Documentation
¶
Index ¶
- Constants
- func EnvReuseAuthorizer() *bool
- func EnvReuseAuthorizerMode() *string
- func ResolveEffective(ctx context.Context, clientReuse *bool, clientMode *string, cliReuse *bool, ...) (reuse bool, mode shared.Mode)
- func ToTokenStoragePolicy(sp StoragePolicy) tokens.StoragePolicy
- type MCPConfig
- type MinTTL
- type Provider
- type ProviderAuth
- type StoragePolicy
Constants ¶
const ( BuiltInDefaultReuseAuthorizer = true BuiltInDefaultReuseAuthorizerMode = string(shared.ModeBearerFirst) )
Defaults for MCP auth reuse when not configured.
Variables ¶
This section is empty.
Functions ¶
func EnvReuseAuthorizerMode ¶
func EnvReuseAuthorizerMode() *string
func ResolveEffective ¶
func ResolveEffective(ctx context.Context, clientReuse *bool, clientMode *string, cliReuse *bool, cliMode *string, envReuse *bool, envMode *string, provider ProviderAuth, globalReuse *bool, globalMode *string) (reuse bool, mode shared.Mode)
ResolveEffective computes effective reuse settings using precedence. Inputs can be nil to indicate unspecified values. ResolveEffective computes effective reuse settings using precedence, taking global pointers directly. globalReuse/globalMode correspond to default.mcp.reuseAuthorizer and default.mcp.reuseAuthorizerMode.
func ToTokenStoragePolicy ¶
func ToTokenStoragePolicy(sp StoragePolicy) tokens.StoragePolicy
ToTokenStoragePolicy converts config storage policy into tokens.StoragePolicy.
Types ¶
type MCPConfig ¶
type MCPConfig struct {
Providers []Provider `yaml:"providers" json:"providers"`
}
MCPConfig is the top-level MCP configuration section.
type MinTTL ¶
type MinTTL struct {
Access time.Duration `yaml:"access" json:"access"`
ID time.Duration `yaml:"id" json:"id"`
}
MinTTL holds threshold durations for proactive refresh.
type Provider ¶
type Provider struct {
Name string `yaml:"name" json:"name"`
Auth ProviderAuth `yaml:"auth" json:"auth"`
}
Provider defines an MCP provider entry.
type ProviderAuth ¶
type ProviderAuth struct {
ReuseAuthorizer *bool `yaml:"reuseAuthorizer" json:"reuseAuthorizer"`
ReuseAuthorizerMode *string `yaml:"reuseAuthorizerMode" json:"reuseAuthorizerMode"`
Authority string `yaml:"authority" json:"authority"`
Audience string `yaml:"audience" json:"audience"`
MinTTL *MinTTL `yaml:"minTTL" json:"minTTL"`
Storage *StoragePolicy `yaml:"storage" json:"storage"`
// Optional guardrails; enforced only when provided
OriginAllowlist []string `yaml:"originAllowlist" json:"originAllowlist"`
AudienceAllowlist []string `yaml:"audienceAllowlist" json:"audienceAllowlist"`
RequireSameAuthority *bool `yaml:"requireSameAuthority" json:"requireSameAuthority"`
AllowInsecure *bool `yaml:"allowInsecure" json:"allowInsecure"`
}
ProviderAuth holds per-provider overrides and metadata.
type StoragePolicy ¶
type StoragePolicy struct {
Access string `yaml:"access" json:"access"`
ID string `yaml:"id" json:"id"`
Refresh string `yaml:"refresh" json:"refresh"`
}
StoragePolicy config for where to store tokens. Values: "memory" or "encrypted". Defaults: access=id=memory, refresh=encrypted.
Source Files