Skip to main content

mcp_kit/auth/
mod.rs

1//! Authentication support for MCP servers.
2//!
3//! This module provides the core auth abstractions used across all transports.
4//! Each auth scheme is gated behind a feature flag so you only compile what you use:
5//!
6//! | Feature | Provider | Credential type |
7//! |---------|----------|-----------------|
8//! | `auth-bearer` | [`BearerTokenProvider`] | `Authorization: Bearer <token>` |
9//! | `auth-apikey` | [`ApiKeyProvider`] | `X-Api-Key: <key>` or `?api_key=` |
10//! | `auth-basic`  | [`BasicAuthProvider`]  | `Authorization: Basic <b64>` |
11//! | `auth-oauth2` | [`OAuth2Provider`] | Bearer token (introspection or JWT/JWKS) |
12//! | `auth-mtls`   | [`MtlsProvider`] | Client certificate (mTLS) |
13//! | *(always)*    | [`CustomHeaderProvider`] | Any custom header |
14//! | *(always)*    | [`CompositeAuthProvider`] | Try multiple providers in order |
15//!
16//! # Quick start
17//!
18//! ```rust,no_run
19//! use mcp_kit::auth::{BearerTokenProvider, CompositeAuthProvider};
20//! use mcp_kit::auth::composite::IntoDynProvider;
21//!
22//! let provider = CompositeAuthProvider::new(vec![
23//!     BearerTokenProvider::new(["my-secret"]).into_dyn(),
24//! ]);
25//! ```
26
27pub mod composite;
28pub mod credentials;
29pub mod custom;
30pub mod identity;
31pub mod provider;
32
33#[cfg(feature = "auth-bearer")]
34pub mod bearer;
35
36#[cfg(feature = "auth-apikey")]
37pub mod apikey;
38
39#[cfg(feature = "auth-basic")]
40pub mod basic;
41
42#[cfg(feature = "auth-oauth2")]
43pub mod oauth2;
44
45#[cfg(feature = "auth-mtls")]
46pub mod mtls;
47
48// ─── Public re-exports ────────────────────────────────────────────────────────
49
50pub use composite::{CompositeAuthProvider, IntoDynProvider};
51pub use credentials::Credentials;
52pub use custom::CustomHeaderProvider;
53pub use identity::AuthenticatedIdentity;
54pub use provider::{AuthFuture, AuthProvider, DynAuthProvider};
55
56#[cfg(feature = "auth-bearer")]
57pub use bearer::BearerTokenProvider;
58
59#[cfg(feature = "auth-apikey")]
60pub use apikey::ApiKeyProvider;
61
62#[cfg(feature = "auth-basic")]
63pub use basic::BasicAuthProvider;
64
65#[cfg(feature = "auth-oauth2")]
66pub use oauth2::{OAuth2Config, OAuth2Provider};
67
68#[cfg(feature = "auth-mtls")]
69pub use mtls::MtlsProvider;