Skip to content

Commit 8b6391b

Browse files
jbajba
authored
docs: explain how to get TokenInfo (#502)
1 parent 4fa7258 commit 8b6391b

File tree

2 files changed

+14
-0
lines changed

2 files changed

+14
-0
lines changed

docs/protocol.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -254,6 +254,13 @@ If [`RequireBearerTokenOptions.ResourceMetadataURL`](https://pkg.go.dev/github.c
254254
the middleware function sets the WWW-Authenticate header as required by the [Protected Resource
255255
Metadata spec](https://datatracker.ietf.org/doc/html/rfc9728).
256256

257+
Server handlers, such as tool handlers, can obtain the `TokenInfo` returned by the `TokenVerifier`
258+
from `req.Extra.TokenInfo`, where `req` is the handler's request. (For example, a
259+
[`CallToolRequest`](https://pkg.go.dev/github.com/modelcontextprotocol/go-sdk/mcp#CallToolRequest).)
260+
HTTP handlers wrapped by the `RequireBearerToken` middleware can obtain the `TokenInfo` from the context
261+
with [`auth.TokenInfoFromContext`](https://pkg.go.dev/github.com/modelcontextprotocol/go-sdk/auth#TokenInfoFromContext).
262+
263+
257264
The [_auth middleware example_](https://github.com/modelcontextprotocol/go-sdk/tree/main/examples/server/auth-middleware) shows how to implement authorization for both JWT tokens and API keys.
258265

259266
### Client

internal/docs/protocol.src.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -181,6 +181,13 @@ If [`RequireBearerTokenOptions.ResourceMetadataURL`](https://pkg.go.dev/github.c
181181
the middleware function sets the WWW-Authenticate header as required by the [Protected Resource
182182
Metadata spec](https://datatracker.ietf.org/doc/html/rfc9728).
183183

184+
Server handlers, such as tool handlers, can obtain the `TokenInfo` returned by the `TokenVerifier`
185+
from `req.Extra.TokenInfo`, where `req` is the handler's request. (For example, a
186+
[`CallToolRequest`](https://pkg.go.dev/github.com/modelcontextprotocol/go-sdk/mcp#CallToolRequest).)
187+
HTTP handlers wrapped by the `RequireBearerToken` middleware can obtain the `TokenInfo` from the context
188+
with [`auth.TokenInfoFromContext`](https://pkg.go.dev/github.com/modelcontextprotocol/go-sdk/auth#TokenInfoFromContext).
189+
190+
184191
The [_auth middleware example_](https://github.com/modelcontextprotocol/go-sdk/tree/main/examples/server/auth-middleware) shows how to implement authorization for both JWT tokens and API keys.
185192

186193
### Client

0 commit comments

Comments
 (0)