rust-mcp-sdk 0.9.0

An asynchronous SDK and framework for building MCP-Servers and MCP-Clients, leveraging the rust-mcp-schema for type safe MCP Schema Objects.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

#[cfg(feature = "auth")]
use crate::auth::{AuthClaims, AuthenticationError, IntrospectionResponse};
use crate::{auth::Audience, utils::unix_timestamp_to_systemtime};
#[cfg(feature = "auth")]
use jsonwebtoken::TokenData;
use serde::{Deserialize, Serialize};
use serde_json::Map;
use std::time::SystemTime;

/// Information about a validated access token, provided to request handlers.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthInfo {
    /// Contains a unique id for jwt
    /// use jti claim if available, otherwise use token or a reliable hash of token
    pub token_unique_id: String,

    /// The client ID associated with this token.
    #[serde(skip_serializing_if = "std::option::Option::is_none")]
    pub client_id: Option<String>,

    /// Optional user identifier for the token
    #[serde(skip_serializing_if = "std::option::Option::is_none")]
    pub user_id: Option<String>,

    /// Scopes associated with this token.
    #[serde(skip_serializing_if = "std::option::Option::is_none")]
    pub scopes: Option<Vec<String>>,

    /// When the token expires (in seconds since epoch).
    /// This field is optional, as the token may not have an expiration time.
    #[serde(skip_serializing_if = "std::option::Option::is_none")]
    pub expires_at: Option<SystemTime>,

    /// The RFC 8707 resource server identifier for which this token is valid.
    /// If set, this MUST match the MCP server's resource identifier (minus hash fragment).
    #[serde(skip_serializing_if = "std::option::Option::is_none")]
    pub audience: Option<Audience>,

    /// Additional data associated with the token.
    /// This field can be used to attach any extra data to the auth info.
    #[serde(flatten, skip_serializing_if = "std::option::Option::is_none")]
    pub extra: Option<Map<String, serde_json::Value>>,
}

#[cfg(feature = "auth")]
impl AuthInfo {
    pub fn from_token_data(
        token: String,
        token_data: TokenData<AuthClaims>,
        extra: Option<Map<String, serde_json::Value>>,
    ) -> Result<Self, AuthenticationError> {
        let client_id = token_data.claims.authorized_party.or(token_data
            .claims
            .client_id
            .or(token_data.claims.application_id));

        let scopes = token_data
            .claims
            .scope
            .map(|c| c.split(" ").map(|s| s.to_string()).collect::<Vec<_>>());

        let expires_at = token_data
            .claims
            .expiration
            .map(|v| unix_timestamp_to_systemtime(v as u64));

        let token_unique_id = token_data.claims.jwt_id.unwrap_or(token);

        Ok(AuthInfo {
            token_unique_id,
            client_id,
            scopes,
            user_id: token_data.claims.subject,
            expires_at,
            audience: token_data.claims.audience,
            extra,
        })
    }

    pub fn from_introspection_response(
        token: String,
        data: IntrospectionResponse,
        extra: Option<Map<String, serde_json::Value>>,
    ) -> Result<Self, AuthenticationError> {
        let scopes = data
            .scope
            .map(|c| c.split(" ").map(|s| s.to_string()).collect::<Vec<_>>());

        let expires_at = data
            .expiration
            .map(|v| unix_timestamp_to_systemtime(v as u64));

        let token_unique_id = data.jwt_id.unwrap_or(token);

        Ok(AuthInfo {
            token_unique_id,
            client_id: data.client_id,
            user_id: data.subject,
            scopes,
            expires_at,
            audience: data.audience,
            extra,
        })
    }
}