MCPcopy Index your code
hub / github.com/modelcontextprotocol/python-sdk / validate_issuer_url

Function validate_issuer_url

src/mcp/server/auth/routes.py:24–42  ·  view source on GitHub ↗

Validate that the issuer URL meets OAuth 2.0 requirements. Args: url: The issuer URL to validate. Raises: ValueError: If the issuer URL is invalid.

(url: AnyHttpUrl)

Source from the content-addressed store, hash-verified

22
23
24def validate_issuer_url(url: AnyHttpUrl):
25 """Validate that the issuer URL meets OAuth 2.0 requirements.
26
27 Args:
28 url: The issuer URL to validate.
29
30 Raises:
31 ValueError: If the issuer URL is invalid.
32 """
33
34 # RFC 8414 requires HTTPS, but we allow loopback/localhost HTTP for testing
35 if url.scheme != "https" and url.host not in ("localhost", "127.0.0.1", "[::1]"):
36 raise ValueError("Issuer URL must be HTTPS")
37
38 # No fragments or query parameters allowed
39 if url.fragment:
40 raise ValueError("Issuer URL must not have a fragment")
41 if url.query:
42 raise ValueError("Issuer URL must not have a query string")
43
44
45AUTHORIZATION_PATH = "/authorize"

Calls

no outgoing calls