auth

package

v0.8.2 Latest Latest Go to latest Published: Nov 10, 2025 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/viant/mcp

Links

Open Source Insights

Documentation ¶

Overview ¶

Package auth contains supporting helpers that enable fine-grained client side authorization when talking to an MCP server.

The Authorizer type can be attached to a client via `client.WithAuthInterceptor`. When a request is rejected with a *401 Unauthorized* response it automatically discovers the protected-resource metadata, obtains the necessary OAuth 2.1 token using the RoundTripper from the `transport` sub-package, and transparently retries the call.

Index ¶

type Authorizer
- func NewAuthorizer(transport *transport.RoundTripper) *Authorizer
- func (a *Authorizer) Intercept(ctx context.Context, request *jsonrpc.Request, response *jsonrpc.Response) (*jsonrpc.Request, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authorizer ¶

type Authorizer struct {
	Transport *transport.RoundTripper
}

Authorizer is a fine grain authorization interceptor

func NewAuthorizer ¶ added in v0.2.10

func NewAuthorizer(transport *transport.RoundTripper) *Authorizer

func (*Authorizer) Intercept ¶

func (a *Authorizer) Intercept(ctx context.Context, request *jsonrpc.Request, response *jsonrpc.Response) (*jsonrpc.Request, error)

Intercept intercept to check is authorization is needed, and initiate oauth 2.1 to get token and inject it to the request to re-send

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock Package mock provides in-memory and stub implementations that facilitate unit testing of the client-side authorization flow.	Package mock provides in-memory and stub implementations that facilitate unit testing of the client-side authorization flow.
store Package store defines simple token and client-configuration stores used by the authorization helpers in the parent `auth` package.	Package store defines simple token and client-configuration stores used by the authorization helpers in the parent `auth` package.
transport Package transport implements an http.RoundTripper that performs the OAuth 2.1 [Protected Resource Metadata](https://www.rfc-editor.org/rfc/rfc9728) discovery, token acquisition and automatic request retry logic required by MCP when a server challenges the client with `401 Unauthorized`.	Package transport implements an http.RoundTripper that performs the OAuth 2.1 [Protected Resource Metadata](https://www.rfc-editor.org/rfc/rfc9728) discovery, token acquisition and automatic request retry logic required by MCP when a server challenges the client with `401 Unauthorized`.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL