Mikkel Georgsen
205b978b89
- OAuth 2.0 discovery at /.well-known/oauth-authorization-server - Token endpoint at /token (client_credentials grant) - Bearer token middleware on /mcp (all MCP requests require auth) - Health, ingest, and OAuth endpoints remain public - Tokens expire after 1 hour, stored hashed in memory Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
17 lines
634 B
Text
17 lines
634 B
Text
# MCP Bridge Bot credentials
|
|
# Copy to 'credentials' and fill in values
|
|
|
|
# Bot token from BotFather (create a NEW bot for the MCP bridge)
|
|
MCP_BOT_TOKEN=
|
|
|
|
# Telegram group chat ID (negative number for groups)
|
|
# Send a message in the group, then check: https://api.telegram.org/bot<TOKEN>/getUpdates
|
|
GROUP_CHAT_ID=
|
|
|
|
# (Optional) Bot ID of the existing homelab bot, for sender classification
|
|
# Find it: https://api.telegram.org/bot<HOMELAB_TOKEN>/getMe
|
|
HOMELAB_BOT_ID=8521598773
|
|
|
|
# OAuth client credentials for MCP auth (generate with: python3 -c "import secrets; print(secrets.token_urlsafe(32))")
|
|
OAUTH_CLIENT_ID=
|
|
OAUTH_CLIENT_SECRET=
|