@nogoo9/mcp-server-cloud-fs / EnterpriseAuthVerifier
Class: EnterpriseAuthVerifier
Defined in: auth/verifier.ts:95
Enterprise-Managed Authorization verifier. Validates Identity Assertion JWT Authorization Grants (ID-JAGs) from enterprise Identity Providers per the ext-auth specification.
The flow:
- User authenticates with enterprise IdP (OIDC/SAML)
- Client exchanges IdP token for ID-JAG via Token Exchange (RFC 8693)
- Client presents ID-JAG to this MCP server (RFC 7523 §2.1)
- This verifier validates the ID-JAG's signature, issuer, audience, expiry
Constructors
Constructor
new EnterpriseAuthVerifier(
options):EnterpriseAuthVerifier
Defined in: auth/verifier.ts:98
Parameters
options
Returns
EnterpriseAuthVerifier
Methods
validateAssertion()
validateAssertion(
assertion):Promise<TokenClaims>
Defined in: auth/verifier.ts:111
Validate an ID-JAG (Identity Assertion JWT Authorization Grant).
Parameters
assertion
string
The JWT assertion from the token exchange.
Returns
Promise<TokenClaims>
Decoded claims with user identity.