add authorizer plugin to enable fine grained authorization checks on …

[davemssavage]

Enable fine grained authorization checks for tools/resources/prompts

Motivation and Context

#1031

Advanced use cases for authorization require fine grained permissions checks, this patch enables a plugin to be provided to the FastMCP server to check if the caller has permission to get/list/call.

The intention is to combine this with auth_context_var to retrieve mcp.server.auth.middleware.bearer_auth.AuthenticatedUser that is performing the action

How Has This Been Tested?

Unit tests so far

Breaking Changes

None

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update

Checklist

• I have read the MCP Documentation
• My code follows the repository's style guidelines
• New and existing tests pass locally
• I have added appropriate error handling
• I have added or updated documentation as needed

Additional context

Minimal unit tests so far as this is a draft to check if it works as expected when deployed
The behaviour has been implemented such that a permission failure is indistinguisable to the caller from a non existant item in order to prevent leaking information about the existence or not of the tool/prompt/resource