# oauth_mcp_bridge v0.1.0-dev.0 - Table of Contents

> A generic OAuth 2.1-to-MCP authorization bridge (GitHub login) — stateless macaroon tokens, no database, survives scale-to-zero restarts.

## Pages

- [oauth-mcp-bridge](readme.md)

## Modules

- [OAuthMCPBridge.Artifact](OAuthMCPBridge.Artifact.md): Purpose-scoped OAuth artifacts, each a macaroon (`OAuthMCPBridge.Macaroon`) —
fully stateless, so nothing is lost across scale-to-zero restarts and there is
no database or volume.
- [OAuthMCPBridge.BaseURL](OAuthMCPBridge.BaseURL.md): The public base URL for a request — shared by `OAuth` (OAuth endpoints,
issuer) and `LandingPlug` (the MCP connection URL shown on the landing page).
- [OAuthMCPBridge.Guard](OAuthMCPBridge.Guard.md): Bearer-token enforcement for the MCP endpoint. Which paths need the guard is
app-specific route knowledge, so this only provides the check itself — call
`require_bearer/1` from your own router on whichever paths you gate
- [OAuthMCPBridge.LandingPlug](OAuthMCPBridge.LandingPlug.md): A minimal, static, unauthenticated landing page — not the MCP endpoint
itself. Dependency-free: no template engine, no JS, just an inlined
stylesheet.
- [OAuthMCPBridge.Macaroon](OAuthMCPBridge.Macaroon.md): A minimal, self-owned macaroon — first-party caveats only (no third-party
discharge). We own this rather than pull a stale hex dep because it is the
security-critical token primitive.
- [OAuthMCPBridge.OAuth](OAuthMCPBridge.OAuth.md): An OAuth 2.1 authorization server that bridges MCP clients to GitHub login.
- [OAuthMCPBridge.Whitelist](OAuthMCPBridge.Whitelist.md): Parses the GitHub-login allowlist config format into the map
`OAuthMCPBridge.OAuth.check_whitelist/2` expects, ready to
`:persistent_term.put({:oauth_mcp_bridge, :auth}, ...)`.

