@bryan-thompson/inspector-assessment-server 1.7.1 → 1.8.0

package/build/index.js

@@ -9,7 +9,7 @@ const fetch = nodeFetch;
 const Headers = NodeHeaders;
 import { SSEClientTransport, SseError, } from "@modelcontextprotocol/sdk/client/sse.js";
 import { StdioClientTransport, getDefaultEnvironment, } from "@modelcontextprotocol/sdk/client/stdio.js";
-import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
+import { StreamableHTTPClientTransport, StreamableHTTPError, } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 import { SSEServerTransport } from "@modelcontextprotocol/sdk/server/sse.js";
 import express from "express";
@@ -31,6 +31,21 @@ const { values } = parseArgs({
         "server-url": { type: "string", default: "" },
     },
 });
+/**
+ * Helper function to detect 401 Unauthorized errors from various transport types.
+ * StreamableHTTPClientTransport throws a generic Error with "HTTP 401" in the message
+ * when there's no authProvider configured, while SSEClientTransport throws SseError.
+ */
+const is401Error = (error) => {
+    if (error instanceof SseError && error.code === 401)
+        return true;
+    if (error instanceof StreamableHTTPError && error.code === 401)
+        return true;
+    if (error instanceof Error &&
+        (error.message.includes("HTTP 401") || error.message.includes("(401)")))
+        return true;
+    return false;
+};
 // Function to get HTTP headers.
 const getHttpHeaders = (req) => {
     const headers = {};
@@ -389,8 +404,8 @@ app.post("/mcp", originValidationMiddleware, authMiddleware, async (req, res) =>
             await webAppTransport.handleRequest(req, res, req.body);
         }
         catch (error) {
-            if (error instanceof SseError && error.code === 401) {
-                console.error("Received 401 Unauthorized from MCP server:", error.message);
+            if (is401Error(error)) {
+                console.error("Received 401 Unauthorized from MCP server:", error instanceof Error ? error.message : error);
                 res.status(401).json(error);
                 return;
             }
@@ -522,7 +537,7 @@ app.get("/stdio", originValidationMiddleware, authMiddleware, async (req, res) =
         });
     }
     catch (error) {
-        if (error instanceof SseError && error.code === 401) {
+        if (is401Error(error)) {
             console.error("Received 401 Unauthorized from MCP server. Authentication failure.");
             res.status(401).json(error);
             return;
@@ -553,7 +568,7 @@ app.get("/sse", originValidationMiddleware, authMiddleware, async (req, res) =>
         });
     }
     catch (error) {
-        if (error instanceof SseError && error.code === 401) {
+        if (is401Error(error)) {
             console.error("Received 401 Unauthorized from MCP server. Authentication failure.");
             res.status(401).json(error);
             return;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bryan-thompson/inspector-assessment-server",
-  "version": "1.7.1",
+  "version": "1.8.0",
   "description": "Server-side application for the Enhanced MCP Inspector with assessment capabilities",
   "license": "MIT",
   "author": "Bryan Thompson <bryan@triepod.ai>",
@@ -38,7 +38,7 @@
     "typescript": "^5.6.2"
   },
   "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.23.0",
+    "@modelcontextprotocol/sdk": "^1.24.3",
     "cors": "^2.8.5",
     "express": "^5.1.0",
     "shell-quote": "^1.8.3",