WorkOsAuthProvider

rust_mcp_extra::auth_provider::work_os

Struct WorkOsAuthProvider 

Source 
pub struct WorkOsAuthProvider { /* private fields */ }
Expand description

WorkOS AuthKit integration implementing AuthProvider for MCP servers.

This provider makes your MCP server compatible with clients that expect standard OAuth2 authorization server and protected resource discovery endpoints when using WorkOS AuthKit as the identity provider.

Implementations§

Source§

impl WorkOsAuthProvider

Source

pub fn new(options: WorkOSAuthOptions<'_>) -> Result<Self, McpSdkError>

Creates a new WorkOsAuthProvider instance.

This performs:

  • Validation and parsing of URLs
  • Construction of OAuth2 metadata documents
  • Setup of token verification using JWKs and UserInfo endpoint

/// # Example

use rust_mcp_extra::auth_provider::work_os::{WorkOSAuthOptions, WorkOsAuthProvider};

let auth_provider = WorkOsAuthProvider::new(WorkOSAuthOptions {
   authkit_domain: "https://your-app.authkit.app".to_string(),
   mcp_server_url: "http://localhost:3000/mcp".to_string(),
})?;

Trait Implementations§

Source§

impl AuthProvider for WorkOsAuthProvider

Source§

fn auth_endpoints(&self) -> Option<&HashMap<String, OauthEndpoint>>

Returns the map of supported OAuth discovery endpoints.

Source§

fn handle_request<'life0, 'life1, 'async_trait>( &'life0 self, request: Request<&'life1 str>, state: Arc<McpAppState>, ) -> Pin<Box<dyn Future<Output = Result<Response<GenericBody>, TransportServerError>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,

Handles incoming requests to OAuth metadata endpoints.

Source§

fn verify_token<'life0, 'async_trait>( &'life0 self, access_token: String, ) -> Pin<Box<dyn Future<Output = Result<AuthInfo, AuthenticationError>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait,

Verifies an access token using JWKs and optional UserInfo validation.

Returns authenticated AuthInfo on success.

Source§

fn protected_resource_metadata_url(&self) -> Option<&str>

Returns the full URL to the protected resource metadata document.

Source§

fn required_scopes(&self) -> Option<&Vec<String>>

Returns an optional list of scopes required to access this resource. If this function returns Some(scopes), the authenticated user’s token must include all of the listed scopes. If any are missing, the request will be rejected with a 403 Forbidden response.
Source§

fn endpoint_type(&self, request: &Request<&str>) -> Option<&OauthEndpoint>

Returns the OauthEndpoint associated with the given request path. Read more
Source§

fn validate_allowed_methods( &self, endpoint: &OauthEndpoint, method: &Method, ) -> Option<Response<BoxBody<Bytes, TransportServerError>>>

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more