您现在的位置是:网站首页> AI人工智能
三大AI协议:MCP、ACP与A2A
- AI人工智能
- 2026-05-24
- 794人已阅读
三大AI协议:MCP、ACP与A2A
MCP
Q:AI大模型Agent的MCP函数授权有接口规范吗?
A:..
Q:除用 Python编写MCP服务还有哪些语言编写比较方便出除JAVA
A:...
Q:用 Go写个MCP例子并给出调用例子
A:...
Q:加上鉴权
A:...
完整代码:Go MCP + 鉴权
main.go(直接复制运行)package main
import (
"encoding/json"
"fmt"
"log"
"net/http"
"strings"
)
// ======================
// 配置:你的 Token(生产环境从配置文件/环境变量读取)
// ======================
const (
ValidToken = "mcp-agent-2025-go-demo" // 合法 Token
AuthServerURL = "https://auth.example.com"
RequiredScope = "tools:read write"
)
// ------------------------------
// MCP JSON-RPC 标准结构
// ------------------------------
type JsonRPCRequest struct {
JsonRPC string `json:"jsonrpc"`
ID interface{} `json:"id"`
Method string `json:"method"`
Params any `json:"params,omitempty"`
}
type JsonRPCResponse struct {
JsonRPC string `json:"jsonrpc"`
ID interface{} `json:"result,omitempty"`
Result interface{} `json:"result,omitempty"`
Error interface{} `json:"error,omitempty"`
}
// ------------------------------
// MCP 工具列表
// ------------------------------
var tools = []map[string]interface{}{
{
"name": "get_weather",
"title": "获取天气",
"description": "根据城市查询实时天气",
"inputSchema": map[string]interface{}{
"type": "object",
"properties": map[string]interface{}{
"city": map[string]interface{}{
"type": "string",
"description": "城市名,例如:北京",
},
},
"required": []string{"city"},
},
"annotations": map[string]interface{}{
"scopes": []string{"tools:read"},
},
},
}
// ------------------------------
// 鉴权中间件(核心)
// ------------------------------
func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
authHeader := r.Header.Get("Authorization")
// 1. 无 Header
if authHeader == "" {
sendMCPAuthError(w)
return
}
// 2. 提取 Bearer Token
parts := strings.Split(authHeader, " ")
if len(parts) != 2 || strings.ToLower(parts[0]) != "bearer" {
sendMCPAuthError(w)
return
}
// 3. 校验 Token
if parts[1] != ValidToken {
sendMCPAuthError(w)
return
}
// 鉴权通过 → 进入业务
next(w, r)
}
}
// ------------------------------
// MCP 标准 401 鉴权拒绝响应
// ------------------------------
func sendMCPAuthError(w http.ResponseWriter) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(401)
json.NewEncoder(w).Encode(map[string]interface{}{
"error": map[string]interface{}{
"code": 401,
"message": "Unauthorized: Invalid or missing token",
},
// MCP PRM 规范:告诉客户端去哪里获取 Token
"authorization_server": AuthServerURL,
"scopes": strings.Split(RequiredScope, " "),
"token_types": []string{"Bearer"},
})
}
// ------------------------------
// MCP 业务处理
// ------------------------------
func mcpHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
var req JsonRPCRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
json.NewEncoder(w).Encode(JsonRPCResponse{
JsonRPC: "2.0",
ID: req.ID,
Error: map[string]interface{}{"code": -32700, "message": "invalid request"},
})
return
}
switch req.Method {
case "initialize":
json.NewEncoder(w).Encode(JsonRPCResponse{
JsonRPC: "2.0",
ID: req.ID,
Result: map[string]interface{}{
"protocolVersion": "1.0",
"capabilities": map[string]bool{"tools": true},
},
})
case "tools/list":
json.NewEncoder(w).Encode(JsonRPCResponse{
JsonRPC: "2.0",
ID: req.ID,
Result: map[string]interface{}{"tools": tools},
})
case "tools/call":
params, ok := req.Params.(map[string]interface{})
if !ok {
json.NewEncoder(w).Encode(JsonRPCResponse{JsonRPC: "2.0", ID: req.ID, Error: "invalid params"})
return
}
name, _ := params["name"].(string)
args, _ := params["arguments"].(map[string]interface{})
if name == "get_weather" {
city, _ := args["city"].(string)
json.NewEncoder(w).Encode(JsonRPCResponse{
JsonRPC: "2.0",
ID: req.ID,
Result: map[string]interface{}{
"content": []map[string]interface{}{
{"type": "text", "text": fmt.Sprintf("【%s】晴天,25℃,空气质量优", city)},
},
},
})
return
}
json.NewEncoder(w).Encode(JsonRPCResponse{JsonRPC: "2.0", ID: req.ID, Error: "tool not found"})
default:
json.NewEncoder(w).Encode(JsonRPCResponse{
JsonRPC: "2.0",
ID: req.ID,
Error: map[string]interface{}{"code": -32601, "message": "method not found"},
})
}
}
func main() {
http.HandleFunc("/mcp", authMiddleware(mcpHandler))
log.Println("✅ Go MCP 服务已启动(带鉴权): http://localhost:8080/mcp")
log.Println("🔑 Token:", ValidToken)
log.Fatal(http.ListenAndServe(":8080", nil))
}
调用示例(带鉴权)
1. 正常调用(带正确 Token)
bash
运行
curl http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-H "Authorization: Bearer mcp-agent-2025-go-demo" \
-d '{
"jsonrpc":"2.0",
"id":1,
"method":"tools/call",
"params": {
"name":"get_weather",
"arguments":{"city":"北京"}
}
}'
返回成功
json
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"content": [{"type":"text","text":"【北京】晴天,25℃,空气质量优"}]
}
}
2. 不带 Token → 401 拒绝(MCP 规范)
bash
运行
curl http://localhost:8080/mcp \
-H "Content-Type: application/json" \
-d '{
"jsonrpc":"2.0",
"id":1,
"method":"tools/list"
}'
返回标准 MCP 鉴权拒绝
json
{
"error": {
"code": 401,
"message": "Unauthorized: Invalid or missing token"
},
"authorization_server": "https://auth.example.com",
"scopes": ["tools:read","write"],
"token_types": ["Bearer"]
}
3. 错误 Token → 同样 401
bash
运行
curl http://localhost:8080/mcp \
-H "Authorization: Bearer wrong-token-123" \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'
这个鉴权版本符合哪些规范?
✅ MCP v1.0 安全规范
✅ OAuth 2.1 + Bearer Token
✅ PRM(Protected Resource Metadata)
✅ 401 状态码 + 标准错误格式
✅ 可直接对接 AI Agent / 大模型
上一篇:大模型本地化部署相关技术收集
下一篇:AI协助编程工具使用详解