Module: BetterAuth::Plugins::MCP

Defined in:
lib/better_auth/plugins/mcp.rb

Class Method Summary collapse

Class Method Details

.unauthorized(resource_metadata_url) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
 
# File 'lib/better_auth/plugins/mcp.rb', line 28

def unauthorized(resource_metadata_url)
  [
    401,
    {
      "www-authenticate" => %(Bearer resource_metadata="#{resource_metadata_url}"),
      "access-control-expose-headers" => "WWW-Authenticate"
    },
    ["unauthorized"]
  ]
end

.with_mcp_auth(app, resource_metadata_url:, auth: nil) ⇒ Object 



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/better_auth/plugins/mcp.rb', line 10

def with_mcp_auth(app, resource_metadata_url:, auth: nil)
  lambda do |env|
    authorization = env["HTTP_AUTHORIZATION"].to_s
    unless authorization.start_with?("Bearer ")
      return unauthorized(resource_metadata_url)
    end

    session = auth&.api&.get_mcp_session(headers: {"authorization" => authorization})
    return unauthorized(resource_metadata_url) unless session

    env["better_auth.mcp_session"] = session

    app.call(env)
  rescue APIError
    unauthorized(resource_metadata_url)
  end
end