Skip to main content

OAuthProxyConfig

rmcp_server_kit::oauth

Struct OAuthProxyConfig 

Source 
#[non_exhaustive]
pub struct OAuthProxyConfig {
    pub authorize_url: String,
    pub token_url: String,
    pub client_id: String,
    pub client_secret: Option<SecretString>,
    pub introspection_url: Option<String>,
    pub revocation_url: Option<String>,
    pub expose_admin_endpoints: bool,
    pub require_auth_on_admin_endpoints: bool,
    pub allow_unauthenticated_admin_endpoints: bool,
}
Expand description

Configuration for proxying OAuth 2.1 flows to an upstream identity provider.

When present, the MCP server exposes /authorize, /token, and /register endpoints that proxy to the upstream identity provider (e.g. Keycloak). MCP clients see this server as the authorization server and perform a standard Authorization Code + PKCE flow.

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§authorize_url: String

Upstream authorization endpoint (e.g. https://keycloak.example.com/realms/myrealm/protocol/openid-connect/auth).

§token_url: String

Upstream token endpoint (e.g. https://keycloak.example.com/realms/myrealm/protocol/openid-connect/token).

§client_id: String

OAuth client_id registered at the upstream identity provider.

§client_secret: Option<SecretString>

OAuth client_secret (for confidential clients). Omit for public clients.

§introspection_url: Option<String>

Optional upstream RFC 7662 introspection endpoint. When set and Self::expose_admin_endpoints is true, the server exposes a local /introspect endpoint that proxies to it.

§revocation_url: Option<String>

Optional upstream RFC 7009 revocation endpoint. When set and Self::expose_admin_endpoints is true, the server exposes a local /revoke endpoint that proxies to it.

§expose_admin_endpoints: bool

Whether to expose the OAuth admin endpoints (/introspect, /revoke) and advertise them in the authorization-server metadata document.

Default: false. These endpoints are unauthenticated at the transport layer (the OAuth proxy router is mounted outside the MCP auth middleware) and proxy directly to the upstream IdP. If enabled, you are responsible for restricting access at the network boundary (firewall, reverse proxy, mTLS) or by routing the entire rmcp-server-kit process behind an authenticated ingress. Leaving this false (the default) makes the endpoints return 404.

§require_auth_on_admin_endpoints: bool

Require the normal authentication middleware before the local /introspect and /revoke proxy endpoints are reached.

Default: false for backward compatibility. New deployments should set this to true when exposing admin endpoints.

§allow_unauthenticated_admin_endpoints: bool

Explicit operator opt-out for the M3 startup check that rejects expose_admin_endpoints = true combined with require_auth_on_admin_endpoints = false.

Default: false. Setting this to true allows the unauth admin-endpoint combination to start, which is only safe when the rmcp-server-kit process sits behind an authenticated reverse proxy / ingress that screens /introspect and /revoke itself. Production deployments should leave this false and instead set require_auth_on_admin_endpoints = true.

Implementations§

Source§

impl OAuthProxyConfig

Source

pub fn builder( authorize_url: impl Into<String>, token_url: impl Into<String>, client_id: impl Into<String>, ) -> OAuthProxyConfigBuilder

Start building an OAuthProxyConfig with the three required upstream fields.

Optional settings (client_secret, introspection_url, revocation_url, expose_admin_endpoints) default to their Default values and can be set via the corresponding builder methods.

Trait Implementations§

Source§

impl Clone for OAuthProxyConfig

Source§

fn clone(&self) -> OAuthProxyConfig

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for OAuthProxyConfig

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for OAuthProxyConfig

Source§

fn default() -> OAuthProxyConfig

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for OAuthProxyConfig

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,