("  - Version: {}", get_server_version());
62    println!(
63        "  - Cognito Client ID: {}",
64        if get_cognito_client_id().is_ok() {
65            "Configured"
66        } else {
67            "Not configured"
68        }
69    );
70    println!(
71        "  - Cognito Client Secret: {}",
72        match get_cognito_client_secret() {
73            Some(secret) if !secret.is_empty() => "Configured",
74            _ => "Not configured (Public Client)",
75        }
76    );
77    println!(
78        "  - Cognito Domain: {}",
79        get_cognito_domain().unwrap_or_else(|_| "Not configured".to_string())
80    );
81    println!(
82        "  - Cognito Region: {}",
83        get_cognito_region().unwrap_or_else(|_| "Not configured".to_string())
84    );
85    println!(
86        "  - Cognito User Pool ID: {}",
87        get_cognito_user_pool_id().unwrap_or_else(|_| "Not configured".to_string())
88    );
89    println!("  - Cognito Scopes: {}", get_cognito_scope());
90    println!("🔧 Handlers:");
91    println!("  - OAuth Provider (Cognito authentication & authorization)");
92    println!("  - Streamable HTTP Handler (MCP over HTTP)");
93    println!("  - SSE Handler (MCP over SSE)");
94    println!();
95    println!("🔐 Required Environment Variables:");
96    println!("  - COGNITO_CLIENT_ID: Your Cognito app client ID");
97    println!(
98        "  - COGNITO_CLIENT_SECRET: Your Cognito app client secret (optional for public clients)"
99    );
100    println!(
101        "  - COGNITO_DOMAIN: Your Cognito domain (e.g., mydomain.auth.us-east-1.amazoncognito.com)"
102    );
103    println!("  - COGNITO_REGION: AWS region (e.g., us-east-1)");
104    println!("  - COGNITO_USER_POOL_ID: Your Cognito user pool ID (e.g., us-east-1_XXXXXXXXX)");
105    println!("  - COGNITO_SCOPE: OAuth scopes (default: 'openid email profile phone')");
106    println!("  - MCP_HOST: Server host (default: localhost)");
107    println!("  - MCP_PORT: Server port (default: 8080)");
108    println!();
109    println!("🌐 OAuth 2.0 Endpoints:");
110    let cognito_domain = get_cognito_domain().unwrap_or_else(|_| "Not configured".to_string());
111    println!(
112        "  - Authorization: https://{}/oauth2/authorize",
113        cognito_domain
114    );
115    println!(
116        "  - Token: https://{}/oauth2/token",
117        cognito_domain
118    );
119    println!(
120        "  - JWKS: https://{}/oauth2/jwks",
121        cognito_domain
122    );
123    println!(
124        "  - UserInfo: https://{}/oauth2/userInfo",
125        cognito_domain
126    );
127    println!();
128}
oauth_cognito_mcp_server/oauth_cognito_mcp_server.rs

oauth_cognito_mcp_server/
oauth_cognito_mcp_server.rs
