Protected ReadonlyresponderProtectedserverProtectedstartProtectedensureProtectedgetThe redirect_uri to advertise to the authorization server.
ProtectedhandleCalled when the backend application shuts down.
When shutdown is initiated via SIGINT/SIGTERM, contributions are dispatched
in parallel and any returned promise is awaited up to SHUTDOWN_TIMEOUT_MS
milliseconds while injected services from the root container are still
resolvable.
On synchronous-exit fallback paths (uncaught exceptions, server bind failures, or normal process exit), the hook is invoked synchronously and any returned promise is discarded. Implementations should be resilient to either path.
Contributions must be independent of one another during stop because they are dispatched in parallel.
Protectedstart
Electron-only RFC 8252 loopback callback server, bound to
127.0.0.1on a fixed port and separate from the main backend, so it sits outside the security-token cookie middleware that would otherwise403the cookie-less OAuth redirect. One server multiplexes all flows and frontends through the shared MCPOAuthCallbackResponder (keyed bystate), started lazily on first use and closed on shutdown.