Functional cleanup

localden · localden · commit 4d379914ae8d · 2025-05-01T17:38:52.000-07:00
diff --git a/src/ModelContextProtocol.AspNetCore/AuthorizationMiddleware.cs b/src/ModelContextProtocol.AspNetCore/AuthorizationMiddleware.cs
@@ -58,25 +58,8 @@ await JsonSerializer.SerializeAsync(
                 authProvider.GetProtectedResourceMetadata(),
                 McpJsonUtilities.DefaultOptions.GetTypeInfo(typeof(ProtectedResourceMetadata)));
             return;
-        }
-
-        // Proceed to the next middleware - authorization for SSE and message endpoints
+        }        // Proceed to the next middleware - authorization for SSE and message endpoints
         // is now handled by endpoint filters
         await _next(context);
     }
-
-    private static string GetPrmUrl(HttpContext context, string resourceUri)
-    {
-        // Use the actual resource URI from PRM if it's an absolute URL, otherwise build the URL
-        if (Uri.TryCreate(resourceUri, UriKind.Absolute, out _))
-        {
-            return $"{resourceUri.TrimEnd('/')}/.well-known/oauth-protected-resource";
-        }
-
-        // Build the URL from the current request
-        var request = context.Request;
-        var scheme = request.Scheme;
-        var host = request.Host.Value;
-        return $"{scheme}://{host}/.well-known/oauth-protected-resource";
-    }
 }
diff --git a/src/ModelContextProtocol.AspNetCore/McpEndpointAuthorizationFilter.cs b/src/ModelContextProtocol.AspNetCore/McpEndpointAuthorizationFilter.cs
@@ -28,10 +28,9 @@ public McpEndpointAuthorizationFilter(ILogger logger, IServerAuthorizationProvid
 
         // Check if the Authorization header is present
         if (!httpContext.Request.Headers.TryGetValue("Authorization", out var authHeader) || string.IsNullOrEmpty(authHeader))
-        {
-            // No Authorization header present, return 401 Unauthorized
+        {            // No Authorization header present, return 401 Unauthorized
             var prm = _authProvider.GetProtectedResourceMetadata();
-            var prmUrl = GetPrmUrl(httpContext, prm.Resource);
+            var prmUrl = ProtectedResourceMetadataHandler.GetProtectedResourceMetadataUrl(prm.Resource);
             
             _logger.LogDebug("Authorization required, returning 401 Unauthorized with WWW-Authenticate header");
             httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
@@ -43,28 +42,15 @@ public McpEndpointAuthorizationFilter(ILogger logger, IServerAuthorizationProvid
         string authHeaderValue = authHeader.ToString();
         bool isValid = await _authProvider.ValidateTokenAsync(authHeaderValue);
         if (!isValid)
-        {
-            // Invalid token, return 401 Unauthorized
+        {            // Invalid token, return 401 Unauthorized
             var prm = _authProvider.GetProtectedResourceMetadata();
-            var prmUrl = GetPrmUrl(httpContext, prm.Resource);
+            var prmUrl = ProtectedResourceMetadataHandler.GetProtectedResourceMetadataUrl(prm.Resource);
             
             _logger.LogDebug("Invalid authorization token, returning 401 Unauthorized");
             httpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
             httpContext.Response.Headers.Append("WWW-Authenticate", $"Bearer resource_metadata=\"{prmUrl}\"");
             return Results.Empty;
-        }
-
-        // Token is valid, proceed to the next filter
+        }        // Token is valid, proceed to the next filter
         return await next(context);
-    }/// <summary>
-    /// Builds the URL for the protected resource metadata endpoint.
-    /// </summary>
-    /// <param name="context">The HTTP context.</param>
-    /// <param name="resourceUri">The resource URI from the protected resource metadata.</param>
-    /// <returns>The full URL to the protected resource metadata endpoint.</returns>
-    private static string GetPrmUrl(HttpContext context, Uri resourceUri)
-    {
-        // Create a new URI with the well-known path appended
-        return new Uri(resourceUri, ".well-known/oauth-protected-resource").ToString();
     }
 }
diff --git a/src/ModelContextProtocol.AspNetCore/ProtectedResourceMetadataHandler.cs b/src/ModelContextProtocol.AspNetCore/ProtectedResourceMetadataHandler.cs
@@ -33,12 +33,26 @@ public ProtectedResourceMetadataHandler(
     /// <param name="context">The HTTP context.</param>
     /// <returns>A task that represents the asynchronous operation.</returns>
     public async Task HandleAsync(HttpContext context)
-    {
-        _logger.LogDebug("Serving Protected Resource Metadata document");
+    {        _logger.LogDebug("Serving Protected Resource Metadata document");
         context.Response.ContentType = "application/json";
         await JsonSerializer.SerializeAsync(
             context.Response.Body, 
             _authProvider.GetProtectedResourceMetadata(),
             McpJsonUtilities.DefaultOptions.GetTypeInfo(typeof(ProtectedResourceMetadata)));
+    }    /// <summary>
+    /// Builds the URL for the protected resource metadata endpoint.
+    /// </summary>
+    /// <param name="resourceUri">The resource URI from the protected resource metadata.</param>
+    /// <returns>The full URL to the protected resource metadata endpoint.</returns>
+    /// <exception cref="ArgumentNullException">Thrown when resourceUri is null.</exception>
+    public static string GetProtectedResourceMetadataUrl(Uri resourceUri)
+    {
+        if (resourceUri == null)
+        {
+            throw new ArgumentNullException(nameof(resourceUri), "Resource URI must be provided to build the protected resource metadata URL.");
+        }
+        
+        // Create a new URI with the well-known path appended
+        return new Uri(resourceUri, ".well-known/oauth-protected-resource").ToString();
     }
 }
