sendAuthChallenge sends a 401 Unauthorized response with WWW-Authenticate header containing the OAuth protected resource metadata URL as per RFC 6750 and MCP spec.
(w http.ResponseWriter, r *http.Request, oauthCfg *oauth.Config)
| 49 | // sendAuthChallenge sends a 401 Unauthorized response with WWW-Authenticate header |
| 50 | // containing the OAuth protected resource metadata URL as per RFC 6750 and MCP spec. |
| 51 | func sendAuthChallenge(w http.ResponseWriter, r *http.Request, oauthCfg *oauth.Config) { |
| 52 | resourcePath := oauth.ResolveResourcePath(r, oauthCfg) |
| 53 | resourceMetadataURL := oauth.BuildResourceMetadataURL(r, oauthCfg, resourcePath) |
| 54 | w.Header().Set("WWW-Authenticate", fmt.Sprintf(`Bearer resource_metadata=%q`, resourceMetadataURL)) |
| 55 | http.Error(w, "Unauthorized", http.StatusUnauthorized) |
| 56 | } |