obsidian-mcp/Endpoints/DiscoveryEndpoints.cs

using ObsidianMcp.Config;

namespace ObsidianMcp.Endpoints;

public static class DiscoveryEndpoints
{
    /// <summary>
    /// 注册 /.well-known/oauth-authorization-server 端点。
    /// 返回静态 JSON 指向 nas-auth，让 Claude.ai 能自动发现授权服务器。
    /// 所有字段从 McpDiscoveryOptions 读，不 hardcode。
    /// </summary>
    public static void MapDiscoveryEndpoints(this WebApplication app)
    {
        app.MapGet("/.well-known/oauth-authorization-server", (McpDiscoveryOptions opts) =>
        {
            return Results.Ok(new
            {
                issuer = opts.Issuer,
                authorization_endpoint = opts.AuthorizationEndpoint,
                token_endpoint = opts.TokenEndpoint,
                registration_endpoint = opts.RegistrationEndpoint,
                response_types_supported = new[] { "code" },
                grant_types_supported = new[] { "authorization_code", "refresh_token" },
                code_challenge_methods_supported = new[] { "S256" },
                scopes_supported = new[] { "read:obsidian", "write:obsidian" },
            });
        })
        .AllowAnonymous() // well-known 端点不需要认证，Claude 在登录前就要访问它
        .WithName("OAuthDiscovery");
    }
}