MCPcopy
hub / github.com/github/github-mcp-server / sendAuthChallenge

Function sendAuthChallenge

pkg/http/middleware/token.go:51–56  ·  view source on GitHub ↗

sendAuthChallenge sends a 401 Unauthorized response with WWW-Authenticate header containing the OAuth protected resource metadata URL as per RFC 6750 and MCP spec.

(w http.ResponseWriter, r *http.Request, oauthCfg *oauth.Config)

Source from the content-addressed store, hash-verified

49// sendAuthChallenge sends a 401 Unauthorized response with WWW-Authenticate header
50// containing the OAuth protected resource metadata URL as per RFC 6750 and MCP spec.
51func sendAuthChallenge(w http.ResponseWriter, r *http.Request, oauthCfg *oauth.Config) {
52 resourcePath := oauth.ResolveResourcePath(r, oauthCfg)
53 resourceMetadataURL := oauth.BuildResourceMetadataURL(r, oauthCfg, resourcePath)
54 w.Header().Set("WWW-Authenticate", fmt.Sprintf(`Bearer resource_metadata=%q`, resourceMetadataURL))
55 http.Error(w, "Unauthorized", http.StatusUnauthorized)
56}

Callers 2

TestSendAuthChallengeFunction · 0.85
ExtractUserTokenFunction · 0.85

Calls 4

ResolveResourcePathFunction · 0.92
BuildResourceMetadataURLFunction · 0.92
HeaderMethod · 0.80
ErrorMethod · 0.45

Tested by 1

TestSendAuthChallengeFunction · 0.68