o i)@shdZddlmZddlZddlmZmZddlmZddl m Z ddl m Z e e ZGdd d eZdS) aUDebug token verifier for testing and special cases. This module provides a flexible token verifier that delegates validation to a custom callable. Useful for testing, development, or scenarios where standard verification isn't possible (like opaque tokens without introspection). Example: ```python from fastmcp import FastMCP from fastmcp.server.auth.providers.debug import DebugTokenVerifier # Accept all tokens (default - useful for testing) auth = DebugTokenVerifier() # Custom sync validation logic auth = DebugTokenVerifier(validate=lambda token: token.startswith("valid-")) # Custom async validation logic async def check_cache(token: str) -> bool: return await redis.exists(f"token:{token}") auth = DebugTokenVerifier(validate=check_cache) mcp = FastMCP("My Server", auth=auth) ``` ) annotationsN) AwaitableCallable) TokenVerifier) AccessToken) get_loggercs:eZdZdZdddddfdfd d ZdddZZS)DebugTokenVerifiera Token verifier with custom validation logic. This verifier delegates token validation to a user-provided callable. By default, it accepts all non-empty tokens (useful for testing). Use cases: - Testing: Accept any token without real verification - Development: Custom validation logic for prototyping - Opaque tokens: When you have tokens with no introspection endpoint WARNING: This bypasses standard security checks. Only use in controlled environments or when you understand the security implications. cCsdS)NT)tokenr r i/var/www/html/karishye-ai-python/venv/lib/python3.10/site-packages/fastmcp/server/auth/providers/debug.py:szDebugTokenVerifier.z debug-clientNvalidate8Callable[[str], bool] | Callable[[str], Awaitable[bool]] client_idstrscopeslist[str] | Nonerequired_scopescs(tj|d||_||_|pg|_dS)aInitialize the debug token verifier. Args: validate: Callable that takes a token string and returns True if valid. Can be sync or async. Default accepts all tokens. client_id: Client ID to assign to validated tokens scopes: Scopes to assign to validated tokens required_scopes: Required scopes (inherited from TokenVerifier base class) )rN)super__init__r rr)selfr rrr __class__r r r7szDebugTokenVerifier.__init__r returnAccessToken | Nonec s|r|stddSz*||}t|r|IdH}n|}|s+tdWdSt||j|jdd|idWSt yS}ztjd|ddWYd}~dSd}~ww) zVerify token using custom validation logic. Args: token: The token string to validate Returns: AccessToken if validation succeeds, None otherwise zRejecting empty tokenNz0Token validation failed: callable returned Falser )r rr expires_atclaimszToken validation error: %sT)exc_info) striploggerdebugr inspect isawaitablerrr Exception)rr resultis_valider r r verify_tokenMs0     zDebugTokenVerifier.verify_token)r rrrrrrr)r rrr)__name__ __module__ __qualname____doc__rr' __classcell__r r rr r(sr)r+ __future__rr!collections.abcrrfastmcp.server.authrfastmcp.server.auth.authrfastmcp.utilities.loggingrr(rrr r r r s