mirror of
https://gh.wpcy.net/https://github.com/discourse/discourse.git
synced 2026-06-19 05:35:40 +08:00
cbb63ef66a
Adds three new configurable fields to MCP server OAuth:
- `oauth_authorization_params` — JSON object merged into authorization
requests (e.g. `{"access_type":"offline"}` for Google APIs)
- `oauth_token_params` — JSON object merged into token exchange and
refresh requests (e.g. `{"audience":"..."}` for resource indicators)
- `oauth_require_refresh_token` — fails OAuth if the provider does not
return a refresh token, surfacing misconfiguration early
The OAuth flow is also improved in several ways:
- Reads `token_endpoint_auth_methods_supported` from discovery metadata
and negotiates the correct client authentication method
(client_secret_basic, client_secret_post, or none)
- Validates client registration requirements before starting the flow,
giving actionable error messages when dynamic registration is
unavailable
- Null values in custom params remove default parameters, allowing
overrides like removing the `resource` indicator
Additionally, the MCP client now passes through tool result errors
(isError: true) instead of raising exceptions, so the AI can see
and reason about tool-level failures.
66 lines
1.7 KiB
Ruby
Vendored
66 lines
1.7 KiB
Ruby
Vendored
# frozen_string_literal: true
|
|
|
|
class AiMcpServerSerializer < ApplicationSerializer
|
|
attributes :id,
|
|
:name,
|
|
:description,
|
|
:url,
|
|
:auth_type,
|
|
:ai_secret_id,
|
|
:auth_header,
|
|
:auth_scheme,
|
|
:oauth_client_registration,
|
|
:oauth_client_id,
|
|
:oauth_client_secret_ai_secret_id,
|
|
:oauth_scopes,
|
|
:oauth_authorization_params,
|
|
:oauth_token_params,
|
|
:oauth_require_refresh_token,
|
|
:oauth_granted_scopes,
|
|
:oauth_token_type,
|
|
:oauth_access_token_expires_at,
|
|
:oauth_authorization_endpoint,
|
|
:oauth_token_endpoint,
|
|
:oauth_revocation_endpoint,
|
|
:oauth_issuer,
|
|
:oauth_resource_metadata_url,
|
|
:oauth_status,
|
|
:oauth_last_error,
|
|
:oauth_last_authorized_at,
|
|
:oauth_last_refreshed_at,
|
|
:oauth_client_metadata_url,
|
|
:enabled,
|
|
:timeout_seconds,
|
|
:last_health_status,
|
|
:last_health_error,
|
|
:last_checked_at,
|
|
:last_tools_synced_at,
|
|
:protocol_version,
|
|
:server_capabilities,
|
|
:tool_count,
|
|
:token_count,
|
|
:tool_names,
|
|
:tools
|
|
|
|
root "ai_mcp_server"
|
|
|
|
def tool_count
|
|
object.tool_count
|
|
end
|
|
|
|
def tool_names
|
|
object.tools_for_serialization.map { |tool| tool[:name] }
|
|
end
|
|
|
|
def tools
|
|
object.tools_for_serialization
|
|
end
|
|
|
|
def token_count
|
|
object.token_count
|
|
end
|
|
|
|
def oauth_client_metadata_url
|
|
object.oauth_client_metadata_url
|
|
end
|
|
end
|
