Noizu.MCP.Auth.ClientStrategy behaviour (Noizu MCP v0.1.3)

Copy Markdown View Source

Client-side authorization strategy for the Streamable HTTP transport.

Configure on the transport:

{Noizu.MCP.Client,
 transport:
   {:streamable_http,
    url: "https://api.example.com/mcp",
    auth: {Noizu.MCP.Auth.Static, token: System.fetch_env!("MCP_TOKEN")}}}

Or the full OAuth 2.1 flow — see Noizu.MCP.Auth.OAuth.

Strategy state lives in the transport process; headers/1 is consulted for every request, and handle_unauthorized/3 runs (serialized) when the server answers 401, or 403 with an insufficient_scope challenge.

Summary

Types

state()

Callbacks

handle_unauthorized(arg1, info, state)

React to a 401/403 challenge. Return {:retry, state} to retry the request with fresh headers/1, or {:error, reason, state} to give up.

headers(state)

Authorization headers for the next request (may refresh tokens).

init(opts)

Initialize. opts includes :mcp_url (the server URL) injected by the transport.

Types

state()

@type state() :: term()

Callbacks

handle_unauthorized(arg1, info, state)

@callback handle_unauthorized(
  Noizu.MCP.Auth.WWWAuthenticate.t() | nil,
  info :: map(),
  state()
) ::
  {:retry, state()} | {:error, term(), state()}

React to a 401/403 challenge. Return {:retry, state} to retry the request with fresh headers/1, or {:error, reason, state} to give up.

headers(state)

@callback headers(state()) :: {[{binary(), binary()}], state()}

Authorization headers for the next request (may refresh tokens).

init(opts)

@callback init(opts :: keyword()) :: {:ok, state()} | {:error, term()}

Initialize. opts includes :mcp_url (the server URL) injected by the transport.