authorization

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 7, 2025 License: Apache-2.0 Imports: 3 Imported by: 11

Documentation

Overview

Package authorization defines data structures that describe an MCP server’s authorization requirements as well as helper types for carrying OAuth2 / OIDC credentials.

The package can be used by both servers and clients:

  • Servers declare fine-grained policies (per-tool or per-resource) or a single global policy using Policy and Authorization types.
  • Clients can attach a bearer or ID token to a request via Token and pass it through context using the TokenKey constant.

These types mirror the corresponding sections of the Model Context Protocol specification, allowing implementations to share a common, strongly-typed representation.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authorization 

type Authorization struct {
	RequiredScopes            []string                        `json:"requiredScopes"`
	UseIdToken                bool                            `json:"useIdToken,omitempty"`
	ProtectedResourceMetadata *meta.ProtectedResourceMetadata `json:"protectedResourceMetadata"`
}

Authorization defines per-resource aI do uthorization requirements.

type IdTokenSource 

type IdTokenSource interface {
	IdToken(ctx context.Context, token *oauth2.Token, protectedResource *meta.ProtectedResourceMetadata) (*oauth2.Token, error)
}

type Policy added in v0.2.0 

type Policy struct {
	// Global resource protection metadata (mutually exclusive with Tools/Resources)
	Global *Authorization `json:"global,omitempty"`
	// ExcludeURI skips middleware on matching paths
	ExcludeURI string `json:"excludeURI,omitempty"`
	// Per-tool authorization metadata
	Tools map[string]*Authorization `json:"tools,omitempty"`
	// Per-tenant authorization metadata (reserved for future use)
	Resources map[string]*Authorization `json:"resources,omitempty"`
}

func (*Policy) IsFineGrained added in v0.2.0 

func (a *Policy) IsFineGrained() bool

IsFineGrained reports whether this config uses fine-grained (tool/resource) control.

type ProtectedResourceTokenSource 

type ProtectedResourceTokenSource interface {
	ProtectedResourceToken(ctx context.Context, protectedResource *meta.ProtectedResourceMetadata, scope string) (*oauth2.Token, error)
}

type Token 

type Token struct {
	Token string `json:"token"`
}

Token carries authentication credentials.

type TokenKeyType 

type TokenKeyType string

TokenKeyType is the type used for the context key of Token. 

const TokenKey TokenKeyType = "TokenKey"

TokenKey is the context key under which Token is stored.

type WithMeta 

type WithMeta struct {
	Name     string `json:"name"`
	AuthMeta struct {
		Authorization *Token `json:"authorization,omitempty"`
	} `json:"_meta,omitempty"`
}

WithMeta extracts authorization metadata from JSON-RPC params.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.