Add resource_owner field in the introspection process

yukuanj · yukuanj · commit 042fa3d9485b · 2025-10-27T16:25:29.000+08:00
diff --git a/examples/servers/simple-auth/mcp_simple_auth/auth_server.py b/examples/servers/simple-auth/mcp_simple_auth/auth_server.py
@@ -123,6 +123,7 @@ async def introspect_handler(request: Request) -> Response:
                 "iat": int(time.time()),
                 "token_type": "Bearer",
                 "aud": access_token.resource,  # RFC 8707 audience claim
+                "sub": access_token.resource_owner,  # Resource owner
             }
         )
 
diff --git a/examples/servers/simple-auth/mcp_simple_auth/token_verifier.py b/examples/servers/simple-auth/mcp_simple_auth/token_verifier.py
@@ -75,6 +75,7 @@ async def verify_token(self, token: str) -> AccessToken | None:
                     scopes=data.get("scope", "").split() if data.get("scope") else [],
                     expires_at=data.get("exp"),
                     resource=data.get("aud"),  # Include resource in token
+                    resource_owner=data.get("sub"),  # Use 'sub' claim as resource owner
                 )
             except Exception as e:
                 logger.warning(f"Token introspection failed: {e}")

Original file line number	Diff line number	Diff line change
`@@ -123,6 +123,7 @@ async def introspect_handler(request: Request) -> Response:`
`123`	`123`	`"iat": int(time.time()),`
`124`	`124`	`"token_type": "Bearer",`
`125`	`125`	`"aud": access_token.resource, # RFC 8707 audience claim`
	`126`	`+ "sub": access_token.resource_owner, # Resource owner`
`126`	`127`	`}`
`127`	`128`	`)`
`128`	`129`
Original file line number	Diff line number	Diff line change
`@@ -75,6 +75,7 @@ async def verify_token(self, token: str) -> AccessToken \| None:`
`75`	`75`	`scopes=data.get("scope", "").split() if data.get("scope") else [],`
`76`	`76`	`expires_at=data.get("exp"),`
`77`	`77`	`resource=data.get("aud"), # Include resource in token`
	`78`	`+ resource_owner=data.get("sub"), # Use 'sub' claim as resource owner`
`78`	`79`	`)`
`79`	`80`	`except Exception as e:`
`80`	`81`	`logger.warning(f"Token introspection failed: {e}")`