3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-03 19:32:48 +02:00
Code Issues Projects Releases Packages Wiki Activity

mcp: handle and pass upstream oauth2 tokens (#5595)

Browse source
This commit is contained in:
Denis Mishin 2025-05-01 12:42:31 -04:00 committed by GitHub
parent 561b6040b5
commit 9d66f762e1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
14 changed files with 337 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

20
internal/mcp/token.go
View file

@ -1,6 +1,7 @@
package mcp
import (
"context"
"fmt"
"time"
@ -27,9 +28,9 @@ func CheckPKCE(
return nil
}
// CreateAuthorizationCode creates an access token based on the session
func (srv *Handler) CreateAccessTokenForSession(id string, expiresAt time.Time) (string, error) {
return CreateCode(CodeTypeAccess, id, expiresAt, "", srv.cipher)
// GetAccessTokenForSession returns an access token for a given session and expiration time.
func (srv *Handler) GetAccessTokenForSession(sessionID string, sessionExpiresAt time.Time) (string, error) {
return CreateCode(CodeTypeAccess, sessionID, sessionExpiresAt, "", srv.cipher)
}
// DecryptAuthorizationCode decrypts the authorization code and returns the underlying session ID
@ -41,3 +42,16 @@ func (srv *Handler) GetSessionIDFromAccessToken(accessToken string) (string, err
return code.Id, nil
}
func (srv *Handler) GetUpstreamOAuth2Token(
ctx context.Context,
host string,
userID string,
) (string, error) {
token, err := srv.storage.GetUpstreamOAuth2Token(ctx, userID, host)
if err != nil {
return "", fmt.Errorf("failed to get upstream oauth2 token: %w", err)
}
return token.AccessToken, nil
}