@darbotlabs/darbot-browser-mcp 0.2.0 → 1.3.0

package/lib/transport.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,10 +16,15 @@
 import http from 'node:http';
 import assert from 'node:assert';
 import crypto from 'node:crypto';
+import { execSync } from 'node:child_process';
 import debug from 'debug';
+import express from 'express';
 import { SSEServerTransport } from '@modelcontextprotocol/sdk/server/sse.js';
 import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { mcpAuthRouter } from '@modelcontextprotocol/sdk/server/auth/router.js';
+import { createUnifiedAuthenticator } from './auth/index.js';
+import { createMcpOAuthProvider, getOAuthConfig, isOAuthConfigured } from './auth/mcpOAuthProvider.js';
 export async function startStdioTransport(server) {
     await server.createConnection(new StdioServerTransport());
 }
@@ -56,67 +61,282 @@ async function handleSSE(server, req, res, url, sessions) {
 }
 async function handleStreamable(server, req, res, sessions) {
     const sessionId = req.headers['mcp-session-id'];
+    // If session ID provided, try to use existing session
     if (sessionId) {
-        const transport = sessions.get(sessionId);
-        if (!transport) {
-            res.statusCode = 404;
-            res.end('Session not found');
-            return;
+        const existingTransport = sessions.get(sessionId);
+        if (existingTransport) {
+            return await existingTransport.handleRequest(req, res);
         }
-        return await transport.handleRequest(req, res);
+        // Session not found (server may have restarted) - create new session for POST requests
+        // eslint-disable-next-line no-console
+        console.error(`[MCP] Session ${sessionId} not found, will create new session if POST request`);
     }
+    // Handle POST requests - create new session (or recreate if old session expired)
     if (req.method === 'POST') {
         const transport = new StreamableHTTPServerTransport({
             sessionIdGenerator: () => crypto.randomUUID(),
-            onsessioninitialized: sessionId => {
-                sessions.set(sessionId, transport);
+            onsessioninitialized: newSessionId => {
+                sessions.set(newSessionId, transport);
+                // eslint-disable-next-line no-console
+                console.error(`[MCP] New session created: ${newSessionId}`);
             }
         });
         transport.onclose = () => {
-            if (transport.sessionId)
+            if (transport.sessionId) {
                 sessions.delete(transport.sessionId);
+                // eslint-disable-next-line no-console
+                console.error(`[MCP] Session closed: ${transport.sessionId}`);
+            }
         };
         await server.createConnection(transport);
         await transport.handleRequest(req, res);
         return;
     }
-    res.statusCode = 400;
-    res.end('Invalid request');
+    // GET requests without valid session
+    if (req.method === 'GET') {
+        res.statusCode = 400;
+        res.setHeader('Content-Type', 'application/json');
+        res.end(JSON.stringify({
+            error: 'invalid_request',
+            message: 'GET requests require a valid session. Send a POST to /mcp first to initialize.',
+        }));
+        return;
+    }
+    res.statusCode = 405;
+    res.setHeader('Content-Type', 'application/json');
+    res.end(JSON.stringify({
+        error: 'method_not_allowed',
+        message: 'Use POST to send MCP messages',
+    }));
+}
+async function killProcessOnPort(port) {
+    const isWindows = process.platform === 'win32';
+    try {
+        if (isWindows) {
+            // Find and kill process on Windows
+            const result = execSync(`netstat -ano | findstr ":${port}"`, { encoding: 'utf8' });
+            const lines = result.split('\n').filter(line => line.includes('LISTENING'));
+            const pidsToKill = new Set();
+            for (const line of lines) {
+                const parts = line.trim().split(/\s+/);
+                const pid = parts[parts.length - 1];
+                if (pid && /^\d+$/.test(pid) && pid !== '0')
+                    pidsToKill.add(pid);
+            }
+            for (const pid of pidsToKill) {
+                // eslint-disable-next-line no-console
+                console.error(`Killing process ${pid} using port ${port}...`);
+                try {
+                    execSync(`taskkill /F /PID ${pid}`, { stdio: 'pipe' });
+                }
+                catch (e) {
+                    // Process may have already exited
+                    if (!e.message?.includes('not found'))
+                        throw e;
+                }
+            }
+        }
+        else {
+            // Find and kill process on Unix-like systems
+            const result = execSync(`lsof -ti:${port}`, { encoding: 'utf8' });
+            const pids = result.trim().split('\n').filter(Boolean);
+            for (const pid of pids) {
+                // eslint-disable-next-line no-console
+                console.error(`Killing process ${pid} using port ${port}...`);
+                try {
+                    execSync(`kill -9 ${pid}`, { stdio: 'pipe' });
+                }
+                catch {
+                    // Process may have already exited
+                }
+            }
+        }
+        // Wait for port to be released
+        await new Promise(resolve => setTimeout(resolve, 1000));
+        return true;
+    }
+    catch {
+        return false;
+    }
 }
 export async function startHttpServer(config) {
     const { host, port } = config;
-    const httpServer = http.createServer();
-    await new Promise((resolve, reject) => {
+    // Create Express app
+    const app = express();
+    // Trust proxy for Azure App Service
+    app.set('trust proxy', 1);
+    // CORS middleware - must come before body parsers
+    app.use((req, res, next) => {
+        res.setHeader('Access-Control-Allow-Origin', '*');
+        res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, DELETE');
+        res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key, Mcp-Session-Id, Accept');
+        if (req.method === 'OPTIONS') {
+            res.status(200).end();
+            return;
+        }
+        next();
+    });
+    // Parse JSON bodies - but NOT for /mcp and /sse endpoints (MCP SDK handles its own body parsing)
+    app.use((req, res, next) => {
+        if (req.path === '/mcp' || req.path === '/sse') {
+            return next();
+        }
+        return express.json()(req, res, next);
+    });
+    // Setup OAuth router if configured
+    const oauthConfig = getOAuthConfig();
+    if (isOAuthConfigured() && oauthConfig) {
+        try {
+            const provider = createMcpOAuthProvider(oauthConfig);
+            const serverUrl = new URL(oauthConfig.serverBaseUrl);
+            const authRouter = mcpAuthRouter({
+                provider,
+                issuerUrl: serverUrl,
+                baseUrl: serverUrl,
+                serviceDocumentationUrl: new URL('https://github.com/AugustinMauworworworwy/darbot-browser-mcp'),
+                scopesSupported: ['openid', 'profile', 'email', 'User.Read'],
+                resourceName: 'Darbot Browser MCP',
+            });
+            // Mount OAuth router at root (handles /.well-known/*, /authorize, /token, /register)
+            app.use(authRouter);
+            // eslint-disable-next-line no-console
+            console.error('[OAuth] MCP OAuth router configured with Entra ID proxy');
+        }
+        catch (error) {
+            // eslint-disable-next-line no-console
+            console.error('[OAuth] Failed to setup OAuth router:', error);
+        }
+    }
+    // Create HTTP server from Express app
+    const httpServer = http.createServer(app);
+    const tryListen = () => new Promise((resolve, reject) => {
         httpServer.on('error', reject);
         httpServer.listen(port, host, () => {
             resolve();
             httpServer.removeListener('error', reject);
         });
     });
-    return httpServer;
+    try {
+        await tryListen();
+    }
+    catch (error) {
+        if (error.code === 'EADDRINUSE' && port !== undefined) {
+            // eslint-disable-next-line no-console
+            console.error(`Port ${port} is in use. Attempting to terminate conflicting service...`);
+            const killed = await killProcessOnPort(port);
+            if (killed) {
+                // Retry after killing
+                await tryListen();
+            }
+            else {
+                throw new Error(`Port ${port} is already in use and could not terminate the conflicting process. Please free the port manually or use a different port.`);
+            }
+        }
+        else {
+            throw error;
+        }
+    }
+    return { httpServer, app };
 }
-export function startHttpTransport(httpServer, mcpServer) {
+export function startHttpTransport(httpServer, mcpServer, app) {
     const sseSessions = new Map();
     const streamableSessions = new Map();
-    httpServer.on('request', async (req, res) => {
+    // Use unified authenticator that supports multiple auth methods
+    const authenticator = createUnifiedAuthenticator();
+    // Initialize async auth providers (Managed Identity, Key Vault)
+    void authenticator.initialize().catch(err => {
+        // eslint-disable-next-line no-console
+        console.error('[Auth] Failed to initialize async auth providers:', err);
+    });
+    const enforceAuthIfEnabled = async (req, res) => {
+        // Check if any auth method is configured
+        if (!authenticator.isAuthEnabled())
+            return true;
+        const result = await authenticator.authenticate(req);
+        if (result.authenticated) {
+            // Attach user info to request
+            req.auth = result;
+            req.user = result.user;
+            return true;
+        }
+        // Return 401 with helpful error message
+        res.status(401).json({
+            error: 'unauthorized',
+            message: result.error || 'Valid authentication required.',
+            hint: 'Use Entra ID OAuth, VS Code tunnel, or Azure Managed Identity.',
+        });
+        return false;
+    };
+    // MCP Streamable HTTP endpoint - must be registered as Express route
+    // Cast to http types since Express extends them and MCP SDK needs the base types
+    app.all('/mcp', async (req, res) => {
+        if (!(await enforceAuthIfEnabled(req, res)))
+            return;
+        await handleStreamable(mcpServer, req, res, streamableSessions);
+    });
+    // SSE endpoint (legacy MCP transport)
+    app.all('/sse', async (req, res) => {
+        if (!(await enforceAuthIfEnabled(req, res)))
+            return;
         const url = new URL(`http://localhost${req.url}`);
-        if (url.pathname.startsWith('/mcp'))
-            await handleStreamable(mcpServer, req, res, streamableSessions);
-        else
-            await handleSSE(mcpServer, req, res, url, sseSessions);
+        await handleSSE(mcpServer, req, res, url, sseSessions);
     });
+    // Health check endpoints
+    app.get('/health', async (req, res) => {
+        try {
+            const { createHealthCheckService } = await import('./health.js');
+            const healthService = createHealthCheckService();
+            await healthService.handleHealthCheck(req, res);
+        }
+        catch {
+            res.status(500).send('Health check service unavailable');
+        }
+    });
+    app.get('/ready', async (req, res) => {
+        try {
+            const { createHealthCheckService } = await import('./health.js');
+            const healthService = createHealthCheckService();
+            await healthService.handleReadinessCheck(req, res);
+        }
+        catch {
+            res.status(503).send('Service unavailable');
+        }
+    });
+    app.get('/live', async (req, res) => {
+        try {
+            const { createHealthCheckService } = await import('./health.js');
+            const healthService = createHealthCheckService();
+            await healthService.handleLivenessCheck(req, res);
+        }
+        catch {
+            res.status(503).send('Service unavailable');
+        }
+    });
+    // OpenAPI specification endpoint
+    app.get(['/openapi.json', '/swagger.json'], async (req, res) => {
+        try {
+            const { createOpenAPIGenerator } = await import('./openapi.js');
+            const { snapshotTools } = await import('./tools.js');
+            const openApiGenerator = createOpenAPIGenerator(snapshotTools);
+            openApiGenerator.handleOpenAPISpec(req, res);
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            res.status(500).json({ error: 'Failed to generate OpenAPI spec', message: errorMessage });
+        }
+    });
+    // Log server info
     const url = httpAddressToString(httpServer.address());
     const message = [
-        `Listening on ${url}`,
-        'Put this in your client config:',
-        JSON.stringify({
-            'mcpServers': {
-                'playwright': {
-                    'url': `${url}/sse`
-                }
-            }
-        }, undefined, 2),
-        'If your client supports streamable HTTP, you can use the /mcp endpoint instead.',
+        `Darbot Browser MCP Server listening on ${url}`,
+        '',
+        'Available endpoints:',
+        `  Health Check: ${url}/health`,
+        `  Readiness:    ${url}/ready`,
+        `  Liveness:     ${url}/live`,
+        `  OpenAPI:      ${url}/openapi.json`,
+        `  MCP:          ${url}/mcp`,
+        `  SSE:          ${url}/sse`,
     ].join('\n');
     // eslint-disable-next-line no-console
     console.error(message);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@darbotlabs/darbot-browser-mcp",
-  "version": "0.2.0",
-  "description": "🤖 Your Autonomous Browser Companion - 29 AI-driven browser tools with work profile support and VS Code GitHub Copilot agent mode integration",
+  "version": "1.3.0",
+  "description": "Darbot Browser - framework for 52 AI-driven browser tools with session state support and VS Code GitHub Copilot agent mode integration",
   "type": "module",
   "repository": {
     "type": "git",
@@ -13,7 +13,7 @@
     "browser",
     "autonomous",
     "darbot",
-    "automation", 
+    "automation",
     "testing",
     "screenshot",
     "copilot",
@@ -25,7 +25,7 @@
     "selenium-alternative",
     "browser-testing",
     "accessibility",
-    "work-profiles",
+    "session-states",
     "session-management",
     "github-copilot",
     "model-context-protocol",
@@ -34,10 +34,10 @@
     "copilot-integration"
   ],
   "engines": {
-    "node": ">=18"
+    "node": ">=23"
   },
   "author": {
-    "name": "Microsoft Corporation"
+    "name": "DarbotLabs"
   },
   "license": "Apache-2.0",
   "scripts": {
@@ -45,8 +45,8 @@
     "lint": "npm run update-readme && eslint . && tsc --noEmit",
     "update-readme": "node utils/update-readme.js",
     "watch": "tsc --watch",
-    "test": "npx @playwright/test",
-    "test:msedge": "npx @playwright/test --project=msedge",
+    "test": "npx playwright test",
+    "test:msedge": "npx playwright test --project=msedge",
     "run-server": "node cli.js",
     "run-darbot": "node cli.js",
     "clean": "rmdir /s /q lib 2>nul || echo Clean completed",
@@ -62,31 +62,37 @@
     }
   },
   "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.11.0",
+    "@azure/identity": "^4.5.0",
+    "@azure/keyvault-secrets": "^4.9.0",
+    "@azure/msal-node": "^5.0.2",
+    "@modelcontextprotocol/sdk": "^1.25.3",
     "commander": "^13.1.0",
-    "debug": "^4.4.1",
-    "mime": "^4.0.7",
-    "playwright": "1.55.0-alpha-1752540053000",
-    "playwright-core": "1.55.0-alpha-1752540053000",
-    "ws": "^8.18.1",
-    "zod-to-json-schema": "^3.24.4"
+    "debug": "^4.4.3",
+    "express": "^4.21.2",
+    "mime": "^4.1.0",
+    "playwright": "^1.57.0",
+    "playwright-core": "^1.57.0",
+    "ws": "^8.19.0",
+    "zod": "^3.25.76",
+    "zod-to-json-schema": "^3.25.1"
   },
   "devDependencies": {
     "@eslint/eslintrc": "^3.2.0",
-    "@eslint/js": "^9.19.0",
-    "@playwright/test": "1.55.0-alpha-1752540053000",
+    "@eslint/js": "^9.39.2",
+    "@playwright/test": "^1.57.0",
     "@stylistic/eslint-plugin": "^3.0.1",
     "@types/chrome": "^0.0.315",
     "@types/debug": "^4.1.12",
-    "@types/node": "^22.13.10",
+    "@types/express": "^5.0.0",
+    "@types/node": "^25.0.10",
     "@types/ws": "^8.18.1",
-    "@typescript-eslint/eslint-plugin": "^8.26.1",
-    "@typescript-eslint/parser": "^8.26.1",
+    "@typescript-eslint/eslint-plugin": "^8.53.1",
+    "@typescript-eslint/parser": "^8.53.1",
     "@typescript-eslint/utils": "^8.26.1",
-    "eslint": "^9.19.0",
+    "eslint": "^9.39.2",
     "eslint-plugin-import": "^2.31.0",
     "eslint-plugin-notice": "^1.0.0",
-    "typescript": "^5.8.2"
+    "typescript": "^5.9.3"
   },
   "bin": {
     "darbot-browser-mcp": "cli.js"