@carbonvoice/cv-mcp-server 1.1.3 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. package/dist/auth/auth.service.js +79 -0
  2. package/dist/auth/auth.service.js.map +1 -0
  3. package/dist/auth/index.js +15 -0
  4. package/dist/auth/index.js.map +1 -1
  5. package/dist/auth/interfaces/auth.types.js +3 -0
  6. package/dist/auth/interfaces/auth.types.js.map +1 -0
  7. package/dist/auth/interfaces/index.js +1 -0
  8. package/dist/auth/interfaces/index.js.map +1 -1
  9. package/dist/cv-api.js +13 -5
  10. package/dist/cv-api.js.map +1 -1
  11. package/dist/server.js +143 -31
  12. package/dist/server.js.map +1 -1
  13. package/dist/transports/http/interfaces/index.js +3 -0
  14. package/dist/transports/http/interfaces/index.js.map +1 -0
  15. package/dist/transports/http/middleware/add-mcp-session-id.middleware.js +20 -13
  16. package/dist/transports/http/middleware/add-mcp-session-id.middleware.js.map +1 -1
  17. package/dist/transports/http/middleware/add-request-id.middlware.js +13 -4
  18. package/dist/transports/http/middleware/add-request-id.middlware.js.map +1 -1
  19. package/dist/transports/http/middleware/log-request.middlware.js +27 -11
  20. package/dist/transports/http/middleware/log-request.middlware.js.map +1 -1
  21. package/dist/transports/http/session/index.js +34 -0
  22. package/dist/transports/http/session/index.js.map +1 -0
  23. package/dist/transports/http/session/session-cleanup.js +60 -0
  24. package/dist/transports/http/session/session-cleanup.js.map +1 -0
  25. package/dist/transports/http/session/session-manager.js +52 -0
  26. package/dist/transports/http/session/session-manager.js.map +1 -0
  27. package/dist/transports/http/session/session.config.js +29 -0
  28. package/dist/transports/http/session/session.config.js.map +1 -0
  29. package/dist/transports/http/session/session.logger.js +68 -0
  30. package/dist/transports/http/session/session.logger.js.map +1 -0
  31. package/dist/transports/http/session/session.service.js +196 -0
  32. package/dist/transports/http/session/session.service.js.map +1 -0
  33. package/dist/transports/http/session/session.types.js +31 -0
  34. package/dist/transports/http/session/session.types.js.map +1 -0
  35. package/dist/transports/http/streamable.js +184 -427
  36. package/dist/transports/http/streamable.js.map +1 -1
  37. package/dist/transports/http/utils/request-context.js +78 -0
  38. package/dist/transports/http/utils/request-context.js.map +1 -0
  39. package/dist/utils/axios-instance.js +34 -22
  40. package/dist/utils/axios-instance.js.map +1 -1
  41. package/dist/utils/get-process-uptime.js +13 -0
  42. package/dist/utils/get-process-uptime.js.map +1 -0
  43. package/dist/utils/index.js +2 -2
  44. package/dist/utils/index.js.map +1 -1
  45. package/dist/utils/logger.js +34 -11
  46. package/dist/utils/logger.js.map +1 -1
  47. package/dist/utils/{format-time-to-human.js → time-to-human.js} +17 -7
  48. package/dist/utils/time-to-human.js.map +1 -0
  49. package/package.json +1 -1
  50. package/dist/auth/auth-middleware.js +0 -203
  51. package/dist/auth/auth-middleware.js.map +0 -1
  52. package/dist/utils/format-time-to-human.js.map +0 -1
  53. package/dist/utils/format-uptime.js +0 -13
  54. package/dist/utils/format-uptime.js.map +0 -1
@@ -1,203 +0,0 @@
1
- "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
- Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.setCarbonVoiceAuthHeader = exports.createOAuthTokenVerifier = void 0;
7
- const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
8
- const errors_js_1 = require("@modelcontextprotocol/sdk/server/auth/errors.js");
9
- const config_1 = require("../config");
10
- const utils_1 = require("../utils");
11
- // export const verifyAccessToken = (
12
- // req: Request,
13
- // res: Response,
14
- // next: NextFunction,
15
- // ) => {
16
- // let token = undefined;
17
- // try {
18
- // const auth = req.headers.authorization;
19
- // if (!auth) {
20
- // throw new Error('No authorization header provided');
21
- // }
22
- // token = auth.split(' ')[1];
23
- // const decoded = jwt.decode(token) as TokenIntrospectionResponse;
24
- // // Validate expiration date
25
- // if (decoded.exp && decoded.exp < Date.now() / 1000) {
26
- // throw new Error('Token expired');
27
- // }
28
- // // Validate issuer
29
- // // FIXME: Uncomment this when we have a valid issuer
30
- // // if (decoded.iss !== env.OAUTH_SERVER_URL) {
31
- // // throw new Error('Invalid issuer');
32
- // // }
33
- // const user: User = {
34
- // id: decoded.sub,
35
- // };
36
- // req.auth = {
37
- // token,
38
- // clientId: decoded.client_id,
39
- // scopes: decoded.scope?.split(' ') || [],
40
- // expiresAt: decoded.exp,
41
- // extra: {
42
- // user,
43
- // },
44
- // };
45
- // next();
46
- // } catch (error: unknown) {
47
- // logger.error('Error verifying access token', {
48
- // error: {
49
- // ...(error as Error),
50
- // error_message: (error as Error).message,
51
- // stack: (error as Error).stack,
52
- // },
53
- // token,
54
- // });
55
- // sendUnauthorizedErrorResponse(req, res);
56
- // return;
57
- // }
58
- // };
59
- // export const sendUnauthorizedErrorResponse = (req: Request, res: Response) => {
60
- // const protocol = req.get('X-Forwarded-Proto') || req.protocol;
61
- // const host =
62
- // req.get('X-Forwarded-Host') || req.get('host') || `localhost:${env.PORT}`;
63
- // const baseUrl = `${protocol}://${host}`;
64
- // const bearer = `Bearer realm="MCP Server", resource_metadata_uri="${baseUrl}/.well-known/oauth-protected-resource"`;
65
- // res.setHeader('WWW-Authenticate', bearer);
66
- // res.sendStatus(401);
67
- // return;
68
- // };
69
- // export async function verifyAccessTokenV2(token?: string): Promise<AuthInfo> {
70
- // if (!token) {
71
- // throw new InvalidTokenError('No token provided');
72
- // }
73
- // try {
74
- // const decoded = jwt.decode(token) as TokenIntrospectionResponse;
75
- // return {
76
- // token,
77
- // clientId: decoded.client_id!,
78
- // scopes: decoded.scope?.split(' ') || [],
79
- // expiresAt: decoded.exp,
80
- // extra: {
81
- // user: {
82
- // id: decoded.sub!,
83
- // },
84
- // },
85
- // };
86
- // } catch (error) {
87
- // logger.error('Error verifying access token', {
88
- // error: {
89
- // ...(error as Error),
90
- // error_message: (error as Error).message,
91
- // stack: (error as Error).stack,
92
- // },
93
- // token,
94
- // });
95
- // throw error;
96
- // }
97
- // }
98
- // export class VerifyAccessToken implements OAuthTokenVerifier {
99
- // async verifyAccessToken(token: string): Promise<AuthInfo> {
100
- // if (!token) {
101
- // throw new InvalidTokenError('No token provided');
102
- // }
103
- // try {
104
- // const decoded = jwt.decode(token) as TokenIntrospectionResponse;
105
- // return {
106
- // token,
107
- // clientId: decoded.client_id!,
108
- // scopes: decoded.scope?.split(' ') || [],
109
- // expiresAt: decoded.exp,
110
- // extra: {
111
- // user: {
112
- // id: decoded.sub!,
113
- // },
114
- // },
115
- // };
116
- // } catch (error) {
117
- // logger.error('Error verifying access token', {
118
- // error: {
119
- // ...(error as Error),
120
- // error_message: (error as Error).message,
121
- // stack: (error as Error).stack,
122
- // },
123
- // token,
124
- // });
125
- // throw error;
126
- // }
127
- // }
128
- // }
129
- // Simple function-based OAuthTokenVerifier
130
- const createOAuthTokenVerifier = () => ({
131
- async verifyAccessToken(token) {
132
- var _a;
133
- if (!token) {
134
- throw new errors_js_1.InvalidTokenError('No token provided');
135
- }
136
- try {
137
- const decoded = jsonwebtoken_1.default.decode(token);
138
- // Basic validation
139
- if (!decoded) {
140
- throw new errors_js_1.InvalidTokenError('Invalid token format');
141
- }
142
- if (!decoded.sub || !decoded.client_id) {
143
- throw new errors_js_1.InvalidTokenError('Token missing required claims');
144
- }
145
- // Check expiration
146
- // We don't need, since it's validate in requireBearerAuth middleware
147
- // if (decoded.exp && decoded.exp < Date.now() / 1000) {
148
- // throw new InvalidTokenError('Token expired');
149
- // }
150
- // Validate issuer if configured
151
- if (config_1.env.CARBON_VOICE_BASE_URL &&
152
- decoded.iss !== config_1.env.CARBON_VOICE_BASE_URL) {
153
- throw new errors_js_1.InvalidTokenError('Invalid token issuer');
154
- }
155
- return {
156
- token,
157
- clientId: decoded.client_id,
158
- scopes: ((_a = decoded.scope) === null || _a === void 0 ? void 0 : _a.split(' ')) || [],
159
- expiresAt: decoded.exp,
160
- extra: {
161
- user: {
162
- id: decoded.sub,
163
- },
164
- },
165
- };
166
- }
167
- catch (error) {
168
- utils_1.logger.error('Error verifying access token', {
169
- error: {
170
- error_message: error.message,
171
- stack: error.stack,
172
- },
173
- token: (0, utils_1.removeLastChars)(token),
174
- });
175
- if (error instanceof errors_js_1.InvalidTokenError) {
176
- throw error;
177
- }
178
- throw new errors_js_1.InvalidTokenError('Token verification failed');
179
- }
180
- },
181
- });
182
- exports.createOAuthTokenVerifier = createOAuthTokenVerifier;
183
- const setCarbonVoiceAuthHeader = (token) => {
184
- if (!token && !config_1.env.CARBON_VOICE_API_KEY) {
185
- throw new utils_1.UnauthorizedException('No Bearer token or API key provided');
186
- }
187
- // http-transport
188
- if (token) {
189
- return {
190
- headers: {
191
- Authorization: `Bearer ${token}`,
192
- },
193
- };
194
- }
195
- // Default to API key for Stdio transport
196
- return {
197
- headers: {
198
- 'x-api-key': `${config_1.env.CARBON_VOICE_API_KEY}`,
199
- },
200
- };
201
- };
202
- exports.setCarbonVoiceAuthHeader = setCarbonVoiceAuthHeader;
203
- //# sourceMappingURL=auth-middleware.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth-middleware.js","sourceRoot":"","sources":["../../src/auth/auth-middleware.ts"],"names":[],"mappings":";;;;;;AACA,gEAA+B;AAE/B,+EAAoF;AAMpF,sCAAgC;AAChC,oCAA0E;AA+B1E,qCAAqC;AACrC,kBAAkB;AAClB,mBAAmB;AACnB,wBAAwB;AACxB,SAAS;AACT,2BAA2B;AAC3B,UAAU;AACV,8CAA8C;AAC9C,mBAAmB;AACnB,6DAA6D;AAC7D,QAAQ;AAER,kCAAkC;AAClC,uEAAuE;AACvE,kCAAkC;AAClC,4DAA4D;AAC5D,0CAA0C;AAC1C,QAAQ;AACR,yBAAyB;AACzB,2DAA2D;AAC3D,qDAAqD;AACrD,8CAA8C;AAC9C,WAAW;AACX,2BAA2B;AAC3B,yBAAyB;AACzB,SAAS;AAET,mBAAmB;AACnB,eAAe;AACf,qCAAqC;AACrC,iDAAiD;AACjD,gCAAgC;AAChC,iBAAiB;AACjB,gBAAgB;AAChB,WAAW;AACX,SAAS;AAET,cAAc;AACd,+BAA+B;AAC/B,qDAAqD;AACrD,iBAAiB;AACjB,+BAA+B;AAC/B,mDAAmD;AACnD,yCAAyC;AACzC,WAAW;AACX,eAAe;AACf,UAAU;AAEV,+CAA+C;AAC/C,cAAc;AACd,MAAM;AACN,KAAK;AAEL,kFAAkF;AAClF,mEAAmE;AACnE,iBAAiB;AACjB,iFAAiF;AACjF,6CAA6C;AAC7C,yHAAyH;AAEzH,+CAA+C;AAC/C,yBAAyB;AACzB,YAAY;AACZ,KAAK;AAEL,iFAAiF;AACjF,kBAAkB;AAClB,wDAAwD;AACxD,MAAM;AAEN,UAAU;AACV,uEAAuE;AAEvE,eAAe;AACf,eAAe;AACf,sCAAsC;AACtC,iDAAiD;AACjD,gCAAgC;AAChC,iBAAiB;AACjB,kBAAkB;AAClB,8BAA8B;AAC9B,aAAa;AACb,WAAW;AACX,SAAS;AACT,sBAAsB;AACtB,qDAAqD;AACrD,iBAAiB;AACjB,+BAA+B;AAC/B,mDAAmD;AACnD,yCAAyC;AACzC,WAAW;AACX,eAAe;AACf,UAAU;AAEV,mBAAmB;AACnB,MAAM;AACN,IAAI;AAEJ,iEAAiE;AACjE,gEAAgE;AAChE,oBAAoB;AACpB,0DAA0D;AAC1D,QAAQ;AAER,YAAY;AACZ,yEAAyE;AAEzE,iBAAiB;AACjB,iBAAiB;AACjB,wCAAwC;AACxC,mDAAmD;AACnD,kCAAkC;AAClC,mBAAmB;AACnB,oBAAoB;AACpB,gCAAgC;AAChC,eAAe;AACf,aAAa;AACb,WAAW;AACX,wBAAwB;AACxB,uDAAuD;AACvD,mBAAmB;AACnB,iCAAiC;AACjC,qDAAqD;AACrD,2CAA2C;AAC3C,aAAa;AACb,iBAAiB;AACjB,YAAY;AAEZ,qBAAqB;AACrB,QAAQ;AACR,MAAM;AACN,IAAI;AAEJ,2CAA2C;AACpC,MAAM,wBAAwB,GAAG,GAAuB,EAAE,CAAC,CAAC;IACjE,KAAK,CAAC,iBAAiB,CAAC,KAAa;;QACnC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,6BAAiB,CAAC,mBAAmB,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAA+B,CAAC;YAEhE,mBAAmB;YACnB,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,6BAAiB,CAAC,sBAAsB,CAAC,CAAC;YACtD,CAAC;YAED,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;gBACvC,MAAM,IAAI,6BAAiB,CAAC,+BAA+B,CAAC,CAAC;YAC/D,CAAC;YAED,mBAAmB;YACnB,qEAAqE;YACrE,wDAAwD;YACxD,kDAAkD;YAClD,IAAI;YAEJ,gCAAgC;YAChC,IACE,YAAG,CAAC,qBAAqB;gBACzB,OAAO,CAAC,GAAG,KAAK,YAAG,CAAC,qBAAqB,EACzC,CAAC;gBACD,MAAM,IAAI,6BAAiB,CAAC,sBAAsB,CAAC,CAAC;YACtD,CAAC;YAED,OAAO;gBACL,KAAK;gBACL,QAAQ,EAAE,OAAO,CAAC,SAAS;gBAC3B,MAAM,EAAE,CAAA,MAAA,OAAO,CAAC,KAAK,0CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE;gBACvC,SAAS,EAAE,OAAO,CAAC,GAAG;gBACtB,KAAK,EAAE;oBACL,IAAI,EAAE;wBACJ,EAAE,EAAE,OAAO,CAAC,GAAG;qBAChB;iBACF;aACF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,cAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE;gBAC3C,KAAK,EAAE;oBACL,aAAa,EAAG,KAAe,CAAC,OAAO;oBACvC,KAAK,EAAG,KAAe,CAAC,KAAK;iBAC9B;gBACD,KAAK,EAAE,IAAA,uBAAe,EAAC,KAAK,CAAC;aAC9B,CAAC,CAAC;YAEH,IAAI,KAAK,YAAY,6BAAiB,EAAE,CAAC;gBACvC,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,IAAI,6BAAiB,CAAC,2BAA2B,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;CACF,CAAC,CAAC;AA3DU,QAAA,wBAAwB,4BA2DlC;AAEI,MAAM,wBAAwB,GAAG,CACtC,KAAc,EACuB,EAAE;IACvC,IAAI,CAAC,KAAK,IAAI,CAAC,YAAG,CAAC,oBAAoB,EAAE,CAAC;QACxC,MAAM,IAAI,6BAAqB,CAAC,qCAAqC,CAAC,CAAC;IACzE,CAAC;IAED,iBAAiB;IACjB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO;YACL,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,KAAK,EAAE;aACjC;SACF,CAAC;IACJ,CAAC;IAED,yCAAyC;IACzC,OAAO;QACL,OAAO,EAAE;YACP,WAAW,EAAE,GAAG,YAAG,CAAC,oBAAoB,EAAE;SAC3C;KACF,CAAC;AACJ,CAAC,CAAC;AAtBW,QAAA,wBAAwB,4BAsBnC"}
@@ -1 +0,0 @@
1
- {"version":3,"file":"format-time-to-human.js","sourceRoot":"","sources":["../../src/utils/format-time-to-human.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACI,MAAM,iBAAiB,GAAG,CAAC,WAAmB,EAAU,EAAE;IAC/D,IAAI,WAAW,GAAG,EAAE,EAAE,CAAC;QACrB,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC;IACvC,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,KAAK,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,GAAG,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IACtD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC;IAE7C,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;QACb,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;IACzB,CAAC;IACD,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACd,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;IAC1B,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC;IAC5B,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC,CAAC;AA1BW,QAAA,iBAAiB,qBA0B5B"}
@@ -1,13 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.formatProcessUptime = void 0;
4
- const format_time_to_human_1 = require("./format-time-to-human");
5
- /**
6
- * Formats process uptime to a human-readable string
7
- * @returns Human-readable uptime string
8
- */
9
- const formatProcessUptime = () => {
10
- return (0, format_time_to_human_1.formatTimeToHuman)(process.uptime());
11
- };
12
- exports.formatProcessUptime = formatProcessUptime;
13
- //# sourceMappingURL=format-uptime.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"format-uptime.js","sourceRoot":"","sources":["../../src/utils/format-uptime.ts"],"names":[],"mappings":";;;AAAA,iEAA2D;AAE3D;;;GAGG;AACI,MAAM,mBAAmB,GAAG,GAAW,EAAE;IAC9C,OAAO,IAAA,wCAAiB,EAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAC7C,CAAC,CAAC;AAFW,QAAA,mBAAmB,uBAE9B"}