mirror of
https://github.com/pomerium/pomerium.git
synced 2025-07-22 19:18:01 +02:00
mcp: delete upstream oauth2 token (#5707)
## Summary Adds `POST /.pomerium/mcp/routes/disconnect` that allows an MCP client application to request upstream OAuth2 tokens to be purged, so that a user may get a new ones with possibly different scopes. ## Related issues Fix https://linear.app/pomerium/issue/ENG-2545/mcp-user-should-be-able-to-purge-their-upstream-oauth2-token ## User Explanation <!-- How would you explain this change to the user? If this change doesn't create any user-facing changes, you can leave this blank. If filled out, add the `docs` label --> ## Checklist - [x] reference any related issues - [x] updated unit tests - [x] add appropriate label (`enhancement`, `bug`, `breaking`, `dependencies`, `ci`) - [x] ready for review
This commit is contained in:
parent
f5c5326c72
commit
8a89c975d9
5 changed files with 141 additions and 12 deletions
|
@ -30,6 +30,7 @@ const (
|
|||
tokenEndpoint = "/token"
|
||||
listRoutesEndpoint = "/routes"
|
||||
connectEndpoint = "/connect"
|
||||
disconnectEndpoint = "/routes/disconnect"
|
||||
)
|
||||
|
||||
type Handler struct {
|
||||
|
@ -83,7 +84,8 @@ func (srv *Handler) HandlerFunc() http.HandlerFunc {
|
|||
r.Path(path.Join(srv.prefix, oauthCallbackEndpoint)).Methods(http.MethodGet).HandlerFunc(srv.OAuthCallback)
|
||||
r.Path(path.Join(srv.prefix, tokenEndpoint)).Methods(http.MethodPost).HandlerFunc(srv.Token)
|
||||
r.Path(path.Join(srv.prefix, listRoutesEndpoint)).Methods(http.MethodGet).HandlerFunc(srv.ListRoutes)
|
||||
r.Path(path.Join(srv.prefix, connectEndpoint)).Methods(http.MethodGet).HandlerFunc(srv.Connect)
|
||||
r.Path(path.Join(srv.prefix, connectEndpoint)).Methods(http.MethodGet).HandlerFunc(srv.ConnectGet)
|
||||
r.Path(path.Join(srv.prefix, disconnectEndpoint)).Methods(http.MethodPost).HandlerFunc(srv.DisconnectRoutes)
|
||||
|
||||
return r.ServeHTTP
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue