Module server

Structs§

BearerToken: Per-request extension carrying the raw inbound bearer (the <token> from Authorization: Bearer <token>). Inserted by auth_middleware only after jwt::validate succeeds, so an expired/forged token never leaks into this extension. Consumed by handlers building a GenContext so an auth_generator can forward the calling sandbox’s identity to an upstream MCP via ${JWT_TOKEN} (issue #115).
CallRequest
CallResponse
HealthResponse
HelpRequest
HelpResponse
ProxyState: Shared state for the proxy server.
SkillAtiCatalogQuery
SkillAtiFileQuery
SkillAtiResourcesQuery
SkillBundleBatchRequest
SkillDetailQuery
SkillResolveRequest
SkillsQuery
ToolsQuery
UpstreamAllowEntry: One parsed allowlist entry. Allowlist CSV entries are operator-authored URL templates like https://parcha-tools-*.grep.ai/mcp. We parse them into (scheme, host_label_patterns, path) at load time so per-request validation can match each component separately:

LazySchemaCache: Type alias for the issue #135 lazy-schema cache. Keyed by (provider_name, upstream_url). The value is Option<map> so the negative result (dial failed / list failed) can be cached too — avoids retrying a known-bad upstream on every subsequent request. Named so clippy’s type_complexity lint doesn’t fire on the field.