Class: Mcp::OauthMetadataController

Inherits:

ActionController::Base

Object
ActionController::Base
Mcp::OauthMetadataController

show all

Defined in:: app/controllers/mcp/oauth_metadata_controller.rb

Overview

Controller: oauth metadata.

Instance Method Summary collapse

#protected_resource ⇒ Object
RFC 9728 - OAuth 2.0 Protected Resource Metadata Claude Desktop fetches this to discover which authorization server protects this MCP resource.
#show ⇒ Object
RFC 8414 - OAuth 2.0 Authorization Server Metadata.

Instance Method Details

#protected_resource ⇒ `Object`

RFC 9728 - OAuth 2.0 Protected Resource Metadata
Claude Desktop fetches this to discover which authorization server
protects this MCP resource.

# File 'app/controllers/mcp/oauth_metadata_controller.rb', line 37

def protected_resource
  base_url = "#{request.protocol}#{request.host_with_port}"
  render json: Mcp::DiscoveryMetadata.protected_resource(
    resource: base_url, authorization_servers: [base_url]
  )
end

#show ⇒ `Object`

RFC 8414 - OAuth 2.0 Authorization Server Metadata.
Self-describing: the issuer is derived from the request host so the
gateway advertises itself at whatever mcp.* host the client reached.

# File 'app/controllers/mcp/oauth_metadata_controller.rb', line 29

def show
  base_url = "#{request.protocol}#{request.host_with_port}"
  render json: Mcp::DiscoveryMetadata.authorization_server(issuer: base_url)
end