Class: ActionMCP::GatewayIdentifiers::RequestEnvIdentifier

Inherits:
ActionMCP::GatewayIdentifier show all
Defined in:
lib/action_mcp/gateway_identifiers/request_env_identifier.rb

Overview

Example Gateway identifier for custom request environment-based authentication.

This identifier looks for user information in custom request headers or environment variables. Useful for authentication set up by upstream proxies, API gateways, or custom middleware.

Examples:

Usage in ApplicationGateway

class ApplicationGateway < ActionMCP::Gateway
  identified_by ActionMCP::GatewayIdentifiers::RequestEnvIdentifier
end

Configuration

# config/mcp.yml
authentication_methods: ["request_env"]

Nginx/Proxy setup

# Your proxy/gateway might set headers like:
# X-User-ID: 123
# X-User-Email: [email protected]
# X-User-Roles: admin,user

Instance Method Summary collapse

Methods inherited from ActionMCP::GatewayIdentifier

authenticates, identifier, #initialize

Constructor Details

This class inherits a constructor from ActionMCP::GatewayIdentifier

Instance Method Details

#resolveObject

Raises:



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/action_mcp/gateway_identifiers/request_env_identifier.rb', line 29

def resolve
  user_id = @request.env["HTTP_X_USER_ID"]
  raise Unauthorized, "User ID header missing" unless user_id

  # You might also want to get additional user info from headers
  email = @request.env["HTTP_X_USER_EMAIL"]
  roles = @request.env["HTTP_X_USER_ROLES"]&.split(",") || []

  # Option 1: Find user in database
  begin
    user = User.find(user_id)
    # Optional: verify email matches if provided
    if email && user.email != email
      raise Unauthorized, "User email mismatch"
    end
    user
  rescue ActiveRecord::RecordNotFound
    raise Unauthorized, "Invalid user"
  end

  # Option 2: Create a simple user object from headers (if you don't want DB lookup)
  # OpenStruct.new(
  #   id: user_id,
  #   email: email,
  #   roles: roles
  # )
end