rmcp-server-kit 2.1.0

Reusable MCP server framework with auth, RBAC, and Streamable HTTP transport (built on the rmcp SDK)
Documentation
[package]
name = "rmcp-server-kit"
version = "2.1.0"
edition = "2024"
rust-version = "1.95.0"
license = "MIT OR Apache-2.0"
description = "Reusable MCP server framework with auth, RBAC, and Streamable HTTP transport (built on the rmcp SDK)"
readme = "README.md"
repository = "https://github.com/andrico21/rmcp-server-kit"
homepage = "https://github.com/andrico21/rmcp-server-kit"
documentation = "https://docs.rs/rmcp-server-kit"
keywords = ["mcp", "rmcp", "server", "oauth", "rbac"]
categories = [
  "network-programming",
  "web-programming::http-server",
  "authentication",
]
authors = ["rmcp-server-kit contributors"]
exclude = [
  "target/",
  "flycheck0/",
  "tmp/",
  "tests/artifacts/",
  ".github/",
  ".gitlab-ci.yml",
]

[lib]
name = "rmcp_server_kit"
path = "src/lib.rs"

[[example]]
name = "oauth_server"
required-features = ["oauth"]

[package.metadata.docs.rs]
all-features = true
rustdoc-args = ["--cfg", "docsrs"]

[dependencies]
# MCP Protocol - official Rust SDK
rmcp = { version = "2.1", features = [
  "server",
  "transport-streamable-http-server",
  "transport-io",
  "macros",
] }

# Async runtime
tokio = { version = "1", features = ["net", "signal", "macros", "rt", "fs"] }
tokio-util = { version = "0.7", features = ["rt"] }

# HTTP server
axum = { version = "0.8" }
tower = { version = "0.5", features = [
  "util",
  "timeout",
  "limit",
  "load-shed",
] }
tower-http = { version = "0.6", features = [
  "trace",
  "cors",
  "limit",
  "timeout",
  "set-header",
  "compression-gzip",
  "compression-br",
] }
http-body-util = "0.1"

# TLS
rustls = { version = "0.23", default-features = false, features = [
  "ring",
  "logging",
  "tls12",
] }
tokio-rustls = { version = "0.26", default-features = false, features = [
  "ring",
] }
x509-parser = "0.18"

# Serialization
serde = { version = "1", features = ["derive"] }
serde_json = "1"
toml = "1"

# Error handling
thiserror = "2"
anyhow = "1"

# Observability
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = [
  "env-filter",
  "json",
  "fmt",
] }

# Security
argon2 = "0.5"
subtle = "2"
governor = "0.10"
base64 = "0.22"
chrono = { version = "0.4", default-features = false, features = ["clock"] }
rand = "0.10"
hmac = "0.13"
sha2 = "0.11"

# Lock-free pointer swap for hot-reload
arc-swap = "1"

# CIDR parsing/matching for the trusted-proxy allowlist (trusted-forwarder
# mode). Hand-rolling CIDR logic - especially IPv6 - is riskier than the
# dependency.
ipnet = "2"

# Utilities
humantime = "2"
humantime-serde = "1"
secrecy = { version = "0.10", features = ["serde"] }
url = "2"
# POSIX-shell-like lexical splitting for RBAC argument-allowlist matching.
# On the 2.x line: 2.0 only *removed* the deprecated quote/join APIs
# (subject of RUSTSEC-2024-0006 / CVE-2024-58266) and an unsound DerefMut
# impl. We consume only `shlex::split`, whose behaviour is unchanged from
# the fully-patched 1.3 line, so 2.x is security- and behaviour-equivalent
# here while collapsing the duplicate shlex copy pulled in transitively.
shlex = "2"

# Metrics (optional)
prometheus = { version = "0.14", optional = true }

# OAuth 2.1 JWT (optional)
jsonwebtoken = { version = "10.4", features = ["rust_crypto"], optional = true }
reqwest = { version = "0.13.4", default-features = false, features = [
  "rustls-no-provider",
  "json",
] }
urlencoding = { version = "2", optional = true }

[features]
default = []
oauth = ["dep:jsonwebtoken", "dep:urlencoding"]
oauth-mtls-client = ["oauth"]
metrics = ["dep:prometheus"]
test-helpers = []

[dev-dependencies]
rcgen = "0.14"
rsa = "0.9"
wiremock = "0.6"
reqwest = { version = "0.13.4", default-features = false, features = [
  "rustls-no-provider",
  "json",
] }
tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs"] }
memory-stats = "1"
criterion = { version = "0.8", default-features = false, features = [
  "cargo_bench_support",
] }
proptest = "1"
temp-env = "0.3.6"

[[bench]]
name = "rbac_redaction"
harness = false

[[bench]]
name = "hook_latency"
harness = false

# cargo-machete config: dependencies machete cannot detect via static
# analysis but that ARE used at runtime.
#
# - humantime-serde: used as `#[serde(with = "humantime_serde")]` attribute
#   path in src/auth.rs (machete does not follow `serde(with = ...)` paths).
# - subtle: kept as a direct dependency for constant-time comparison
#   primitives; currently consumed transitively via argon2 / password-hash
#   but we want a stable direct version pin available for future use in
#   custom auth helpers.
[package.metadata.cargo-machete]
ignored = ["humantime-serde", "subtle"]

[lints.rust]
unsafe_code = "forbid"
missing_debug_implementations = "warn"
missing_docs = "warn"
trivial_casts = "warn"
trivial_numeric_casts = "warn"
unreachable_pub = "warn"
unused_extern_crates = "warn"
unused_import_braces = "warn"
unused_qualifications = "warn"

[lints.clippy]
all = { level = "deny", priority = -1 }
pedantic = { level = "warn", priority = -1 }
# Extra unstable lints that catch patterns pedantic misses (high-signal on
# AI-touched code, per RUST_GUIDELINES.md §9). Noisy nursery lints may be
# allowed individually below with a justification comment.
nursery = { level = "warn", priority = -1 }
# nursery allow: const-ness on ~40 pub fns is a one-way semver promise
# (removing `const` later is a breaking change) and the lint is documented
# as having false positives; opting fns into `const` stays a deliberate,
# per-fn decision rather than lint-driven churn.
missing_const_for_fn = "allow"
# nursery allow: antagonistic to rustc's `unreachable_pub = "warn"` (set in
# [lints.rust]), which prefers `pub(crate)` over `pub` for crate-internal
# items; this crate keeps explicit `pub(crate)` visibility markers.
redundant_pub_crate = "allow"
# nursery allow: frequently degrades readability here — rewrites would
# contort the constant-time HMAC fallback (inner #[allow] + SAFETY comment
# inside a closure), the poisoned-lock `match` idiom used across the crate,
# and multi-statement tracing arms. Sites are clearer as if/let-else.
option_if_let_else = "allow"
unwrap_used = "deny"
expect_used = "deny"
panic = "deny"
todo = "deny"
unimplemented = "deny"
unreachable = "warn"
indexing_slicing = "deny"
string_slice = "warn"
await_holding_lock = "deny"
await_holding_refcell_ref = "deny"
mem_forget = "deny"
doc_markdown = "allow"
duration_suboptimal_units = "allow"
str_to_string = "warn"
# `string_to_string` (RUST_GUIDELINES.md §9) is omitted: clippy removed the
# lint — `implicit_clone` (enabled below) covers those cases.
fallible_impl_from = "deny"
wildcard_enum_match_arm = "deny"
fn_params_excessive_bools = "deny"
must_use_candidate = "warn"
unneeded_field_pattern = "warn"
dbg_macro = "deny"
print_stdout = "deny"
print_stderr = "deny"
redundant_clone = "warn"
implicit_clone = "warn"
needless_pass_by_value = "warn"
large_enum_variant = "warn"
box_collection = "warn"
rc_buffer = "warn"
clone_on_ref_ptr = "deny"
exhaustive_enums = "warn"
exhaustive_structs = "warn"
cognitive_complexity = "warn"
too_many_lines = "warn"

[profile.release]
opt-level = 3
lto = "fat"
codegen-units = 1
panic = "abort"
strip = "symbols"