npm - @akropolys/mcp - Versions diffs - 1.5.3 - Mend

@akropolys/mcp 1.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/src/cache.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import { createClient } from 'redis';
+import { DBProperty, DBTool } from './db.js';
+export interface CachedConfig {
+  property: DBProperty;
+  tools: DBTool[];
+}
+const redisUrl = process.env.UPSTASH_REDIS_URL;
+export const redisClient = redisUrl ? createClient({ url: redisUrl }) : null;
+if (redisClient) {
+  redisClient.connect().catch(err => {
+    console.error('Redis connection error:', err);
+  });
+}
+export async function getCachedConfig(propertyId: string): Promise<CachedConfig | null> {
+  if (!redisClient) {
+    return null;
+  }
+  try {
+    const cached = await redisClient.get(`mcp:config:${propertyId}`);
+    if (cached) {
+      return JSON.parse(cached) as CachedConfig;
+    }
+  } catch (err) {
+    console.error('Redis cache get error:', err);
+  }
+  return null;
+}
+export async function setCachedConfig(propertyId: string, config: CachedConfig): Promise<void> {
+  if (!redisClient) {
+    return;
+  }
+  try {
+    await redisClient.set(`mcp:config:${propertyId}`, JSON.stringify(config), {
+      EX: 3600 // 1 hour TTL
+    });
+  } catch (err) {
+    console.error('Redis cache set error:', err);
+  }
+}

package/src/db.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import pg from 'pg';
+const { Pool } = pg;
+export interface DBProperty {
+  id: string;
+  site_id: string;
+  name: string;
+  api_base: string;
+  auth_type: string;
+  auth_token: string | null;
+  allow_agent_access: boolean;
+}
+export interface DBTool {
+  id: number;
+  property_id: string;
+  name: string;
+  description: string;
+  method: string;
+  path: string;
+  parameters: any;
+  response_schema: any | null;
+  response_mapping: any | null;
+}
+// Module-level pool — created once, reused for the lifetime of the stdio process.
+// Falls back to null until first use so startup errors don't crash before main() runs.
+let _pool: pg.Pool | null = null;
+function getPool(): pg.Pool {
+  if (_pool) return _pool;
+  const dbUrl = process.env.DATABASE_URL;
+  if (!dbUrl) {
+    throw new Error('DATABASE_URL environment variable is not defined');
+  }
+  _pool = new Pool({
+    connectionString: dbUrl,
+    max: 5,
+    idleTimeoutMillis: 30_000,
+    connectionTimeoutMillis: 5_000,
+    ssl: {
+      // Enforce TLS certificate validation.
+      // Set PGSSLROOTCERT or NODE_EXTRA_CA_CERTS if using a self-signed cert.
+      rejectUnauthorized: true,
+    },
+  });
+  _pool.on('error', (err) => {
+    console.error('[db] idle client error:', err.message);
+  });
+  return _pool;
+}
+export async function fetchPropertyAndTools(propertyId: string): Promise<{ property: DBProperty; tools: DBTool[] }> {
+  const pool = getPool();
+  const propRes = await pool.query(
+    'SELECT id, site_id, name, api_base, auth_type, auth_token, allow_agent_access FROM developer_properties WHERE id = $1',
+    [propertyId]
+  );
+  if (propRes.rows.length === 0) {
+    throw new Error(`Property config with ID "${propertyId}" not found in database`);
+  }
+  const toolsRes = await pool.query(
+    'SELECT id, property_id, name, description, method, path, parameters, response_schema, response_mapping FROM developer_tools WHERE property_id = $1',
+    [propertyId]
+  );
+  return {
+    property: propRes.rows[0] as DBProperty,
+    tools: toolsRes.rows as DBTool[],
+  };
+}
+/** Gracefully drain the pool — call on process exit. */
+export async function closePool(): Promise<void> {
+  if (_pool) {
+    await _pool.end();
+    _pool = null;
+  }
+}

package/src/index.ts ADDED Viewed

@@ -0,0 +1,332 @@
+import dotenv from 'dotenv';
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+} from '@modelcontextprotocol/sdk/types.js';
+import { fetchPropertyAndTools, closePool } from './db.js';
+import { getCachedConfig, setCachedConfig, redisClient } from './cache.js';
+import { LocalAESVault } from './vault.js';
+import { assertSafeUrl } from './ssrfValidator.js';
+import { McpRateLimiter } from './rateLimiter.js';
+export { isPrivateIp, assertSafeUrl as validateUrlForSSRF } from './ssrfValidator.js';
+const rateLimiter = new McpRateLimiter(redisClient);
+dotenv.config();
+// Property ID resolved dynamically
+// Instantiate vault
+let vault: LocalAESVault | null = null;
+try {
+  vault = new LocalAESVault();
+} catch (err: any) {
+  console.warn(`⚠️ WARNING: KMS Vault failed to initialize: ${err.message}. Raw tokens will be used.`);
+}
+async function getConfig() {
+  const propertyId = process.env.AKROPOLYS_PROPERTY_ID;
+  if (!propertyId) {
+    throw new Error('AKROPOLYS_PROPERTY_ID environment variable is required');
+  }
+  // Try Redis cache first
+  const cached = await getCachedConfig(propertyId);
+  if (cached) {
+    return cached;
+  }
+  // Fallback to database
+  const config = await fetchPropertyAndTools(propertyId);
+  // Save to cache
+  await setCachedConfig(propertyId, config);
+  return config;
+}
+async function getDecryptedToken(token: string | null): Promise<string | null> {
+  if (!token) return null;
+  if (!vault) return token;
+  try {
+    return await vault.decrypt(token);
+  } catch (err) {
+    // Fallback to raw string if it's not encrypted
+    return token;
+  }
+}
+export function getNestedValue(obj: any, path: string): any {
+  if (!obj) return undefined;
+  const parts = path.split('.');
+  let current = obj;
+  for (const part of parts) {
+    if (current === null || current === undefined) return undefined;
+    // Array notation support: items[0]
+    const arrayMatch = part.match(/^(\w+)\[(\d+)\]$/);
+    if (arrayMatch) {
+      const key = arrayMatch[1];
+      const index = parseInt(arrayMatch[2], 10);
+      current = current[key];
+      if (Array.isArray(current)) {
+        current = current[index];
+      } else {
+        return undefined;
+      }
+    } else {
+      if (Array.isArray(current)) {
+        // Traverses the array and extracts the field from each element
+        current = current.map(item => (item ? item[part] : undefined));
+      } else {
+        current = current[part];
+      }
+    }
+  }
+  return current;
+}
+export function applyResponseMapping(payload: any, mapping: Record<string, string>): any {
+  if (!payload) return payload;
+  if (Array.isArray(payload)) {
+    return payload.map(item => applyResponseMapping(item, mapping));
+  }
+  const mappedResult: Record<string, any> = {};
+  let hasMappedAny = false;
+  for (const [targetKey, sourcePath] of Object.entries(mapping)) {
+    if (typeof sourcePath === 'string') {
+      const val = getNestedValue(payload, sourcePath);
+      if (val !== undefined) {
+        mappedResult[targetKey] = val;
+        hasMappedAny = true;
+      }
+    }
+  }
+  return hasMappedAny ? mappedResult : payload;
+}
+export function cleanParameterSchema(params: any): any {
+  if (!params || typeof params !== 'object') {
+    return { type: 'object', properties: {} };
+  }
+  const cleaned = JSON.parse(JSON.stringify(params));
+  if (cleaned.properties && typeof cleaned.properties === 'object') {
+    for (const key of Object.keys(cleaned.properties)) {
+      const prop = cleaned.properties[key];
+      if (prop && typeof prop === 'object') {
+        delete prop.location;
+      }
+    }
+  }
+  return cleaned;
+}
+export const server = new Server(
+  {
+    name: 'akropolys-mcp',
+    version: '1.2.3',
+  },
+  {
+    capabilities: {
+      tools: {},
+    },
+  }
+);
+// Register list tools handler
+server.setRequestHandler(ListToolsRequestSchema, async () => {
+  try {
+    const { tools } = await getConfig();
+    return {
+      tools: tools.map(t => ({
+        name: t.name,
+        description: t.description,
+        inputSchema: cleanParameterSchema(t.parameters),
+      })),
+    };
+  } catch (err: any) {
+    console.error('Error listing tools:', err);
+    return {
+      tools: [],
+    };
+  }
+});
+// Register call tool handler
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+  const { name, arguments: args } = request.params;
+  const argumentsObj = args || {};
+  try {
+    const { property, tools } = await getConfig();
+    if (!property.allow_agent_access) {
+      throw new Error(`Agent access is not enabled for property "${property.id}"`);
+    }
+    const tool = tools.find(t => t.name === name);
+    if (!tool) {
+      throw new Error(`Tool "${name}" not found`);
+    }
+    // Resolve credentials
+    const decryptedAuthToken = await getDecryptedToken(property.auth_token);
+    // Validate parameters & map to locations
+    let resolvedPath = tool.path;
+    const queryParams: Record<string, string> = {};
+    const headers: Record<string, string> = {};
+    const bodyParams: Record<string, any> = {};
+    // Apply authorization headers
+    if (property.auth_type === 'bearer' && decryptedAuthToken) {
+      headers['Authorization'] = `Bearer ${decryptedAuthToken}`;
+    } else if (property.auth_type === 'api_key' && decryptedAuthToken) {
+      headers['X-API-Key'] = decryptedAuthToken;
+      headers['X-Akropolys-Token'] = decryptedAuthToken;
+      headers['Authorization'] = decryptedAuthToken;
+    }
+    const paramDefs = tool.parameters?.properties || {};
+    const requiredParams = tool.parameters?.required || [];
+    // Check required parameters
+    for (const reqField of requiredParams) {
+      if (argumentsObj[reqField] === undefined) {
+        throw new Error(`Missing required parameter: "${reqField}"`);
+      }
+    }
+    // Distribute parameters to their locations
+    for (const [key, val] of Object.entries(argumentsObj)) {
+      const def = paramDefs[key] || {};
+      const location = def.location || 'body';
+      if (location === 'path') {
+        resolvedPath = resolvedPath
+          .replace(new RegExp(`:${key}`, 'g'), String(val))
+          .replace(new RegExp(`{${key}}`, 'g'), String(val));
+      } else if (location === 'query') {
+        queryParams[key] = String(val);
+      } else if (location === 'header') {
+        headers[key] = String(val);
+      } else if (location === 'body') {
+        bodyParams[key] = val;
+      }
+    }
+    // Build URL
+    const baseUrl = property.api_base.replace(/\/+$/, '');
+    const urlPath = resolvedPath.replace(/^\/+/, '');
+    let fullUrl = `${baseUrl}/${urlPath}`;
+    if (Object.keys(queryParams).length > 0) {
+      const qs = new URLSearchParams(queryParams).toString();
+      fullUrl += `?${qs}`;
+    }
+    const requestOptions: RequestInit = {
+      method: tool.method.toUpperCase(),
+      headers,
+    };
+    if (['POST', 'PUT', 'PATCH'].includes(tool.method.toUpperCase())) {
+      if (!headers['Content-Type']) {
+        headers['Content-Type'] = 'application/json';
+      }
+      requestOptions.body = JSON.stringify(bodyParams);
+    }
+    // Assert rate limits
+    await rateLimiter.assertAllowed(property.id);
+    // Validate target URL for SSRF protection.
+    // assertSafeUrl returns the IP-substituted URL to use for the actual fetch,
+    // closing the DNS-rebinding window between validation and connection.
+    const { safeUrl, hostHeader } = await assertSafeUrl(fullUrl);
+    headers['Host'] = hostHeader;
+    // Execute request using the pre-validated IP URL
+    const response = await fetch(safeUrl, requestOptions);
+    const text = await response.text();
+    let jsonPayload: any;
+    try {
+      jsonPayload = JSON.parse(text);
+    } catch {
+      jsonPayload = { responseText: text };
+    }
+    if (!response.ok) {
+      return {
+        content: [
+          {
+            type: 'text',
+            text: `API request failed with status ${response.status}: ${JSON.stringify(jsonPayload)}`,
+          },
+        ],
+        isError: true,
+      };
+    }
+    // Normalize response using mapping
+    let normalized = jsonPayload;
+    if (
+      tool.response_mapping &&
+      typeof tool.response_mapping === 'object' &&
+      Object.keys(tool.response_mapping).length > 0
+    ) {
+      normalized = applyResponseMapping(jsonPayload, tool.response_mapping);
+    }
+    return {
+      content: [
+        {
+          type: 'text',
+          text: JSON.stringify(normalized, null, 2),
+        },
+      ],
+    };
+  } catch (err: any) {
+    console.error(`Error executing tool "${name}":`, err);
+    return {
+      content: [
+        {
+          type: 'text',
+          text: `Error: ${err.message}`,
+        },
+      ],
+      isError: true,
+    };
+  }
+});
+async function main() {
+  const propertyId = process.env.AKROPOLYS_PROPERTY_ID;
+  if (!propertyId) {
+    console.error('❌ ERROR: AKROPOLYS_PROPERTY_ID environment variable is required');
+    process.exit(1);
+  }
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+  console.error(`✓ Akropolys MCP Proxy Server running for property: ${propertyId}`);
+}
+if (process.env.NODE_ENV !== 'test') {
+  // Gracefully drain the DB pool on exit signals
+  const shutdown = async (signal: string) => {
+    console.error(`[mcp] ${signal} received — shutting down`);
+    await closePool();
+    process.exit(0);
+  };
+  process.on('SIGINT', () => shutdown('SIGINT'));
+  process.on('SIGTERM', () => shutdown('SIGTERM'));
+  main().catch(err => {
+    console.error('Fatal error in MCP server:', err);
+    process.exit(1);
+  });
+}

package/src/rateLimiter.ts ADDED Viewed

@@ -0,0 +1,32 @@
+export class McpRateLimiter {
+  private client: any;
+  private limit: number;
+  private windowSeconds: number;
+  constructor(redisClient: any, limit = 100, windowSeconds = 60) {
+    this.client = redisClient;
+    this.limit = limit;
+    this.windowSeconds = windowSeconds;
+  }
+  async assertAllowed(propertyId: string): Promise<void> {
+    if (!this.client) {
+      // Redis not configured — fail closed: deny the request.
+      // Without rate limiting we cannot safely allow agent traffic.
+      throw new Error('Rate limiting is not configured (Redis unavailable). Request denied.');
+    }
+    const key = `mcp:ratelimit:${propertyId}`;
+    // Propagate ALL errors — never silently bypass.
+    const current = await this.client.incr(key);
+    if (current === 1) {
+      await this.client.expire(key, this.windowSeconds);
+    }
+    if (current > this.limit) {
+      throw new Error(
+        `Rate limit exceeded: property "${propertyId}" has exceeded the limit of ${this.limit} requests per ${this.windowSeconds} seconds.`
+      );
+    }
+  }
+}

package/src/ssrfValidator.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import dns from 'dns';
+import { promisify } from 'util';
+const lookup = promisify(dns.lookup);
+export function isPrivateIp(ip: string): boolean {
+  const ipv4MappedMatch = ip.match(/^::ffff:(\d+\.\d+\.\d+\.\d+)$/i);
+  const normalizedIp = ipv4MappedMatch ? ipv4MappedMatch[1] : ip;
+  if (/^\d+\.\d+\.\d+\.\d+$/.test(normalizedIp)) {
+    const parts = normalizedIp.split('.').map(Number);
+    if (parts.some(isNaN) || parts.length !== 4) return true;
+    if (parts[0] === 127) return true;
+    if (parts[0] === 10) return true;
+    if (parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31) return true;
+    if (parts[0] === 192 && parts[1] === 168) return true;
+    if (parts[0] === 169 && parts[1] === 254) return true; // link-local
+    if (parts[0] === 0) return true;
+    return false;
+  }
+  // IPv6 checks
+  if (normalizedIp === '::1' || normalizedIp === '::') return true;
+  if (/^fe[89ab]/i.test(normalizedIp)) return true; // link-local (fe80::/10)
+  if (/^f[cd]/i.test(normalizedIp)) return true;    // ULA (fc00::/7)
+  return false;
+}
+/**
+ * Validates that the target URL does not resolve to a private/loopback address
+ * (SSRF protection) and returns a **safe fetch URL** where the hostname has been
+ * replaced by the pre-validated IP address.
+ *
+ * Using the returned safeUrl for the actual fetch() call closes the DNS-rebinding
+ * window: the hostname cannot re-resolve to a different (private) IP between the
+ * validation check and the connection.
+ *
+ * @returns An object with `safeUrl` (connect to this) and `hostHeader` (send as Host:).
+ */
+export async function assertSafeUrl(urlStr: string): Promise<{ safeUrl: string; hostHeader: string }> {
+  const url = new URL(urlStr);
+  const hostname = url.hostname;
+  // Resolve once — we use this resolved IP for the actual connection.
+  const res = await lookup(hostname);
+  if (isPrivateIp(res.address)) {
+    throw new Error(`SSRF Prevention: outbound requests to private IP address ${res.address} (resolved from "${hostname}") are prohibited`);
+  }
+  // Build a URL that connects directly to the resolved IP so DNS cannot rebind.
+  const safeUrl = new URL(urlStr);
+  safeUrl.hostname = res.address;
+  return {
+    safeUrl: safeUrl.toString(),
+    hostHeader: hostname, // caller must forward this as the Host header
+  };
+}