File tree Expand file tree Collapse file tree
examples/server/oauth-microsoft Expand file tree Collapse file tree Load diff This file was deleted.
Original file line number Diff line number Diff line change @@ -150,7 +150,7 @@ curl -X POST http://localhost:8000/mcp \
150150- ` env.example ` - Environment variables template
151151- ` server.php ` - MCP server with OAuth middleware
152152- ` MicrosoftJwtTokenValidator.php ` - Example-specific validator for Graph/non-Graph tokens
153- - ` MicrosoftOidcMetadataPolicy.php ` - Lenient metadata validation policy
153+ - Uses built-in ` LenientOidcDiscoveryMetadataPolicy ` for metadata validation
154154- ` McpElements.php ` - MCP tools including Graph API integration
155155
156156## Environment Variables
@@ -200,9 +200,8 @@ Microsoft's JWKS endpoint is public. Ensure your container can reach:
200200
201201The default ` StrictOidcDiscoveryMetadataPolicy ` requires ` code_challenge_methods_supported ` .
202202Microsoft Entra ID omits this field despite supporting PKCE with S256.
203- Use the built-in ` LenientOidcDiscoveryMetadataPolicy ` which accepts missing ` code_challenge_methods_supported `
204- (defaults to S256 downstream). The ` MicrosoftOidcMetadataPolicy ` in this example demonstrates
205- how to implement a custom policy via ` OidcDiscoveryMetadataPolicyInterface ` .
203+ This example uses the built-in ` LenientOidcDiscoveryMetadataPolicy ` which accepts missing
204+ ` code_challenge_methods_supported ` (defaults to S256 downstream).
206205
207206### Graph API errors
208207
Original file line number Diff line number Diff line change 1616use Http \Discovery \Psr17Factory ;
1717use Laminas \HttpHandlerRunner \Emitter \SapiEmitter ;
1818use Mcp \Example \Server \OAuthMicrosoft \MicrosoftJwtTokenValidator ;
19- use Mcp \Example \Server \OAuthMicrosoft \MicrosoftOidcMetadataPolicy ;
2019use Mcp \Server ;
2120use Mcp \Server \Session \FileSessionStore ;
2221use Mcp \Server \Transport \Http \Middleware \AuthorizationMiddleware ;
2524use Mcp \Server \Transport \Http \Middleware \ProtectedResourceMetadataMiddleware ;
2625use Mcp \Server \Transport \Http \OAuth \JwksProvider ;
2726use Mcp \Server \Transport \Http \OAuth \JwtTokenValidator ;
27+ use Mcp \Server \Transport \Http \OAuth \LenientOidcDiscoveryMetadataPolicy ;
2828use Mcp \Server \Transport \Http \OAuth \OidcDiscovery ;
2929use Mcp \Server \Transport \Http \OAuth \ProtectedResourceMetadata ;
3030use Mcp \Server \Transport \StreamableHttpTransport ;
3737$ localBaseUrl = 'http://localhost:8000 ' ;
3838
3939$ discovery = new OidcDiscovery (
40- metadataPolicy: new MicrosoftOidcMetadataPolicy (),
40+ metadataPolicy: new LenientOidcDiscoveryMetadataPolicy (),
4141);
4242
4343$ jwtTokenValidator = new JwtTokenValidator (
Load diff This file was deleted.
You can’t perform that action at this time.
0 commit comments