Class: Mcp::Auth::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/mcp/auth.rb

Constant Summary collapse

SUPPORTED_SIGNING_ALGORITHMS = 
%w[HS256 RS256 ES256].freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeConfiguration

Returns a new instance of Configuration.



45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/mcp/auth.rb', line 45

def initialize
  @oauth_secret = nil
  @authorization_server_url = nil
  @access_token_lifetime = 3600 # 1 hour
  @refresh_token_lifetime = 2_592_000 # 30 days
  @authorization_code_lifetime = 1800 # 30 minutes
  @fetch_user_data = nil
  @current_user_method = :current_user
  @current_org_method = nil
  @consent_view_path = 'mcp/auth/consent'
  @use_custom_consent_view = false
  @mcp_server_path = '/mcp'
  @mcp_docs_url = nil
  @validate_scope_for_user = nil
  # CP-9255 batch 2: JWT signing.
  # Default HS256 keeps existing setups working (shared oauth_secret).
  # Set algorithm to 'RS256' or 'ES256' and provide PEM-encoded keys
  # via env or config to enable asymmetric signing + JWKS publication.
  @token_signing_algorithm = 'HS256'
  @token_signing_private_key = nil
  @token_signing_public_key = nil
  @token_signing_kid = nil
end

Instance Attribute Details

#access_token_lifetimeObject

Returns the value of attribute access_token_lifetime.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def access_token_lifetime
  @access_token_lifetime
end

#authorization_code_lifetimeObject

Returns the value of attribute authorization_code_lifetime.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def authorization_code_lifetime
  @authorization_code_lifetime
end

#authorization_server_urlObject

Returns the value of attribute authorization_server_url.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def authorization_server_url
  @authorization_server_url
end

#consent_view_pathObject

Returns the value of attribute consent_view_path.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def consent_view_path
  @consent_view_path
end

#current_org_methodObject

Returns the value of attribute current_org_method.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def current_org_method
  @current_org_method
end

#current_user_methodObject

Returns the value of attribute current_user_method.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def current_user_method
  @current_user_method
end

#fetch_user_dataObject

Returns the value of attribute fetch_user_data.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def fetch_user_data
  @fetch_user_data
end

#mcp_docs_urlObject

Returns the value of attribute mcp_docs_url.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def mcp_docs_url
  @mcp_docs_url
end

#mcp_server_pathObject

Returns the value of attribute mcp_server_path.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def mcp_server_path
  @mcp_server_path
end

#oauth_secretObject

Returns the value of attribute oauth_secret.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def oauth_secret
  @oauth_secret
end

#refresh_token_lifetimeObject

Returns the value of attribute refresh_token_lifetime.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def refresh_token_lifetime
  @refresh_token_lifetime
end

#token_signing_algorithmObject

Returns the value of attribute token_signing_algorithm.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def token_signing_algorithm
  @token_signing_algorithm
end

#token_signing_kidObject

Returns the value of attribute token_signing_kid.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def token_signing_kid
  @token_signing_kid
end

#token_signing_private_keyObject

Returns the value of attribute token_signing_private_key.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def token_signing_private_key
  @token_signing_private_key
end

#token_signing_public_keyObject

Returns the value of attribute token_signing_public_key.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def token_signing_public_key
  @token_signing_public_key
end

#use_custom_consent_viewObject

Returns the value of attribute use_custom_consent_view.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def use_custom_consent_view
  @use_custom_consent_view
end

#validate_scope_for_userObject

Returns the value of attribute validate_scope_for_user.



27
28
29
 
# File 'lib/mcp/auth.rb', line 27

def validate_scope_for_user
  @validate_scope_for_user
end

Instance Method Details

#asymmetric_signing?Boolean

Returns:

  • (Boolean) 


79
80
81
 
# File 'lib/mcp/auth.rb', line 79

def asymmetric_signing?
  token_signing_algorithm != 'HS256'
end

#documentation_url(base_url = nil) ⇒ Object

Get MCP documentation URL



94
95
96
97
98
99
 
# File 'lib/mcp/auth.rb', line 94

def documentation_url(base_url = nil)
  return @mcp_docs_url if @mcp_docs_url.present? && @mcp_docs_url.start_with?('http')

  docs_path = @mcp_docs_url.presence || "#{@mcp_server_path}/docs"
  base_url ? "#{base_url}#{docs_path}" : docs_path
end

#register_scope(scope_key, name:, description:, required: false) ⇒ Object

Register a custom scope for your application



84
85
86
87
88
89
90
91
 
# File 'lib/mcp/auth.rb', line 84

def register_scope(scope_key, name:, description:, required: false)
  Mcp::Auth::ScopeRegistry.register_scope(
    scope_key,
    name: name,
    description: description,
    required: required
  )
end