remoteauth

package
v0.3.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 4, 2026 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DefaultProtectedResourceMetadataURI = "/.well-known/oauth-protected-resource"
)

Variables

View Source
var (
	Audience        = "systemd-mcp-server"
	ScopesSupported = []string{"mcp:read", "mcp:write"} // mcp-user
)

Functions

func GetJwksURI

func GetJwksURI(issuer string, skipVerify bool) (string, error)

getJwksUri gets the jwks_uri from the OpenID Provider configuration information. See https://openid.net/specs/openid-connect-discovery-1_0.html

Types

type Oauth2Auth

type Oauth2Auth struct {
	KeyFunc keyfunc.Keyfunc // Check oauth2 token func
	JwksUri string
	// contains filtered or unexported fields
}

func NewOutah2Auth

func NewOutah2Auth() Oauth2Auth

func (*Oauth2Auth) IsReadAuthorized

func (a *Oauth2Auth) IsReadAuthorized(ctx context.Context) (bool, error)

check if read is authorized via mcp:read

func (*Oauth2Auth) IsWriteAuthorized

func (a *Oauth2Auth) IsWriteAuthorized(ctx context.Context) (bool, error)

check if write is authorized via mcp:write and mcp-admin role

func (*Oauth2Auth) VerifyJWT

func (a *Oauth2Auth) VerifyJWT(ctx context.Context, tokenString string, r *http.Request) (*auth.TokenInfo, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL