Documentation
¶
Index ¶
- Variables
- func DefaultMCPAuthStatusFromConfig(cfg spec.MCPServerConfig) spec.MCPAuthStatus
- func MergeMCPAuthStatus(st spec.MCPAuthStatus, cfg spec.MCPServerConfig) spec.MCPAuthStatus
- func ValidateOAuthClientCredentialsSecret(raw string, requireClientSecret bool) error
- type AuthManager
- func (m *AuthManager) BuildAuthHealth(ctx context.Context, cfg spec.MCPServerConfig) spec.MCPAuthHealth
- func (m *AuthManager) ClearAuthStatus(bundleID bundleitemutils.BundleID, serverID spec.MCPServerID)
- func (m *AuthManager) ClearAuthStatuses()
- func (m *AuthManager) GetAuthStatus(bundleID bundleitemutils.BundleID, serverID spec.MCPServerID) (spec.MCPAuthStatus, bool)
- func (m *AuthManager) PrepareTransportAuth(ctx context.Context, cfg spec.MCPServerConfig) (ResolvedTransportAuth, error)
- func (m *AuthManager) SaveAuthStatus(ctx context.Context, st spec.MCPAuthStatus) error
- type AuthManagerOption
- type AuthStatusSink
- type OAuthAuthorizationBroker
- type OAuthAuthorizationRequest
- type OAuthAuthorizationResult
- type OAuthLoopbackBroker
- func (b *OAuthLoopbackBroker) Cancel(bundleID bundleitemutils.BundleID, serverID spec.MCPServerID) bool
- func (b *OAuthLoopbackBroker) Close() error
- func (b *OAuthLoopbackBroker) FetchAuthorizationCode(ctx context.Context, req OAuthAuthorizationRequest) (*OAuthAuthorizationResult, error)
- func (b *OAuthLoopbackBroker) ListenAddr() string
- func (b *OAuthLoopbackBroker) Pending() []spec.MCPOAuthAuthorization
- func (b *OAuthLoopbackBroker) RedirectURL() string
- func (b *OAuthLoopbackBroker) ServeHTTP(w http.ResponseWriter, r *http.Request)
- type OAuthLoopbackBrokerOptions
- type OAuthTokenStore
- type ResolvedTransportAuth
- type SecretRedactor
- type SecretResolver
- type StaticSecretResolver
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrOAuthTokenNotFound = errors.New("oauth token not found")
Functions ¶
func DefaultMCPAuthStatusFromConfig ¶
func DefaultMCPAuthStatusFromConfig(cfg spec.MCPServerConfig) spec.MCPAuthStatus
func MergeMCPAuthStatus ¶
func MergeMCPAuthStatus(st spec.MCPAuthStatus, cfg spec.MCPServerConfig) spec.MCPAuthStatus
Types ¶
type AuthManager ¶
type AuthManager struct {
// contains filtered or unexported fields
}
func NewAuthManager ¶
func NewAuthManager(secrets SecretResolver, opts ...AuthManagerOption) *AuthManager
func (*AuthManager) BuildAuthHealth ¶ added in v0.1.20
func (m *AuthManager) BuildAuthHealth(ctx context.Context, cfg spec.MCPServerConfig) spec.MCPAuthHealth
BuildAuthHealth returns the user-facing auth health for a server.
Important storage model:
- OAuth authorization-code tokens are process-local. After app restart, OAuth should show authorization-needed unless a new authorization is pending in the loopback broker.
- PAT/API-key values are explicit user-provided secrets and are represented by streamableHttp.secretHeaderRefs. Those are persistent config secrets.
This function derives "configured" from the current server config and then overlays process-local runtime status and pending OAuth broker state.
func (*AuthManager) ClearAuthStatus ¶
func (m *AuthManager) ClearAuthStatus(bundleID bundleitemutils.BundleID, serverID spec.MCPServerID)
func (*AuthManager) ClearAuthStatuses ¶
func (m *AuthManager) ClearAuthStatuses()
func (*AuthManager) GetAuthStatus ¶
func (m *AuthManager) GetAuthStatus( bundleID bundleitemutils.BundleID, serverID spec.MCPServerID, ) (spec.MCPAuthStatus, bool)
func (*AuthManager) PrepareTransportAuth ¶
func (m *AuthManager) PrepareTransportAuth( ctx context.Context, cfg spec.MCPServerConfig, ) (ResolvedTransportAuth, error)
func (*AuthManager) SaveAuthStatus ¶
func (m *AuthManager) SaveAuthStatus(ctx context.Context, st spec.MCPAuthStatus) error
type AuthManagerOption ¶
type AuthManagerOption func(*AuthManager)
func WithAuthHTTPClient ¶
func WithAuthHTTPClient(client *http.Client) AuthManagerOption
func WithOAuthAuthorizationBroker ¶
func WithOAuthAuthorizationBroker(broker OAuthAuthorizationBroker) AuthManagerOption
func WithOAuthRedirectURL ¶
func WithOAuthRedirectURL(redirectURL string) AuthManagerOption
func WithOAuthTokenStore ¶ added in v0.1.20
func WithOAuthTokenStore(store OAuthTokenStore) AuthManagerOption
type AuthStatusSink ¶
type AuthStatusSink interface {
SaveAuthStatus(ctx context.Context, st spec.MCPAuthStatus) error
}
type OAuthAuthorizationBroker ¶
type OAuthAuthorizationBroker interface {
FetchAuthorizationCode(
ctx context.Context,
req OAuthAuthorizationRequest,
) (*OAuthAuthorizationResult, error)
}
type OAuthAuthorizationRequest ¶
type OAuthAuthorizationRequest struct {
BundleID string
ServerID spec.MCPServerID
AuthorizationURL string
}
type OAuthLoopbackBroker ¶
type OAuthLoopbackBroker struct {
// contains filtered or unexported fields
}
func NewOAuthLoopbackBroker ¶
func NewOAuthLoopbackBroker(ctx context.Context, opts *OAuthLoopbackBrokerOptions) (*OAuthLoopbackBroker, error)
func (*OAuthLoopbackBroker) Cancel ¶
func (b *OAuthLoopbackBroker) Cancel(bundleID bundleitemutils.BundleID, serverID spec.MCPServerID) bool
func (*OAuthLoopbackBroker) Close ¶
func (b *OAuthLoopbackBroker) Close() error
func (*OAuthLoopbackBroker) FetchAuthorizationCode ¶
func (b *OAuthLoopbackBroker) FetchAuthorizationCode( ctx context.Context, req OAuthAuthorizationRequest, ) (*OAuthAuthorizationResult, error)
func (*OAuthLoopbackBroker) ListenAddr ¶ added in v0.1.13
func (b *OAuthLoopbackBroker) ListenAddr() string
func (*OAuthLoopbackBroker) Pending ¶
func (b *OAuthLoopbackBroker) Pending() []spec.MCPOAuthAuthorization
func (*OAuthLoopbackBroker) RedirectURL ¶
func (b *OAuthLoopbackBroker) RedirectURL() string
func (*OAuthLoopbackBroker) ServeHTTP ¶
func (b *OAuthLoopbackBroker) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthTokenStore ¶ added in v0.1.20
type ResolvedTransportAuth ¶
type ResolvedTransportAuth struct {
Env map[string]string
Headers map[string]string
SensitiveValues []string
Status spec.MCPAuthStatus
OAuthHandler mcpAuth.OAuthHandler
}
type SecretRedactor ¶
type SecretRedactor struct {
// contains filtered or unexported fields
}
func NewSecretRedactor ¶
func NewSecretRedactor(resolved ResolvedTransportAuth) *SecretRedactor
func (*SecretRedactor) Redact ¶
func (r *SecretRedactor) Redact(s string) string
type SecretResolver ¶
type StaticSecretResolver ¶
func (StaticSecretResolver) ResolveSecret ¶
Click to show internal directories.
Click to hide internal directories.