/** * MCP OAuth Client Provider implementing the SDK's OAuthClientProvider interface. * * Handles the full OAuth 2.0 authorization code flow with PKCE for MCP servers: * - Persists tokens and client info to JSON files * - Opens system browser for user authorization * - Manages a local HTTP callback server for auth code capture * - Supports token refresh and credential invalidation */ import type { OAuthClientProvider } from '@modelcontextprotocol/sdk/client/auth.js'; import type { OAuthClientInformationMixed, OAuthTokens, OAuthClientMetadata } from '@modelcontextprotocol/sdk/shared/auth.js'; import { OAuthCallbackServer } from './oauth-callback-server.js'; import type { McpOAuthProviderOptions } from './oauth-types.js'; export declare class McpOAuthClientProvider implements OAuthClientProvider { private _callbackServer; private storage; private _configDir; private _callbackPort; private _serverUrlHash; constructor(options: McpOAuthProviderOptions); get redirectUrl(): string; get clientMetadata(): OAuthClientMetadata; clientInformation(): OAuthClientInformationMixed | undefined; saveClientInformation(info: OAuthClientInformationMixed): void; tokens(): OAuthTokens | undefined; saveTokens(tokens: OAuthTokens): void; redirectToAuthorization(authorizationUrl: URL): Promise; saveCodeVerifier(codeVerifier: string): void; codeVerifier(): string; invalidateCredentials(scope: 'all' | 'client' | 'tokens' | 'verifier' | 'discovery'): Promise; /** * Starts the local callback server for auth code capture. * Idempotent — returns existing server if already running. */ startCallbackServer(): Promise; /** * Stops the callback server after auth flow completes. */ stopCallbackServer(): Promise; getCallbackServer(): OAuthCallbackServer | null; } //# sourceMappingURL=oauth-provider.d.ts.map