Skip to main content

idprova_mcp/
lib.rs

1//! # idprova-mcp
2//!
3//! Drop-in identity verification middleware for MCP (Model Context Protocol) servers.
4//!
5//! Provides [`McpAuth`] for verifying DAT bearer tokens against required scopes,
6//! and [`McpReceiptLog`] for building hash-chained audit trails of MCP tool calls.
7//!
8//! ## Quick Start
9//!
10//! ```rust,no_run
11//! use idprova_mcp::{McpAuth, McpAuthError};
12//!
13//! // Create an auth verifier (offline mode — no registry lookup)
14//! let auth = McpAuth::offline();
15//!
16//! // Verify a DAT token against a required scope
17//! // let agent = auth.verify_request(&dat_token, "mcp:tool:filesystem:read", &pub_key)?;
18//! ```
19//!
20//! ## Modules
21//!
22//! - [`auth`] — Core authentication: `McpAuth`, `VerifiedAgent`
23//! - [`error`] — Error types: `McpAuthError`
24//! - [`scope`] — Scope matching (delegates to `idprova-core`)
25//! - [`receipt`] — Receipt logging for MCP tool calls
26
27pub mod auth;
28pub mod error;
29pub mod receipt;
30pub mod scope;
31
32pub use auth::{McpAuth, VerifiedAgent};
33pub use error::McpAuthError;
34pub use receipt::McpReceiptLog;
35pub use scope::scope_covers;