Documentation
¶
Index ¶
- type AuthenticationProvider
- type ContextKey
- type OAuthAuthenticationProvider
- type SessionAuthenticationProvider
- func (p *SessionAuthenticationProvider) GetAuthenticatedMattermostClient(ctx context.Context) (*model.Client4, error)
- func (p *SessionAuthenticationProvider) GetAuthenticatedUser(ctx context.Context) (*model.User, error)
- func (p *SessionAuthenticationProvider) ValidateAuth(ctx context.Context) error
- type TokenAuthenticationProvider
- type TokenResolver
- type UserIdentityProvider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticationProvider ¶
type AuthenticationProvider interface {
ValidateAuth(ctx context.Context) error
// GetAuthenticatedMattermostClient returns an authenticated Mattermost client
GetAuthenticatedMattermostClient(ctx context.Context) (*model.Client4, error)
}
AuthenticationProvider handles authentication for MCP requests
type ContextKey ¶
type ContextKey string
Context keys for passing data through context
const ( // AuthTokenContextKey is used to store the validated auth token in context AuthTokenContextKey ContextKey = "auth_token" // SessionIDContextKey is used to store the session ID in context SessionIDContextKey ContextKey = "session_id" // TokenResolverContextKey is used to store a function that resolves sessionID to token TokenResolverContextKey ContextKey = "token_resolver" // UserIDContextKey is used to store the user ID in context for HTTP callbacks UserIDContextKey ContextKey = "user_id" )
type OAuthAuthenticationProvider ¶
type OAuthAuthenticationProvider struct {
// contains filtered or unexported fields
}
OAuthAuthenticationProvider provides OAuth authentication for HTTP transport As a resource server, we only need to validate tokens using Mattermost's API
func NewOAuthAuthenticationProvider ¶
func NewOAuthAuthenticationProvider(externalURL, internalURL, issuer string, logger logger.Logger) *OAuthAuthenticationProvider
NewOAuthAuthenticationProvider creates a new OAuth authentication provider for resource server Uses internalURL for API communication if provided, otherwise falls back to externalURL
func (*OAuthAuthenticationProvider) GetAuthenticatedMattermostClient ¶
func (p *OAuthAuthenticationProvider) GetAuthenticatedMattermostClient(ctx context.Context) (*model.Client4, error)
GetAuthenticatedMattermostClient returns an OAuth-authenticated Mattermost client
func (*OAuthAuthenticationProvider) ValidateAuth ¶
func (p *OAuthAuthenticationProvider) ValidateAuth(ctx context.Context) error
ValidateAuth validates OAuth authentication from context
type SessionAuthenticationProvider ¶ added in v1.5.0
type SessionAuthenticationProvider struct {
// contains filtered or unexported fields
}
SessionAuthenticationProvider provides session-based authentication for in-memory transport This provider uses existing Mattermost session tokens passed through context, eliminating the need for separate OAuth flows for embedded MCP servers
func NewSessionAuthenticationProvider ¶ added in v1.5.0
func NewSessionAuthenticationProvider(externalURL, internalURL string, logger logger.Logger) *SessionAuthenticationProvider
NewSessionAuthenticationProvider creates a new session authentication provider for in-memory transport Uses internalURL for API communication if provided, otherwise falls back to externalURL
func (*SessionAuthenticationProvider) GetAuthenticatedMattermostClient ¶ added in v1.5.0
func (p *SessionAuthenticationProvider) GetAuthenticatedMattermostClient(ctx context.Context) (*model.Client4, error)
GetAuthenticatedMattermostClient returns a session-authenticated Mattermost client Uses token resolver to get tokens from session IDs for the embedded server
func (*SessionAuthenticationProvider) GetAuthenticatedUser ¶ added in v1.5.0
func (p *SessionAuthenticationProvider) GetAuthenticatedUser(ctx context.Context) (*model.User, error)
GetAuthenticatedUser returns the authenticated Mattermost user for the session token in context. Uses token resolver to get tokens from session IDs for the embedded server
func (*SessionAuthenticationProvider) ValidateAuth ¶ added in v1.5.0
func (p *SessionAuthenticationProvider) ValidateAuth(ctx context.Context) error
ValidateAuth validates session authentication from context The session token must be present in the context and be valid
type TokenAuthenticationProvider ¶
type TokenAuthenticationProvider struct {
// contains filtered or unexported fields
}
TokenAuthenticationProvider provides PAT token authentication for STDIO transport
func NewTokenAuthenticationProvider ¶
func NewTokenAuthenticationProvider(externalURL, internalURL, token string, logger logger.Logger) *TokenAuthenticationProvider
NewTokenAuthenticationProvider creates a new PAT token authentication provider for STDIO transport Uses internalURL for API communication if provided, otherwise falls back to externalURL
func (*TokenAuthenticationProvider) GetAuthenticatedMattermostClient ¶
func (p *TokenAuthenticationProvider) GetAuthenticatedMattermostClient(ctx context.Context) (*model.Client4, error)
GetAuthenticatedMattermostClient returns an authenticated Mattermost client
func (*TokenAuthenticationProvider) ValidateAuth ¶
func (p *TokenAuthenticationProvider) ValidateAuth(ctx context.Context) error
ValidateAuth validates authentication
type TokenResolver ¶ added in v1.5.0
TokenResolver is a function that resolves a sessionID to a token
type UserIdentityProvider ¶ added in v1.5.0
type UserIdentityProvider interface {
AuthenticationProvider
// GetAuthenticatedUser returns the authenticated Mattermost user for the current context
GetAuthenticatedUser(ctx context.Context) (*model.User, error)
}
UserIdentityProvider can supply the authenticated Mattermost user for the current context. Implementations may use cached validation results to avoid additional network calls.
Source Files