MCPcopy Index your code
hub / github.com/modelcontextprotocol/typescript-sdk / executeTokenRequest

Function executeTokenRequest

src/client/auth.ts:1211–1259  ·  view source on GitHub ↗

* Internal helper to execute a token request with the given parameters. * Used by exchangeAuthorization, refreshAuthorization, and fetchToken.

(
    authorizationServerUrl: string | URL,
    {
        metadata,
        tokenRequestParams,
        clientInformation,
        addClientAuthentication,
        resource,
        fetchFn
    }: {
        metadata?: AuthorizationServerMetadata;
        tokenRequestParams: URLSearchParams;
        clientInformation?: OAuthClientInformationMixed;
        addClientAuthentication?: OAuthClientProvider['addClientAuthentication'];
        resource?: URL;
        fetchFn?: FetchLike;
    }
)

Source from the content-addressed store, hash-verified

1209 * Used by exchangeAuthorization, refreshAuthorization, and fetchToken.
1210 */
1211async function executeTokenRequest(
1212 authorizationServerUrl: string | URL,
1213 {
1214 metadata,
1215 tokenRequestParams,
1216 clientInformation,
1217 addClientAuthentication,
1218 resource,
1219 fetchFn
1220 }: {
1221 metadata?: AuthorizationServerMetadata;
1222 tokenRequestParams: URLSearchParams;
1223 clientInformation?: OAuthClientInformationMixed;
1224 addClientAuthentication?: OAuthClientProvider['addClientAuthentication'];
1225 resource?: URL;
1226 fetchFn?: FetchLike;
1227 }
1228): Promise<OAuthTokens> {
1229 const tokenUrl = metadata?.token_endpoint ? new URL(metadata.token_endpoint) : new URL('/token', authorizationServerUrl);
1230
1231 const headers = new Headers({
1232 'Content-Type': 'application/x-www-form-urlencoded',
1233 Accept: 'application/json'
1234 });
1235
1236 if (resource) {
1237 tokenRequestParams.set('resource', resource.href);
1238 }
1239
1240 if (addClientAuthentication) {
1241 await addClientAuthentication(headers, tokenRequestParams, tokenUrl, metadata);
1242 } else if (clientInformation) {
1243 const supportedMethods = metadata?.token_endpoint_auth_methods_supported ?? [];
1244 const authMethod = selectClientAuthMethod(clientInformation, supportedMethods);
1245 applyClientAuthentication(authMethod, clientInformation as OAuthClientInformation, headers, tokenRequestParams);
1246 }
1247
1248 const response = await (fetchFn ?? fetch)(tokenUrl, {
1249 method: 'POST',
1250 headers,
1251 body: tokenRequestParams
1252 });
1253
1254 if (!response.ok) {
1255 throw await parseErrorResponse(response);
1256 }
1257
1258 return OAuthTokensSchema.parse(await response.json());
1259}
1260
1261/**
1262 * Exchanges an authorization code for an access token with the given server.

Callers 3

exchangeAuthorizationFunction · 0.85
refreshAuthorizationFunction · 0.85
fetchTokenFunction · 0.85

Calls 4

selectClientAuthMethodFunction · 0.85
parseErrorResponseFunction · 0.85
parseMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…