fix: generate callback uri dinamically

config.toml

@@ -62,4 +62,3 @@ oauth_whitelist_domains = ["localhost", "yourdomain.com"]
 [auth]
 client_id = "YOUR_CLIENT_ID"
 client_secret = "YOUR_CLIENT_SECRET"
-redirect_uri = "http://localhost:8080/callback" # Cambia a prod

src/mcp_app/config.py

@@ -137,7 +137,7 @@ class AuthConfig(BaseSettings):
 
     client_id: str
     client_secret: str
-    redirect_uri: str
+    redirect_uri: str | None = None
 
 
 class Configuration(BaseModel):

src/mcp_app/fastapi_app.py

@@ -10,7 +10,7 @@
 from typing import Any
 
 import httpx
-from fastapi import FastAPI
+from fastapi import FastAPI, Request
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import JSONResponse, RedirectResponse, Response
 from mcp.server import FastMCP
@@ -162,7 +162,7 @@ async def _read_root(self) -> dict[str, str]:
         )  # pragma: no cover
         return {"message": f"Hello from {server_name}"}  # pragma: no cover
 
-    async def _login(self) -> Response:
+    async def _login(self, request: Request) -> Response:
         """Redirect to Auth0 login."""
         if (
             not self.config
@@ -178,14 +178,15 @@ async def _login(self) -> Response:
             f"{local_config.issuer}authorize?"
             f"client_id={self.config.auth.client_id}&"
             "response_type=code&"
-            f"redirect_uri={self.config.auth.redirect_uri}&"
+            f"redirect_uri={request.base_url}callback&"
             "scope=openid profile email&"
             f"audience={local_config.audience}"
         )
         return RedirectResponse(auth_url)
 
     async def _callback(
         self,
+        request: Request,
         code: str | None = None,
         error: str | None = None,
         error_description: str | None = None,
@@ -214,7 +215,7 @@ async def _callback(
             "client_id": self.config.auth.client_id,
             "client_secret": self.config.auth.client_secret,
             "code": code,
-            "redirect_uri": self.config.auth.redirect_uri,
+            "redirect_uri": f"{request.base_url}callback",
         }
         async with httpx.AsyncClient() as client:
             response = await client.post(token_url, data=data, timeout=10.0)

tests/test_main.py

@@ -202,7 +202,6 @@ def test_login_success() -> None:
     # Mock valid config
     mock_auth = MagicMock()
     mock_auth.client_id = "test_client_id"
-    mock_auth.redirect_uri = "http://localhost/callback"
 
     mock_local = MagicMock()
     mock_local.issuer = "https://test.auth0.com/"
@@ -231,7 +230,7 @@ def test_login_success() -> None:
     location = response.headers.get("location", "")
     assert "https://test.auth0.com/authorize?" in location
     assert "client_id=test_client_id" in location
-    assert "redirect_uri=http://localhost/callback" in location
+    assert "redirect_uri=http://testserver/callback" in location
     assert "audience=test_audience" in location