Enhancement
Problem
get_access_token() returns an AccessToken object which does not contain a subject property.
|
return AccessToken( |
|
token=access_token_as_dict["token"], |
|
client_id=access_token_as_dict["client_id"], |
|
scopes=access_token_as_dict["scopes"], |
|
# Optional fields |
|
expires_at=access_token_as_dict.get("expires_at"), |
|
resource=access_token_as_dict.get("resource"), |
|
claims=access_token_as_dict.get("claims") or {}, |
|
) |
This makes early logging for authentication incomplete (and in my case made my troubleshooting of auth issue quite tedious).
Reproduction
Just invoke get_access_token() and print the output. It will return an AccessToken with the property subject set to None despite having a "sub" in the actual access token returned by the authorization server.
Expected
As per RFC9068 - RFC JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens the "sub" claim is REQUIRED and must be provided by the authorization server. I suggest subject should be set with subject=access_token_as_dict["subject"],.
Enhancement
Problem
get_access_token()returns anAccessTokenobject which does not contain asubjectproperty.fastmcp/fastmcp_slim/fastmcp/server/dependencies.py
Lines 519 to 527 in 0f4f78c
This makes early logging for authentication incomplete (and in my case made my troubleshooting of auth issue quite tedious).
Reproduction
Just invoke
get_access_token()and print the output. It will return anAccessTokenwith the property subject set toNonedespite having a "sub" in the actual access token returned by the authorization server.Expected
As per RFC9068 - RFC JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens the "sub" claim is REQUIRED and must be provided by the authorization server. I suggest
subjectshould be set withsubject=access_token_as_dict["subject"],.