Documentation
¶
Overview ¶
Package oauth provides a small test harness for OAuth flows used by Claude Remote MCP connectors (DCR + PKCE + refresh).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizeOptions ¶
type AuthorizeOptions struct {
// McpEndpoint is the protected MCP resource URL (the `/mcp` endpoint).
McpEndpoint string
// Origin is passed as the Origin header on the first MCP call.
// Defaults to https://claude.ai.
Origin string
// RedirectURI must match the authorization server policy allowlist.
RedirectURI string
}
type ClaudePublicClient ¶
type ClaudePublicClient struct {
// contains filtered or unexported fields
}
ClaudePublicClient is an OAuth test client that emulates Claude connector behavior.
func NewClaudePublicClient ¶
func NewClaudePublicClient(httpClient *http.Client) *ClaudePublicClient
NewClaudePublicClient creates a client. If httpClient is nil, a default client is created that does not automatically follow redirects (required to capture authorization codes from Location headers).
func (*ClaudePublicClient) Authorize ¶
func (c *ClaudePublicClient) Authorize(ctx context.Context, opts AuthorizeOptions) (*Discovery, *DCRResult, *TokenResponse, *TokenResponse, error)
Authorize performs: - 401 challenge parsing (WWW-Authenticate) - protected resource metadata fetch - AS metadata fetch - DCR - Authorization Code + PKCE - Token exchange + refresh
type Discovery ¶
type Discovery struct {
ResourceMetadataURL string
ProtectedResourceMetadata *oauthruntime.ProtectedResourceMetadata
AuthorizationServerMetadata *oauthruntime.AuthorizationServerMetadata
}
Click to show internal directories.
Click to hide internal directories.