Class: OAuth2::MCP::WorkOSAuthKit

Inherits:

Object

Object
OAuth2::MCP::WorkOSAuthKit

show all

Defined in:: lib/oauth2/mcp.rb

Overview

WorkOS AuthKit adapter for MCP resource-server JWT validation.

Constant Summary collapse

JWKS_PATH =

"/oauth2/jwks"

Instance Attribute Summary collapse

#algorithms ⇒ Object readonly
Returns the value of attribute algorithms.
#audience ⇒ Object readonly
Returns the value of attribute audience.
#client ⇒ Object readonly
Returns the value of attribute client.
#issuer ⇒ Object readonly
Returns the value of attribute issuer.
#leeway ⇒ Object readonly
Returns the value of attribute leeway.

Instance Method Summary collapse

#call(token) ⇒ Object
#initialize(audience:, issuer: nil, subdomain: nil, client: nil, **options) ⇒ WorkOSAuthKit constructor
A new instance of WorkOSAuthKit.
#jwks ⇒ Object
#jwt_validator ⇒ Object

Constructor Details

#initialize(audience:, issuer: nil, subdomain: nil, client: nil, **options) ⇒ `WorkOSAuthKit`

Returns a new instance of WorkOSAuthKit.

# File 'lib/oauth2/mcp.rb', line 279

def initialize(audience:, issuer: nil, subdomain: nil, client: nil, **options)
  @issuer = normalize_issuer(issuer: issuer, subdomain: subdomain)
  @audience = audience
  @client = client || OAuth2::Client.new(nil, nil, site: @issuer, raise_errors: true)
  @algorithms = Array(options.fetch(:algorithms, ["RS256"])).map(&:to_s).freeze
  @leeway = options.fetch(:leeway, 60)
end

Instance Attribute Details

#algorithms ⇒ `Object` (readonly)

Returns the value of attribute algorithms.



277
278
279

# File 'lib/oauth2/mcp.rb', line 277

def algorithms
  @algorithms
end

#audience ⇒ `Object` (readonly)

Returns the value of attribute audience.



277
278
279

# File 'lib/oauth2/mcp.rb', line 277

def audience
  @audience
end

#client ⇒ `Object` (readonly)

Returns the value of attribute client.



277
278
279

# File 'lib/oauth2/mcp.rb', line 277

def client
  @client
end

#issuer ⇒ `Object` (readonly)

Returns the value of attribute issuer.



277
278
279

# File 'lib/oauth2/mcp.rb', line 277

def issuer
  @issuer
end

#leeway ⇒ `Object` (readonly)

Returns the value of attribute leeway.



277
278
279

# File 'lib/oauth2/mcp.rb', line 277

def leeway
  @leeway
end

Instance Method Details

#call(token) ⇒ `Object`



287
288
289

# File 'lib/oauth2/mcp.rb', line 287

def call(token)
  jwt_validator.call(token)
end

#jwks ⇒ `Object`



301
302
303

# File 'lib/oauth2/mcp.rb', line 301

def jwks
  @jwks ||= fetch_json(JWKS_PATH)
end

#jwt_validator ⇒ `Object`

# File 'lib/oauth2/mcp.rb', line 291

def jwt_validator
  @jwt_validator ||= JWTValidator.new(
    jwks: jwks,
    issuer: issuer,
    audience: audience,
    algorithms: algorithms,
    leeway: leeway,
  )
end

Class: OAuth2::MCP::WorkOSAuthKit

Overview

Constant Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(audience:, issuer: nil, subdomain: nil, client: nil, **options) ⇒ WorkOSAuthKit

Instance Attribute Details

#algorithms ⇒ Object (readonly)

#audience ⇒ Object (readonly)

#client ⇒ Object (readonly)

#issuer ⇒ Object (readonly)

#leeway ⇒ Object (readonly)