Module: BetterAuth::Plugins::MCP::ResourceHandler

Defined in:: lib/better_auth/plugins/mcp/resource_handler.rb

Class Method Summary collapse

.unauthorized(resource_metadata_url) ⇒ Object
.with_mcp_auth(app, resource_metadata_url:, auth: nil, resource_metadata_mappings: {}) ⇒ Object

Class Method Details

.unauthorized(resource_metadata_url) ⇒ `Object`

# File 'lib/better_auth/plugins/mcp/resource_handler.rb', line 24

def unauthorized(resource_metadata_url)
  [
    401,
    {
      "www-authenticate" => %(Bearer resource_metadata="#{resource_metadata_url}"),
      "access-control-expose-headers" => "WWW-Authenticate"
    },
    ["unauthorized"]
  ]
end

.with_mcp_auth(app, resource_metadata_url:, auth: nil, resource_metadata_mappings: {}) ⇒ `Object`

# File 'lib/better_auth/plugins/mcp/resource_handler.rb', line 9

def with_mcp_auth(app, resource_metadata_url:, auth: nil, resource_metadata_mappings: {})
  lambda do |env|
    authorization = env["HTTP_AUTHORIZATION"].to_s
    return unauthorized(resource_metadata_url) unless authorization.start_with?("Bearer ")

    session = auth&.api&.get_mcp_session(headers: {"authorization" => authorization})
    return unauthorized(resource_metadata_url) unless session

    env["better_auth.mcp_session"] = session
    app.call(env)
  rescue APIError
    unauthorized(resource_metadata_url)
  end
end

Module: BetterAuth::Plugins::MCP::ResourceHandler

Class Method Summary collapse

Class Method Details

.unauthorized(resource_metadata_url) ⇒ Object

.with_mcp_auth(app, resource_metadata_url:, auth: nil, resource_metadata_mappings: {}) ⇒ Object

.unauthorized(resource_metadata_url) ⇒ `Object`

.with_mcp_auth(app, resource_metadata_url:, auth: nil, resource_metadata_mappings: {}) ⇒ `Object`