|
| 1 | +// Package v0 contains API handlers for version 0 of the API |
| 2 | +package v0 |
| 3 | + |
| 4 | +import ( |
| 5 | + "encoding/json" |
| 6 | + "io" |
| 7 | + "net/http" |
| 8 | + |
| 9 | + "github.com/modelcontextprotocol/registry/internal/auth" |
| 10 | + "github.com/modelcontextprotocol/registry/internal/model" |
| 11 | +) |
| 12 | + |
| 13 | +// StartAuthHandler handles requests to start an authentication flow |
| 14 | +func StartAuthHandler(authService auth.Service) http.HandlerFunc { |
| 15 | + return func(w http.ResponseWriter, r *http.Request) { |
| 16 | + // Only allow POST method |
| 17 | + if r.Method != http.MethodPost { |
| 18 | + http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) |
| 19 | + return |
| 20 | + } |
| 21 | + |
| 22 | + // Read the request body |
| 23 | + body, err := io.ReadAll(r.Body) |
| 24 | + if err != nil { |
| 25 | + http.Error(w, "Error reading request body", http.StatusBadRequest) |
| 26 | + return |
| 27 | + } |
| 28 | + defer r.Body.Close() |
| 29 | + |
| 30 | + // Parse request body into AuthRequest struct |
| 31 | + var authReq struct { |
| 32 | + Method string `json:"method"` |
| 33 | + RepoRef string `json:"repo_ref"` |
| 34 | + } |
| 35 | + err = json.Unmarshal(body, &authReq) |
| 36 | + if err != nil { |
| 37 | + http.Error(w, "Invalid request payload: "+err.Error(), http.StatusBadRequest) |
| 38 | + return |
| 39 | + } |
| 40 | + |
| 41 | + // Validate required fields |
| 42 | + if authReq.Method == "" { |
| 43 | + http.Error(w, "Auth method is required", http.StatusBadRequest) |
| 44 | + return |
| 45 | + } |
| 46 | + |
| 47 | + // Convert string method to enum type |
| 48 | + var method model.AuthMethod |
| 49 | + switch authReq.Method { |
| 50 | + case "github": |
| 51 | + method = model.AuthMethodGitHub |
| 52 | + default: |
| 53 | + http.Error(w, "Unsupported authentication method", http.StatusBadRequest) |
| 54 | + return |
| 55 | + } |
| 56 | + |
| 57 | + // Start auth flow |
| 58 | + flowInfo, statusToken, err := authService.StartAuthFlow(r.Context(), method, authReq.RepoRef) |
| 59 | + if err != nil { |
| 60 | + http.Error(w, "Failed to start auth flow: "+err.Error(), http.StatusInternalServerError) |
| 61 | + return |
| 62 | + } |
| 63 | + |
| 64 | + // Return successful response |
| 65 | + w.Header().Set("Content-Type", "application/json") |
| 66 | + w.WriteHeader(http.StatusOK) |
| 67 | + json.NewEncoder(w).Encode(map[string]interface{}{ |
| 68 | + "flow_info": flowInfo, |
| 69 | + "status_token": statusToken, |
| 70 | + "expires_in": 300, // 5 minutes |
| 71 | + }) |
| 72 | + } |
| 73 | +} |
| 74 | + |
| 75 | +// CheckAuthStatusHandler handles requests to check the status of an authentication flow |
| 76 | +func CheckAuthStatusHandler(authService auth.Service) http.HandlerFunc { |
| 77 | + return func(w http.ResponseWriter, r *http.Request) { |
| 78 | + // Only allow GET method |
| 79 | + if r.Method != http.MethodGet { |
| 80 | + http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) |
| 81 | + return |
| 82 | + } |
| 83 | + |
| 84 | + // Get status token from query parameter |
| 85 | + statusToken := r.URL.Query().Get("token") |
| 86 | + if statusToken == "" { |
| 87 | + http.Error(w, "Status token is required", http.StatusBadRequest) |
| 88 | + return |
| 89 | + } |
| 90 | + |
| 91 | + // Check auth status |
| 92 | + token, err := authService.CheckAuthStatus(r.Context(), statusToken) |
| 93 | + if err != nil { |
| 94 | + if err.Error() == "pending" { |
| 95 | + // Auth is still pending |
| 96 | + w.Header().Set("Content-Type", "application/json") |
| 97 | + w.WriteHeader(http.StatusOK) |
| 98 | + json.NewEncoder(w).Encode(map[string]interface{}{ |
| 99 | + "status": "pending", |
| 100 | + }) |
| 101 | + return |
| 102 | + } |
| 103 | + |
| 104 | + // Other error |
| 105 | + http.Error(w, "Failed to check auth status: "+err.Error(), http.StatusInternalServerError) |
| 106 | + return |
| 107 | + } |
| 108 | + |
| 109 | + // Authentication completed successfully |
| 110 | + w.Header().Set("Content-Type", "application/json") |
| 111 | + w.WriteHeader(http.StatusOK) |
| 112 | + json.NewEncoder(w).Encode(map[string]interface{}{ |
| 113 | + "status": "complete", |
| 114 | + "token": token, |
| 115 | + }) |
| 116 | + } |
| 117 | +} |
0 commit comments