[minimcp][examples] Add web framework examples with authentication

- Add issue tracker MCP with scope-based auth
- Add FastAPI integration example
- Add Django WSGI integration example

Author: sreenaths

examples/minimcp/web_frameworks/django_wsgi_server_with_auth.py

@@ -0,0 +1,131 @@
+#!/usr/bin/env python3
+# pyright: basic
+# pyright: reportMissingImports=false
+
+"""
+Django WSGI HTTP MCP Server with Basic Authentication
+This example demonstrates how to create a minimal MCP server with Django using HTTP transport. It shows
+how to interface MiniMCP with Django, and shows how to use scope to pass authenticated user details that
+can be accessed inside the handler functions.
+
+MiniMCP provides a powerful scope object mechanism that can be used to pass any type of extra information
+to be used in the handler functions.
+
+How to run:
+    # Start the server (default: http://127.0.0.1:8000)
+    uv run --with django --with djangorestframework \
+        python examples/minimcp/web_frameworks/django_wsgi_server_with_auth.py runserver
+
+Testing with basic auth (Not validated, any username/password will work):
+
+    # 1. Ping the MCP server
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc": "2.0", "id": "1", "method": "ping"}'
+
+    # 2. List tools
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/list","params":{}}'
+
+    # 3. Create an issue
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/call",
+            "params":{"name":"create_issue","arguments":{"title":"First issue","description":"Issue description"}}}'
+
+    # 4. Read the issue
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/call",
+            "params":{"name":"read_issue","arguments":{"issue_id":"MCP-1"}}}'
+
+    # 5. Delete the issue
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/call",
+            "params":{"name":"delete_issue","arguments":{"issue_id":"MCP-1"}}}'
+
+"""
+
+from collections.abc import Mapping
+from http import HTTPStatus
+from typing import cast
+
+import django
+from django.conf import settings
+from django.core.management import execute_from_command_line
+from django.http import HttpRequest, HttpResponse
+from django.urls import path
+from issue_tracker_mcp import Scope, mcp_transport
+from rest_framework.authentication import BasicAuthentication
+from rest_framework.exceptions import AuthenticationFailed
+
+from mcp.server.minimcp.types import MESSAGE_ENCODING
+
+# --- Minimal Django Setup ---
+settings.configure(
+    SECRET_KEY="dev",
+    ROOT_URLCONF=__name__,
+    ALLOWED_HOSTS=["*"],
+    MIDDLEWARE=["django.middleware.common.CommonMiddleware"],
+    INSTALLED_APPS=["rest_framework"],
+)
+
+django.setup()
+
+
+class DemoAuth(BasicAuthentication):
+    """Basic authentication that extracts username."""
+
+    def authenticate_credentials(self, userid, password, request=None):
+        return (userid, None)
+
+    def get_username(self, request: HttpRequest) -> str | None:
+        try:
+            auth_result = self.authenticate(request)
+            if auth_result:
+                return auth_result[0]
+        except AuthenticationFailed:
+            return None
+
+
+# --- MCP View ---
+async def mcp_view(request: HttpRequest) -> HttpResponse:
+    """Handle MCP requests with scope containing authenticated user."""
+
+    username = DemoAuth().get_username(request)
+    if not username:
+        return HttpResponse(b"Authentication required", status=HTTPStatus.UNAUTHORIZED)
+
+    # Prepare request for MCP transport
+    body_str = request.body.decode(MESSAGE_ENCODING) if request.body else ""
+    headers = cast(Mapping[str, str], request.headers)
+    method = request.method or "POST"
+
+    # Dispatch to MCP transport
+    scope = Scope(user_name=username)
+    response = await mcp_transport.dispatch(method, headers=headers, body=body_str, scope=scope)
+
+    # Prepare response for Django
+    content = response.content.encode(MESSAGE_ENCODING) if response.content else b""
+    return HttpResponse(content, status=response.status_code, headers=response.headers)
+
+
+# --- Start Server ---
+urlpatterns = [
+    path("mcp", mcp_view),
+]
+
+if __name__ == "__main__":
+    execute_from_command_line()

examples/minimcp/web_frameworks/fastapi_http_server_with_auth.py

@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+# pyright: basic
+# pyright: reportMissingImports=false
+
+"""
+FastAPI HTTP MCP Server with Auth
+This example demonstrates how to create a minimal MCP server with FastAPI using HTTP transport. It shows
+how to use scope to pass extra information that can be accessed inside the handler functions. It also shows
+how to use FastAPI's dependency injection along with MiniMCP. It uses FastAPI's HTTPBasic authentication
+middleware to extract the user information from the request.
+
+MiniMCP provides a powerful scope object mechanism, and can be used to pass any type of extra information
+to the handler functions.
+
+How to run:
+    # Start the server (default: http://127.0.0.1:8000)
+    uv run --with fastapi uvicorn examples.minimcp.web_frameworks.fastapi_http_server_with_auth:app
+
+Testing with basic auth (Not validated, any username/password will work):
+
+    # 1. Ping the MCP server
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc": "2.0", "id": "1", "method": "ping"}'
+
+    # 2. List tools
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/list","params":{}}'
+
+    # 2. Create an issue
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/call",
+            "params":{"name":"create_issue","arguments":{"title":"First issue","description":"Issue description"}}}'
+
+    # 3. Read the issue
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/call",
+            "params":{"name":"read_issue","arguments":{"issue_id":"MCP-1"}}}'
+
+    # 4. Delete the issue
+    curl -X POST http://127.0.0.1:8000/mcp \
+        -u admin:admin \
+        -H "Content-Type: application/json" \
+        -H "Accept: application/json" \
+        -d '{"jsonrpc":"2.0","id":"1","method":"tools/call",
+            "params":{"name":"delete_issue","arguments":{"issue_id":"MCP-1"}}}'
+
+"""
+
+from fastapi import Depends, FastAPI, Request
+from fastapi.security import HTTPBasic, HTTPBasicCredentials
+
+from .issue_tracker_mcp import Scope, mcp_transport
+
+# --- FastAPI Application ---
+app = FastAPI()
+security = HTTPBasic()
+
+
+@app.post("/mcp")
+async def mcp(request: Request, credentials: HTTPBasicCredentials = Depends(security)):
+    scope = Scope(user_name=credentials.username)
+    return await mcp_transport.starlette_dispatch(request, scope)

examples/minimcp/web_frameworks/issue_tracker_mcp.py

@@ -0,0 +1,82 @@
+"""
+A dummy issue tracker MCP server.
+It provides tools to create, read, and delete issues.
+"""
+
+import time
+
+from pydantic import BaseModel
+
+from mcp.server.minimcp import HTTPTransport, MiniMCP
+
+# --- Schemas ---
+
+
+class Issue(BaseModel):
+    id: str
+    title: str
+    description: str
+    owner_user_name: str
+    created_at: int
+
+
+# MiniMCP provides a powerful scope object mechanism. Its generic and can be typed by the user. It can be used
+# to pass any type of extra information to the handler functions. In this example, we use it to pass the current
+# user name to the handler functions.
+class Scope(BaseModel):
+    user_name: str
+
+
+# --- MCP ---
+
+mcp = MiniMCP[Scope](
+    name="IssueTrackerMCP",
+    version="0.1.0",
+    instructions="An issue tracker MCP server that provides tools to create, read and delete issues.",
+)
+mcp_transport = HTTPTransport(mcp)
+
+issues: dict[str, Issue] = {}
+
+
+@mcp.tool()
+def create_issue(title: str, description: str) -> Issue:
+    # Get the current user id from the scope
+    current_user_name = mcp.context.get_scope().user_name
+
+    # Create a new issue
+    id = f"MCP-{len(issues) + 1}"
+    new_issue = Issue(
+        id=id,
+        title=title,
+        description=description,
+        owner_user_name=current_user_name,
+        created_at=int(time.time()),
+    )
+    issues[id] = new_issue
+
+    return new_issue
+
+
+@mcp.tool()
+def read_issue(issue_id: str) -> Issue:
+    if issue_id not in issues:
+        raise ValueError(f"Issue {issue_id} not found")
+
+    return issues[issue_id]
+
+
+@mcp.tool()
+def delete_issue(issue_id: str) -> str:
+    if issue_id not in issues:
+        raise ValueError(f"Issue {issue_id} not found")
+
+    # User check - Only the owner of the issue can delete it
+    current_user_name = mcp.context.get_scope().user_name
+    if issues[issue_id].owner_user_name != current_user_name:
+        raise ValueError(f"You are not the owner of issue {issue_id}")
+
+    # Delete the issue
+    del issues[issue_id]
+
+    return "Issue deleted successfully"