@ithena-one/mcp-governance
Version:
Governance layer (Identity, RBAC, Credentials, Audit, Logging, Tracing) for Model Context Protocol (MCP) servers.
20 lines (19 loc) • 989 B
TypeScript
import { UserIdentity, ResolvedCredentials, OperationContext } from '../types.js';
/**
* Interface for resolving credentials (secrets, API keys, etc.) needed for an operation.
*/
export interface CredentialResolver {
/** Optional initialization logic. */
initialize?(): Promise<void>;
/**
* Resolves credentials needed for the operation, potentially based on identity.
* This is typically called *after* successful authorization.
* @param identity - The resolved user identity (or null if auth is skipped/not applicable).
* @param opCtx - The context of the current operation.
* @returns The resolved credentials, or null/undefined if no credentials apply.
* @throws {CredentialResolutionError} on failure to resolve required credentials.
*/
resolveCredentials(identity: UserIdentity | null, opCtx: OperationContext): Promise<ResolvedCredentials | null | undefined>;
/** Optional cleanup logic. */
shutdown?(): Promise<void>;
}