Share more code between DNS and HTTP auth flows#552
Merged
domdomegg merged 7 commits intomodelcontextprotocol:mainfrom Sep 29, 2025
Merged
Share more code between DNS and HTTP auth flows#552domdomegg merged 7 commits intomodelcontextprotocol:mainfrom
domdomegg merged 7 commits intomodelcontextprotocol:mainfrom
Conversation
joelverhagen
changed the title
# Conflicts: # internal/api/handlers/v0/auth/http_test.go
domdomegg
requested changes
Sep 29, 2025
Member
domdomegg
left a comment
domdomegg
left a comment
There was a problem hiding this comment.
A few minor suggestions but generally looking good!
domdomegg
approved these changes
Sep 29, 2025
Member
domdomegg
left a comment
domdomegg
left a comment
There was a problem hiding this comment.
Nice, I really like this! Very clean now :)
slimslenderslacks
pushed a commit
to slimslenderslacks/registry
that referenced
this pull request
Dec 18, 2025
…#552) <!-- Provide a brief summary of your changes --> ## Motivation and Context Currently the `dns` and `http` based auth flows share code well in the publisher tool. However there is a lot of duplication in the auth endpoint. This on it's own is not a problem but it does make enhancements to the proof record (the `v=MCPv1; ...` string) harder to keep in sync. This PR adds a `common.go` file to share logic between the two. This supports work I am prototyping for modelcontextprotocol#482. ## How Has This Been Tested? Added new test cases for the permissions. Ran them before and after the refactoring to ensure no behavior change. Ran existing UTs. Ran the integration tests. Manually exercised the flows locally. ## Breaking Changes None. ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [ ] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Documentation update ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply. --> - [x] I have read the [MCP Documentation](https://modelcontextprotocol.io) - [x] My code follows the repository's style guidelines - [x] New and existing tests pass locally - [x] I have added appropriate error handling - [ ] I have added or updated documentation as needed ## Additional context <!-- Add any other context, implementation notes, or design decisions -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation and Context
Currently the
dnsandhttpbased auth flows share code well in the publisher tool. However there is a lot of duplication in the auth endpoint. This on it's own is not a problem but it does make enhancements to the proof record (thev=MCPv1; ...string) harder to keep in sync.This PR adds a
common.gofile to share logic between the two.This supports work I am prototyping for #482.
How Has This Been Tested?
Added new test cases for the permissions. Ran them before and after the refactoring to ensure no behavior change.
Ran existing UTs.
Ran the integration tests.
Manually exercised the flows locally.
Breaking Changes
None.
Types of changes
Checklist
Additional context