-
Notifications
You must be signed in to change notification settings - Fork 689
Expand file tree
/
Copy pathClientOAuthOptions.cs
More file actions
89 lines (81 loc) · 3.48 KB
/
ClientOAuthOptions.cs
File metadata and controls
89 lines (81 loc) · 3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
namespace ModelContextProtocol.Authentication;
/// <summary>
/// Provides configuration options for the <see cref="ClientOAuthProvider"/>.
/// </summary>
public sealed class ClientOAuthOptions
{
/// <summary>
/// Gets or sets the OAuth redirect URI.
/// </summary>
public required Uri RedirectUri { get; set; }
/// <summary>
/// Gets or sets the OAuth client ID. If not provided, the client will attempt to register dynamically.
/// </summary>
public string? ClientId { get; set; }
/// <summary>
/// Gets or sets the OAuth client secret.
/// </summary>
/// <remarks>
/// This is optional for public clients or when using PKCE without client authentication.
/// </remarks>
public string? ClientSecret { get; set; }
/// <summary>
/// Gets or sets the OAuth scopes to request.
/// </summary>
/// <remarks>
/// <para>
/// When specified, these scopes will be used instead of the scopes advertised by the protected resource.
/// If not specified, the provider will use the scopes from the protected resource metadata.
/// </para>
/// <para>
/// Common OAuth scopes include "openid", "profile", "email", etc.
/// </para>
/// </remarks>
public IEnumerable<string>? Scopes { get; set; }
/// <summary>
/// Gets or sets the authorization redirect delegate for handling the OAuth authorization flow.
/// </summary>
/// <remarks>
/// <para>
/// This delegate is responsible for handling the OAuth authorization URL and obtaining the authorization code.
/// If not specified, a default implementation will be used that prompts the user to enter the code manually.
/// </para>
/// <para>
/// Custom implementations might open a browser, start an HTTP listener, or use other mechanisms to capture
/// the authorization code from the OAuth redirect.
/// </para>
/// </remarks>
public AuthorizationRedirectDelegate? AuthorizationRedirectDelegate { get; set; }
/// <summary>
/// Gets or sets the authorization server selector function.
/// </summary>
/// <remarks>
/// <para>
/// This function is used to select which authorization server to use when multiple servers are available.
/// If not specified, the first available server will be selected.
/// </para>
/// <para>
/// The function receives a list of available authorization server URIs and should return the selected server,
/// or null if no suitable server is found.
/// </para>
/// </remarks>
public Func<IReadOnlyList<Uri>, Uri?>? AuthServerSelector { get; set; }
/// <summary>
/// Gets or sets the options to use during dynamic client registration.
/// </summary>
/// <remarks>
/// Only used when a <see cref="ClientId"/> is not specified.
/// </remarks>
public DynamicClientRegistrationOptions? DynamicClientRegistration { get; set; }
/// <summary>
/// Gets or sets additional parameters to include in the query string of the OAuth authorization request
/// providing extra information or fulfilling specific requirements of the OAuth provider.
/// </summary>
/// <remarks>
/// <para>
/// Parameters specified cannot override or append to any automatically set parameters like the "redirect_uri"
/// which should instead be configured via <see cref="RedirectUri"/>.
/// </para>
/// </remarks>
public IDictionary<string, string> AdditionalAuthorizationParameters { get; set; } = new Dictionary<string, string>();
}