From 874e11b9e74f12666a23260b55e0eea6fee8eda0 Mon Sep 17 00:00:00 2001
From: denazi <idenazi@ece.upatras.gr>
Date: Mon, 2 Feb 2026 13:09:01 +0200
Subject: [PATCH] Issue #7: Fix MCP BE Authorization issue with MCP server

---
 .../configuration/McpConfiguration.java       | 27 ++++++++++++-------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/src/main/java/org/etsi/osl/mcp/backend/configuration/McpConfiguration.java b/src/main/java/org/etsi/osl/mcp/backend/configuration/McpConfiguration.java
index 87ca06c..1737d6d 100644
--- a/src/main/java/org/etsi/osl/mcp/backend/configuration/McpConfiguration.java
+++ b/src/main/java/org/etsi/osl/mcp/backend/configuration/McpConfiguration.java
@@ -1,9 +1,16 @@
 package org.etsi.osl.mcp.backend.configuration;
 
+import org.springaicommunity.mcp.security.client.sync.AuthenticationMcpTransportContextProvider;
+import org.springaicommunity.mcp.security.client.sync.oauth2.http.client.OAuth2AuthorizationCodeSyncHttpRequestCustomizer;
+import org.springframework.ai.mcp.customizer.McpSyncClientCustomizer;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
 
+import io.modelcontextprotocol.client.transport.customizer.McpSyncHttpClientRequestCustomizer;
+
 /**
  * @author Daniel Garnier-Moiroux
  */
@@ -13,17 +20,17 @@ class McpConfiguration {
     // Disabled OAuth2 customization for MCP client - not needed for JWT-based API
     // The MCP server connection doesn't need OAuth2 authentication
     
-    // @Bean
-    // McpSyncHttpClientRequestCustomizer requestCustomizer(OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager,
-    //         ClientRegistrationRepository clientRegistrationRepository) {
-    //     var registrationId = findUniqueClientRegistration(clientRegistrationRepository);
-    //     return new OAuth2AuthorizationCodeSyncHttpRequestCustomizer(oAuth2AuthorizedClientManager, registrationId);
-    // }
+    @Bean
+    McpSyncHttpClientRequestCustomizer requestCustomizer(OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager,
+            ClientRegistrationRepository clientRegistrationRepository) {
+        var registrationId = findUniqueClientRegistration(clientRegistrationRepository);
+        return new OAuth2AuthorizationCodeSyncHttpRequestCustomizer(oAuth2AuthorizedClientManager, registrationId);
+    }
 
-    // @Bean
-    // McpSyncClientCustomizer syncClientCustomizer() {
-    //     return (name, syncSpec) -> syncSpec.transportContextProvider(new AuthenticationMcpTransportContextProvider());
-    // }
+    @Bean
+    McpSyncClientCustomizer syncClientCustomizer() {
+        return (name, syncSpec) -> syncSpec.transportContextProvider(new AuthenticationMcpTransportContextProvider());
+    }
 
     /**
      * Returns the ID of the {@code spring.security.oauth2.client.registration}, if
-- 
GitLab