ExMCP.Internal.SecurityConfig (ex_mcp v0.10.0)

View Source

Centralized security configuration management with validation.

This module provides secure defaults and configuration validation for the ExMCP security system.

Summary

Functions

default_beam_user_resolver(request_context)

Default user ID resolver for BEAM transport.

default_http_user_resolver(request_context)

Default user ID resolver for HTTP transport.

default_stdio_user_resolver(request_context)

Default user ID resolver for stdio transport.

get_security_config()

Gets the current security configuration.

get_transport_config(transport, base_config \\ %{})

Gets security configuration for a specific transport.

validate_config(config)

Validates security configuration.

Functions

default_beam_user_resolver(request_context)

Default user ID resolver for BEAM transport.

Uses node-based identification for distributed systems.

default_http_user_resolver(request_context)

Default user ID resolver for HTTP transport.

Extracts user ID from request context, headers, or session.

default_stdio_user_resolver(request_context)

Default user ID resolver for stdio transport.

Uses system user or process-based identification.

get_security_config()

@spec get_security_config() :: map()

Gets the current security configuration.

Merges application configuration with secure defaults and validates the result.

get_transport_config(transport, base_config \\ %{})

@spec get_transport_config(atom(), map()) :: map()

Gets security configuration for a specific transport.

Includes transport-specific settings and user ID resolution.

validate_config(config)

@spec validate_config(map()) :: {:ok, map()} | {:error, String.t()}

Validates security configuration.

Ensures all required fields are present and have valid values.