ExMCP.Authorization.ServerConfig (ex_mcp v0.10.0)
View SourceCentralized configuration management for OAuth 2.1 authorization server settings.
This module provides a unified interface for managing OAuth authorization server configurations including validation, runtime updates, and environment-based settings. It supports multiple authorization servers and provides validation for security requirements (HTTPS enforcement, etc.).
Configuration Format
The configuration can be specified in multiple ways:
Application Environment
config :ex_mcp, ExMCP.Authorization.ServerConfig,
default_server: :auth_server,
servers: %{
auth_server: %{
introspection_endpoint: "https://auth.example.com/introspect",
realm: "mcp-server",
client_id: "mcp-server-id",
client_secret: "server-secret"
},
backup_server: %{
introspection_endpoint: "https://backup-auth.example.com/introspect",
realm: "mcp-backup"
}
}Runtime Configuration
ExMCP.Authorization.ServerConfig.put_server(:my_server, %{
introspection_endpoint: "https://new-auth.example.com/introspect",
realm: "my-realm"
})Usage
# Get default server config
{:ok, config} = ExMCP.Authorization.ServerConfig.get_server()
# Get specific server config
{:ok, config} = ExMCP.Authorization.ServerConfig.get_server(:backup_server)
# Validate configuration
:ok = ExMCP.Authorization.ServerConfig.validate_config(config)
# List all configured servers
servers = ExMCP.Authorization.ServerConfig.list_servers()Summary
Functions
Returns a specification to start this module under a supervisor.
Removes a server configuration.
Gets the default server ID.
Gets the configuration for the default authorization server.
Gets the configuration for a specific authorization server.
Lists all configured server IDs.
Sets the configuration for a specific authorization server.
Reloads configuration from application environment.
Sets the default server ID.
Starts the ServerConfig GenServer.
Validates a server configuration.
Types
@type config_error() :: :not_found | :invalid_config | :https_required
@type server_config() :: %{ :introspection_endpoint => String.t(), optional(:realm) => String.t(), optional(:client_id) => String.t(), optional(:client_secret) => String.t(), optional(:timeout) => pos_integer(), optional(:retries) => non_neg_integer() }
Functions
Returns a specification to start this module under a supervisor.
See Supervisor.
@spec delete_server(server_id()) :: :ok
Removes a server configuration.
@spec get_default_server_id() :: server_id()
Gets the default server ID.
@spec get_server() :: {:ok, server_config()} | {:error, config_error()}
Gets the configuration for the default authorization server.
@spec get_server(server_id()) :: {:ok, server_config()} | {:error, config_error()}
Gets the configuration for a specific authorization server.
@spec list_servers() :: [server_id()]
Lists all configured server IDs.
@spec put_server(server_id(), server_config()) :: :ok | {:error, config_error()}
Sets the configuration for a specific authorization server.
The configuration is validated before being stored.
@spec reload_from_env() :: :ok
Reloads configuration from application environment.
This is useful when configuration has been updated at runtime.
@spec set_default_server_id(server_id()) :: :ok
Sets the default server ID.
@spec start_link(keyword()) :: GenServer.on_start()
Starts the ServerConfig GenServer.
@spec validate_config(server_config()) :: :ok | {:error, config_error()}
Validates a server configuration.
Validation Rules
introspection_endpointmust be a valid HTTPS URL (HTTP allowed for localhost/127.0.0.1)realmmust be a non-empty string if providedtimeoutmust be a positive integer if providedretriesmust be a non-negative integer if provided