Class: RailsMcp::Auth::TokenValidator

Inherits:

Object

Object
RailsMcp::Auth::TokenValidator

show all

Defined in:: lib/rails_mcp/auth/token_validator.rb

Constant Summary collapse

WELL_KNOWN_PREFIX =

"/.well-known/"

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app) ⇒ TokenValidator constructor

A new instance of TokenValidator.

Constructor Details

#initialize(app) ⇒ `TokenValidator`

Returns a new instance of TokenValidator.



8
9
10

# File 'lib/rails_mcp/auth/token_validator.rb', line 8

def initialize(app)
  @app = app
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/rails_mcp/auth/token_validator.rb', line 12

def call(env)
  request = Rack::Request.new(env)

  # CORS preflight and public discovery endpoints bypass auth
  return @app.call(env) if request.options?
  return @app.call(env) if request.path.start_with?(WELL_KNOWN_PREFIX)

  token_string = extract_bearer_token(env)
  return unauthorized("Bearer token required") if token_string.nil?

  token = Doorkeeper::AccessToken.by_token(token_string)
  return unauthorized("Invalid or expired token") if token.nil? || token.revoked? || token.expired?

  required = RailsMcp.configuration.scope
  return insufficient_scope(required) if required && !required.empty? && !token.scopes.include?(required)

  env["rails_mcp.access_token"] = token
  @app.call(env)
end

Class: RailsMcp::Auth::TokenValidator

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ TokenValidator

Instance Method Details

#call(env) ⇒ Object

#initialize(app) ⇒ `TokenValidator`

#call(env) ⇒ `Object`