@modelcontextprotocol/sdk
    Preparing search index...

    Class DemoInMemoryAuthProvider

    🚨 DEMO ONLY - NOT FOR PRODUCTION

    This example demonstrates MCP OAuth flow but lacks some of the features required for production use, for example:

    • Persistent token storage
    • Rate limiting

    Implements

    Index

    Constructors

    constructor

    Properties

    clientsStore

    Methods

    authorize challengeForAuthorizationCode exchangeAuthorizationCode exchangeRefreshToken verifyAccessToken

    Constructors

    Properties

    clientsStore: DemoInMemoryClientsStore = ...

    A store used to read information about registered OAuth clients.

    Methods

    • Begins the authorization flow, which can either be implemented by this server itself or via redirection to a separate authorization server.

      This server must eventually issue a redirect with an authorization response or an error response to the given redirect URI. Per OAuth 2.1:

      • In the successful case, the redirect MUST include the code and state (if present) query parameters.
      • In the error case, the redirect MUST include the error query parameter, and MAY include an optional error_description query parameter.

      Parameters

      • client: {
            client_id: string;
            client_id_issued_at?: number;
            client_name?: string;
            client_secret?: string;
            client_secret_expires_at?: number;
            client_uri?: string;
            contacts?: string[];
            grant_types?: string[];
            jwks?: any;
            jwks_uri?: string;
            logo_uri?: string;
            policy_uri?: string;
            redirect_uris: string[];
            response_types?: string[];
            scope?: string;
            software_id?: string;
            software_statement?: string;
            software_version?: string;
            token_endpoint_auth_method?: string;
            tos_uri?: string;
        }
      • params: AuthorizationParams
      • res: Response

      Returns Promise<void>

    • Returns the codeChallenge that was used when the indicated authorization began.

      Parameters

      • client: {
            client_id: string;
            client_id_issued_at?: number;
            client_name?: string;
            client_secret?: string;
            client_secret_expires_at?: number;
            client_uri?: string;
            contacts?: string[];
            grant_types?: string[];
            jwks?: any;
            jwks_uri?: string;
            logo_uri?: string;
            policy_uri?: string;
            redirect_uris: string[];
            response_types?: string[];
            scope?: string;
            software_id?: string;
            software_statement?: string;
            software_version?: string;
            token_endpoint_auth_method?: string;
            tos_uri?: string;
        }
      • authorizationCode: string

      Returns Promise<string>

    • Exchanges an authorization code for an access token.

      Parameters

      • client: {
            client_id: string;
            client_id_issued_at?: number;
            client_name?: string;
            client_secret?: string;
            client_secret_expires_at?: number;
            client_uri?: string;
            contacts?: string[];
            grant_types?: string[];
            jwks?: any;
            jwks_uri?: string;
            logo_uri?: string;
            policy_uri?: string;
            redirect_uris: string[];
            response_types?: string[];
            scope?: string;
            software_id?: string;
            software_statement?: string;
            software_version?: string;
            token_endpoint_auth_method?: string;
            tos_uri?: string;
        }
      • authorizationCode: string
      • Optional_codeVerifier: string

      Returns Promise<
          {
              access_token: string;
              expires_in?: number;
              id_token?: string;
              refresh_token?: string;
              scope?: string;
              token_type: string;
          },
      >

    • Exchanges a refresh token for an access token.

      Parameters

      • _client: {
            client_id: string;
            client_id_issued_at?: number;
            client_name?: string;
            client_secret?: string;
            client_secret_expires_at?: number;
            client_uri?: string;
            contacts?: string[];
            grant_types?: string[];
            jwks?: any;
            jwks_uri?: string;
            logo_uri?: string;
            policy_uri?: string;
            redirect_uris: string[];
            response_types?: string[];
            scope?: string;
            software_id?: string;
            software_statement?: string;
            software_version?: string;
            token_endpoint_auth_method?: string;
            tos_uri?: string;
        }
      • _refreshToken: string
      • Optional_scopes: string[]
      • Optional_resource: URL

      Returns Promise<
          {
              access_token: string;
              expires_in?: number;
              id_token?: string;
              refresh_token?: string;
              scope?: string;
              token_type: string;
          },
      >

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Methods