ExMCP.Security.TokenHandler (ex_mcp v0.9.2)

View Source

Handles token processing and sanitization of requests.

This module is responsible for tasks like checking for token passthrough, classifying URLs, and stripping sensitive headers from requests.

Summary

Functions

check_token_passthrough(url, headers, config)

Checks for and prevents token passthrough to external resources.

classify_url(url, trusted_origins)

Classifies a URL as :internal or :external based on trusted origins.

extract_origin(url)

Extracts the origin (scheme://host:port) from a URL string.

strip_sensitive_headers(headers, atom)

Strips sensitive headers if the resource classification is :external.

Functions

check_token_passthrough(url, headers, config)

@spec check_token_passthrough(String.t(), [{String.t(), String.t()}], map()) ::
  {:ok, [{String.t(), String.t()}]}

Checks for and prevents token passthrough to external resources.

It classifies the URL, and if it's external, it strips sensitive headers. This is a key part of preventing confused deputy attacks.

classify_url(url, trusted_origins)

@spec classify_url(String.t(), [String.t()]) :: :internal | :external

Classifies a URL as :internal or :external based on trusted origins.

Trusted origins are hosts that are considered part of the same security domain. Wildcard matching (*.example.com) is supported for subdomains.

extract_origin(url)

@spec extract_origin(String.t()) :: {:ok, String.t()} | {:error, :invalid_uri}

Extracts the origin (scheme://host:port) from a URL string.

strip_sensitive_headers(headers, atom)

@spec strip_sensitive_headers([{String.t(), String.t()}], :internal | :external) :: [
  {String.t(), String.t()}
]

Strips sensitive headers if the resource classification is :external.