Skip to content

all: client side OAuth support #785

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
maciej-kisiel merged 30 commits into from
Feb 27, 2026
Merged

all: client side OAuth support #785

Show file tree
Hide file tree
Changes from 22 commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
f2e2ddb
all: WIP client side OAuth support
maciej-kisiel Feb 3, 2026
622f4fc
Simplify the client setup by reading the conformance contect.
maciej-kisiel Feb 16, 2026
d802adb
Separate objects required by the mcp package to not be protected by the
maciej-kisiel Feb 16, 2026
a641ea3
Merge branch 'main' into client-auth
maciej-kisiel Feb 16, 2026
bd4be14
Separate conformance client into two files, one protected by the tag.
maciej-kisiel Feb 16, 2026
21bf098
Fix conformance tests.
maciej-kisiel Feb 16, 2026
ff406be
all: remove token persistence APIs and add unexported method to OAuth…
maciej-kisiel Feb 18, 2026
5be070b
auth: improve the structure in authorization_code.go.
maciej-kisiel Feb 19, 2026
18d5838
examples: add an example to display client OAuth.
maciej-kisiel Feb 20, 2026
a7c3ab9
Make AuthorizationURLHandler blocking.
maciej-kisiel Feb 23, 2026
d1b6bfd
Document client-side OAuth.
maciej-kisiel Feb 23, 2026
e245338
Merge branch 'main' into client-auth
maciej-kisiel Feb 23, 2026
f95953f
Bring back issuer validation.
maciej-kisiel Feb 23, 2026
2f9d4d5
Documentation fix.
maciej-kisiel Feb 23, 2026
57e5b2d
Introduce a constructor for the handler and validate on creation.
maciej-kisiel Feb 23, 2026
4623159
Remove StateProvider for now, rename handler to
maciej-kisiel Feb 24, 2026
ae5e5b3
Self review adjustments.
maciej-kisiel Feb 24, 2026
86cdd9f
Finalize error handling in streaming.go.
maciej-kisiel Feb 24, 2026
69a0853
Refactor client_secret handling and authentication methods selection.
maciej-kisiel Feb 24, 2026
857a351
Add unit tests for authorization_code.go.
maciej-kisiel Feb 25, 2026
707173d
Add unit tests for streamable.go.
maciej-kisiel Feb 25, 2026
c9d3047
First batch of addressing the review comments.
maciej-kisiel Feb 25, 2026
f4e4014
Second batch of addressing the review comments.
maciej-kisiel Feb 26, 2026
80a033e
Final cleanup.
maciej-kisiel Feb 26, 2026
9a4f333
Address review feedback.
maciej-kisiel Feb 26, 2026
4160f82
Merge branch 'main' into client-auth
maciej-kisiel Feb 26, 2026
22bfc54
Doc comment fixes.
maciej-kisiel Feb 27, 2026
753c0eb
Explicit note about client OAuth support.
maciej-kisiel Feb 27, 2026
b26dc14
Address review feedback.
maciej-kisiel Feb 27, 2026
cbc6b44
Merge branch 'main' into client-auth
maciej-kisiel Feb 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/conformance.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,6 @@ jobs:
uses: modelcontextprotocol/conformance@c2f3fdaf781dcd5a862cb0d2f6454c1c210bf0f0 # v0.1.11
with:
mode: client
command: go run ./conformance/everything-client/main.go
command: go run -tags mcp_go_client_oauth ./conformance/everything-client
suite: core
expected-failures: ./conformance/baseline.yml
3 changes: 3 additions & 0 deletions auth/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,9 @@ func verify(req *http.Request, verifier TokenVerifier, opts *RequireBearerTokenO
}
return nil, err.Error(), http.StatusInternalServerError
}
if tokenInfo == nil {
return nil, "token validation failed", http.StatusInternalServerError
}

// Check scopes. All must be present.
if opts != nil {
Expand Down
Loading
Loading