Documentation
¶
Overview ¶
Package oauth provides adapters for integrating the github.com/giantswarm/mcp-oauth library with the mcp-kubernetes MCP server.
This package bridges the mcp-oauth library with our existing server architecture, providing token provider integration and configuration mapping for Kubernetes contexts that may require OAuth authentication.
Dependency Security Note: This package depends on github.com/giantswarm/mcp-oauth for OAuth 2.1 implementation. The library provides: PKCE enforcement, refresh token rotation, rate limiting, and audit logging. Security posture: Actively maintained, implements OAuth 2.1 specification.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ContextWithAccessToken ¶
ContextWithAccessToken creates a context with the given OAuth ID token. This is used to pass the user's Google OAuth ID token for downstream Kubernetes OIDC authentication. Note: Kubernetes OIDC requires the ID token, not the access token.
func GetAccessTokenFromContext ¶
GetAccessTokenFromContext retrieves the OAuth ID token from the context. This returns the user's Google OAuth ID token that can be used for downstream Kubernetes OIDC authentication. Returns the ID token and true if present, or empty string and false if not available.
func GetIDToken ¶
GetIDToken extracts the ID token from an OAuth2 token. Google OAuth responses include an id_token in the Extra data. Kubernetes OIDC authentication requires the ID token, not the access token.
Source Files