1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-16 17:52:44 +02:00
Commit graph

9 commits

Author SHA1 Message Date
Denis Mishin
777b3b12d2
mcp: client registration/token fixes ()
## Summary

Fixes to MCP code registration and token requests. 

1. ease some requirements on fields that are RECOMMENDED 
2. fill in defaults
3. store both request and response in the client registration
4. check client secret in the /token request

## Related issues

- Fixes
https://linear.app/pomerium/issue/ENG-2462/mcp-ignore-unknown-grant-types-in-the-client-registration
- Fixes
https://linear.app/pomerium/issue/ENG-2461/mcp-support-client-secret-in-dynamic-client-registration
 
## User Explanation

<!-- How would you explain this change to the user? If this
change doesn't create any user-facing changes, you can leave
this blank. If filled out, add the `docs` label -->

## Checklist

- [x] reference any related issues
- [x] updated unit tests
- [x] add appropriate label (`enhancement`, `bug`, `breaking`,
`dependencies`, `ci`)
- [ ] ready for review
2025-06-11 11:28:24 -04:00
Denis Mishin
b944e68232
mcp: implement connect ()
## Summary

adds implementation of `/.pomerium/mcp/connect` method, that takes a
`redirect_url` parameter and would ensure the user goes thru required
redirects so that its session is hydrated with the upstream Oauth token
for the MCP server.
the `redirect_url` parameter host must match one of the _client_ mcp
routes (currently identified by the presence of `mcp:
pass_upstream_access_token: true` in the route.

## Related issues

Fix
https://linear.app/pomerium/issue/ENG-2321/mcp-support-handling-external-oauth-servers

## User Explanation

<!-- How would you explain this change to the user? If this
change doesn't create any user-facing changes, you can leave
this blank. If filled out, add the `docs` label -->

## Checklist

- [x] reference any related issues
- [x] updated unit tests
- [ ] add appropriate label (`enhancement`, `bug`, `breaking`,
`dependencies`, `ci`)
- [x] ready for review
2025-06-02 17:19:34 -04:00
Denis Mishin
6caf65a117
mcp: add list-routes client helper () 2025-05-01 15:02:28 -04:00
Denis Mishin
9d66f762e1
mcp: handle and pass upstream oauth2 tokens () 2025-05-01 12:42:31 -04:00
Denis Mishin
561b6040b5
mcp: redirect to upstream oauth2 for authentication () 2025-05-01 12:16:44 -04:00
Denis Mishin
4dd5357fe3
mcp: extend code usage () 2025-04-25 14:47:11 -04:00
Denis Mishin
9e4947c62f
mcp: authorize request (pt2) () 2025-04-24 12:11:19 -07:00
Denis Mishin
63ccf6ab93
mcp: authorize request (pt1) () 2025-04-24 14:59:12 -04:00
Denis Mishin
f1a9401ddc
mcp: scaffolding of /.pomerium/mcp routes () 2025-04-23 12:36:31 -04:00