feat: enhanced authentication logging for better debugging (fixes #22, #16)

- Added specific error reasons for auth failures: no_auth_header, invalid_auth_format, invalid_token - Fixed AUTH_TOKEN_FILE support in Docker production stacks (issue #16) - Added AUTH_TOKEN_FILE support to single-session HTTP server for consistency - Enhanced security by removing token lengths from logs - Added token trimming and empty token validation - Updated Docker entrypoint to properly support AUTH_TOKEN_FILE - Bumped version to 2.7.10 This improves debugging for mcp-remote authentication issues and enables proper Docker secrets usage in production environments. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-07 23:19:35 +02:00
parent 6f11d339ca
commit 87f0cfc4dc
8 changed files with 169 additions and 29 deletions
--- a/docker/docker-entrypoint.sh
+++ b/docker/docker-entrypoint.sh
@@ -2,8 +2,14 @@
 set -e

 # Environment variable validation
-if [ "$MCP_MODE" = "http" ] && [ -z "$AUTH_TOKEN" ]; then
-    echo "ERROR: AUTH_TOKEN is required for HTTP mode"
+if [ "$MCP_MODE" = "http" ] && [ -z "$AUTH_TOKEN" ] && [ -z "$AUTH_TOKEN_FILE" ]; then
+    echo "ERROR: AUTH_TOKEN or AUTH_TOKEN_FILE is required for HTTP mode"
+    exit 1
+fi
+
+# Validate AUTH_TOKEN_FILE if provided
+if [ -n "$AUTH_TOKEN_FILE" ] && [ ! -f "$AUTH_TOKEN_FILE" ]; then
+    echo "ERROR: AUTH_TOKEN_FILE specified but file not found: $AUTH_TOKEN_FILE"
    exit 1
 fi