@backstage/plugin-mcp-actions-backend 0.1.3-next.0 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +26 -0
- package/README.md +25 -0
- package/dist/plugin.cjs.js +33 -3
- package/dist/plugin.cjs.js.map +1 -1
- package/package.json +9 -9
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,31 @@
|
|
|
1
1
|
# @backstage/plugin-mcp-actions-backend
|
|
2
2
|
|
|
3
|
+
## 0.1.3
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 1d47bf3: Proxy `/.well-known/oauth-authorization-server` to `/.well-known/openid-configuration` on `auth-backend` when `auth.experimentalDynamicClientRegistration.enabled` is enabled.
|
|
8
|
+
- 7f2a4a0: Updating docs
|
|
9
|
+
- d08b0c9: The MCP backend will now convert known Backstage errors into textual responses with `isError: true`.
|
|
10
|
+
The error message can be useful for an LLM to understand and maybe give back to the user.
|
|
11
|
+
Previously all errors where thrown out to `@modelcontextprotocol/sdk` which causes a generic 500.
|
|
12
|
+
- Updated dependencies
|
|
13
|
+
- @backstage/backend-defaults@0.12.1
|
|
14
|
+
- @backstage/plugin-catalog-node@1.19.0
|
|
15
|
+
- @backstage/catalog-client@1.12.0
|
|
16
|
+
- @backstage/types@1.2.2
|
|
17
|
+
- @backstage/backend-plugin-api@1.4.3
|
|
18
|
+
|
|
19
|
+
## 0.1.3-next.1
|
|
20
|
+
|
|
21
|
+
### Patch Changes
|
|
22
|
+
|
|
23
|
+
- 1d47bf3: Proxy `/.well-known/oauth-authorization-server` to `/.well-known/openid-configuration` on `auth-backend` when `auth.experimentalDynamicClientRegistration.enabled` is enabled.
|
|
24
|
+
- Updated dependencies
|
|
25
|
+
- @backstage/backend-defaults@0.12.1-next.1
|
|
26
|
+
- @backstage/catalog-client@1.12.0-next.0
|
|
27
|
+
- @backstage/plugin-catalog-node@1.19.0-next.1
|
|
28
|
+
|
|
3
29
|
## 0.1.3-next.0
|
|
4
30
|
|
|
5
31
|
### Patch Changes
|
package/README.md
CHANGED
|
@@ -103,6 +103,31 @@ node -p 'require("crypto").randomBytes(24).toString("base64")'
|
|
|
103
103
|
|
|
104
104
|
Set the `MCP_TOKEN` environment variable with this token, and configure your MCP client to use it in the [Authorization header](#configuring-mcp-clients)
|
|
105
105
|
|
|
106
|
+
#### Experimental: Dynamic Client Registration
|
|
107
|
+
|
|
108
|
+
> [!CAUTION]
|
|
109
|
+
> This is highly experimental, proceed with caution.
|
|
110
|
+
|
|
111
|
+
You can configure the `auth-backend` and install the `auth` frontend plugin in order to enable [Dynamic Client Registration](https://modelcontextprotocol.io/specification/2025-03-26/basic/authorization#dynamic-client-registration) with MCP Clients.
|
|
112
|
+
|
|
113
|
+
This means that there is no token required in your MCP settings, and a token will be given to a client that requests a token on your behalf. When adding the MCP server to an MCP client like Cursor or Claude, a popup that requires your approval will be opened in your Backstage instance, which is powered by the `auth` plugin.
|
|
114
|
+
|
|
115
|
+
You will need to add the `@backstage/plugin-auth` package to your `app` `package.json`, and enable the following config in `app-config.yaml`:
|
|
116
|
+
|
|
117
|
+
```yaml
|
|
118
|
+
auth:
|
|
119
|
+
experimentalDynamicClientRegistration:
|
|
120
|
+
# enable the feature
|
|
121
|
+
enabled: true
|
|
122
|
+
|
|
123
|
+
# this is optional and will default to *, but you can limit the callback URLs which are valid for added security
|
|
124
|
+
allowedRedirectUriPatterns:
|
|
125
|
+
- cursor://*
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
> [!NOTE]
|
|
129
|
+
> The `@backstage/plugin-auth` package is currently only available in the new frontend system.
|
|
130
|
+
|
|
106
131
|
## Configuring MCP Clients
|
|
107
132
|
|
|
108
133
|
The MCP server supports both Server-Sent Events (SSE) and Streamable HTTP protocols.
|
package/dist/plugin.cjs.js
CHANGED
|
@@ -2,11 +2,16 @@
|
|
|
2
2
|
|
|
3
3
|
var backendPluginApi = require('@backstage/backend-plugin-api');
|
|
4
4
|
var express = require('express');
|
|
5
|
+
var PromiseRouter = require('express-promise-router');
|
|
5
6
|
var McpService = require('./services/McpService.cjs.js');
|
|
6
7
|
var createStreamableRouter = require('./routers/createStreamableRouter.cjs.js');
|
|
7
8
|
var createSseRouter = require('./routers/createSseRouter.cjs.js');
|
|
8
9
|
var alpha = require('@backstage/backend-plugin-api/alpha');
|
|
9
10
|
|
|
11
|
+
function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
|
|
12
|
+
|
|
13
|
+
var PromiseRouter__default = /*#__PURE__*/_interopDefaultCompat(PromiseRouter);
|
|
14
|
+
|
|
10
15
|
const mcpPlugin = backendPluginApi.createBackendPlugin({
|
|
11
16
|
pluginId: "mcp-actions",
|
|
12
17
|
register(env) {
|
|
@@ -17,9 +22,20 @@ const mcpPlugin = backendPluginApi.createBackendPlugin({
|
|
|
17
22
|
httpAuth: backendPluginApi.coreServices.httpAuth,
|
|
18
23
|
httpRouter: backendPluginApi.coreServices.httpRouter,
|
|
19
24
|
actions: alpha.actionsServiceRef,
|
|
20
|
-
registry: alpha.actionsRegistryServiceRef
|
|
25
|
+
registry: alpha.actionsRegistryServiceRef,
|
|
26
|
+
rootRouter: backendPluginApi.coreServices.rootHttpRouter,
|
|
27
|
+
discovery: backendPluginApi.coreServices.discovery,
|
|
28
|
+
config: backendPluginApi.coreServices.rootConfig
|
|
21
29
|
},
|
|
22
|
-
async init({
|
|
30
|
+
async init({
|
|
31
|
+
actions,
|
|
32
|
+
logger,
|
|
33
|
+
httpRouter,
|
|
34
|
+
httpAuth,
|
|
35
|
+
rootRouter,
|
|
36
|
+
discovery,
|
|
37
|
+
config
|
|
38
|
+
}) {
|
|
23
39
|
const mcpService = await McpService.McpService.create({
|
|
24
40
|
actions
|
|
25
41
|
});
|
|
@@ -32,11 +48,25 @@ const mcpPlugin = backendPluginApi.createBackendPlugin({
|
|
|
32
48
|
httpAuth,
|
|
33
49
|
logger
|
|
34
50
|
});
|
|
35
|
-
const router =
|
|
51
|
+
const router = PromiseRouter__default.default();
|
|
36
52
|
router.use(express.json());
|
|
37
53
|
router.use("/v1/sse", sseRouter);
|
|
38
54
|
router.use("/v1", streamableRouter);
|
|
39
55
|
httpRouter.use(router);
|
|
56
|
+
if (config.getOptionalBoolean(
|
|
57
|
+
"auth.experimentalDynamicClientRegistration.enabled"
|
|
58
|
+
)) {
|
|
59
|
+
rootRouter.use(
|
|
60
|
+
"/.well-known/oauth-authorization-server",
|
|
61
|
+
async (_, res) => {
|
|
62
|
+
const authBaseUrl = await discovery.getBaseUrl("auth");
|
|
63
|
+
const oidcResponse = await fetch(
|
|
64
|
+
`${authBaseUrl}/.well-known/openid-configuration`
|
|
65
|
+
);
|
|
66
|
+
res.json(await oidcResponse.json());
|
|
67
|
+
}
|
|
68
|
+
);
|
|
69
|
+
}
|
|
40
70
|
}
|
|
41
71
|
});
|
|
42
72
|
}
|
package/dist/plugin.cjs.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin.cjs.js","sources":["../src/plugin.ts"],"sourcesContent":["/*\n * Copyright 2025 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n coreServices,\n createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport { json
|
|
1
|
+
{"version":3,"file":"plugin.cjs.js","sources":["../src/plugin.ts"],"sourcesContent":["/*\n * Copyright 2025 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n coreServices,\n createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport { json } from 'express';\nimport Router from 'express-promise-router';\nimport { McpService } from './services/McpService';\nimport { createStreamableRouter } from './routers/createStreamableRouter';\nimport { createSseRouter } from './routers/createSseRouter';\nimport {\n actionsRegistryServiceRef,\n actionsServiceRef,\n} from '@backstage/backend-plugin-api/alpha';\n\n/**\n * mcpPlugin backend plugin\n *\n * @public\n */\nexport const mcpPlugin = createBackendPlugin({\n pluginId: 'mcp-actions',\n register(env) {\n env.registerInit({\n deps: {\n logger: coreServices.logger,\n auth: coreServices.auth,\n httpAuth: coreServices.httpAuth,\n httpRouter: coreServices.httpRouter,\n actions: actionsServiceRef,\n registry: actionsRegistryServiceRef,\n rootRouter: coreServices.rootHttpRouter,\n discovery: coreServices.discovery,\n config: coreServices.rootConfig,\n },\n async init({\n actions,\n logger,\n httpRouter,\n httpAuth,\n rootRouter,\n discovery,\n config,\n }) {\n const mcpService = await McpService.create({\n actions,\n });\n\n const sseRouter = createSseRouter({\n mcpService,\n httpAuth,\n });\n\n const streamableRouter = createStreamableRouter({\n mcpService,\n httpAuth,\n logger,\n });\n\n const router = Router();\n router.use(json());\n\n router.use('/v1/sse', sseRouter);\n router.use('/v1', streamableRouter);\n\n httpRouter.use(router);\n\n if (\n config.getOptionalBoolean(\n 'auth.experimentalDynamicClientRegistration.enabled',\n )\n ) {\n // This should be replaced with throwing a WWW-Authenticate header, but that doesn't seem to be supported by\n // many of the MCP client as of yet. So this seems to be the oldest version of the spec thats implemented.\n rootRouter.use(\n '/.well-known/oauth-authorization-server',\n async (_, res) => {\n const authBaseUrl = await discovery.getBaseUrl('auth');\n const oidcResponse = await fetch(\n `${authBaseUrl}/.well-known/openid-configuration`,\n );\n\n res.json(await oidcResponse.json());\n },\n );\n }\n },\n });\n },\n});\n"],"names":["createBackendPlugin","coreServices","actionsServiceRef","actionsRegistryServiceRef","McpService","createSseRouter","createStreamableRouter","Router","json"],"mappings":";;;;;;;;;;;;;;AAkCO,MAAM,YAAYA,oCAAA,CAAoB;AAAA,EAC3C,QAAA,EAAU,aAAA;AAAA,EACV,SAAS,GAAA,EAAK;AACZ,IAAA,GAAA,CAAI,YAAA,CAAa;AAAA,MACf,IAAA,EAAM;AAAA,QACJ,QAAQC,6BAAA,CAAa,MAAA;AAAA,QACrB,MAAMA,6BAAA,CAAa,IAAA;AAAA,QACnB,UAAUA,6BAAA,CAAa,QAAA;AAAA,QACvB,YAAYA,6BAAA,CAAa,UAAA;AAAA,QACzB,OAAA,EAASC,uBAAA;AAAA,QACT,QAAA,EAAUC,+BAAA;AAAA,QACV,YAAYF,6BAAA,CAAa,cAAA;AAAA,QACzB,WAAWA,6BAAA,CAAa,SAAA;AAAA,QACxB,QAAQA,6BAAA,CAAa;AAAA,OACvB;AAAA,MACA,MAAM,IAAA,CAAK;AAAA,QACT,OAAA;AAAA,QACA,MAAA;AAAA,QACA,UAAA;AAAA,QACA,QAAA;AAAA,QACA,UAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF,EAAG;AACD,QAAA,MAAM,UAAA,GAAa,MAAMG,qBAAA,CAAW,MAAA,CAAO;AAAA,UACzC;AAAA,SACD,CAAA;AAED,QAAA,MAAM,YAAYC,+BAAA,CAAgB;AAAA,UAChC,UAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,MAAM,mBAAmBC,6CAAA,CAAuB;AAAA,UAC9C,UAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,MAAM,SAASC,8BAAA,EAAO;AACtB,QAAA,MAAA,CAAO,GAAA,CAAIC,cAAM,CAAA;AAEjB,QAAA,MAAA,CAAO,GAAA,CAAI,WAAW,SAAS,CAAA;AAC/B,QAAA,MAAA,CAAO,GAAA,CAAI,OAAO,gBAAgB,CAAA;AAElC,QAAA,UAAA,CAAW,IAAI,MAAM,CAAA;AAErB,QAAA,IACE,MAAA,CAAO,kBAAA;AAAA,UACL;AAAA,SACF,EACA;AAGA,UAAA,UAAA,CAAW,GAAA;AAAA,YACT,yCAAA;AAAA,YACA,OAAO,GAAG,GAAA,KAAQ;AAChB,cAAA,MAAM,WAAA,GAAc,MAAM,SAAA,CAAU,UAAA,CAAW,MAAM,CAAA;AACrD,cAAA,MAAM,eAAe,MAAM,KAAA;AAAA,gBACzB,GAAG,WAAW,CAAA,iCAAA;AAAA,eAChB;AAEA,cAAA,GAAA,CAAI,IAAA,CAAK,MAAM,YAAA,CAAa,IAAA,EAAM,CAAA;AAAA,YACpC;AAAA,WACF;AAAA,QACF;AAAA,MACF;AAAA,KACD,CAAA;AAAA,EACH;AACF,CAAC;;;;"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@backstage/plugin-mcp-actions-backend",
|
|
3
|
-
"version": "0.1.3
|
|
3
|
+
"version": "0.1.3",
|
|
4
4
|
"backstage": {
|
|
5
5
|
"role": "backend-plugin",
|
|
6
6
|
"pluginId": "mcp-actions",
|
|
@@ -37,20 +37,20 @@
|
|
|
37
37
|
"test": "backstage-cli package test"
|
|
38
38
|
},
|
|
39
39
|
"dependencies": {
|
|
40
|
-
"@backstage/backend-defaults": "0.12.1
|
|
41
|
-
"@backstage/backend-plugin-api": "1.4.3
|
|
42
|
-
"@backstage/catalog-client": "1.
|
|
43
|
-
"@backstage/errors": "1.2.7",
|
|
44
|
-
"@backstage/plugin-catalog-node": "1.
|
|
45
|
-
"@backstage/types": "1.2.
|
|
40
|
+
"@backstage/backend-defaults": "^0.12.1",
|
|
41
|
+
"@backstage/backend-plugin-api": "^1.4.3",
|
|
42
|
+
"@backstage/catalog-client": "^1.12.0",
|
|
43
|
+
"@backstage/errors": "^1.2.7",
|
|
44
|
+
"@backstage/plugin-catalog-node": "^1.19.0",
|
|
45
|
+
"@backstage/types": "^1.2.2",
|
|
46
46
|
"@modelcontextprotocol/sdk": "^1.12.3",
|
|
47
47
|
"express": "^4.17.1",
|
|
48
48
|
"express-promise-router": "^4.1.0",
|
|
49
49
|
"zod": "^3.22.4"
|
|
50
50
|
},
|
|
51
51
|
"devDependencies": {
|
|
52
|
-
"@backstage/backend-test-utils": "1.9.0
|
|
53
|
-
"@backstage/cli": "0.34.2
|
|
52
|
+
"@backstage/backend-test-utils": "^1.9.0",
|
|
53
|
+
"@backstage/cli": "^0.34.2",
|
|
54
54
|
"@types/express": "^4.17.6"
|
|
55
55
|
},
|
|
56
56
|
"typesVersions": {
|