@elnora-ai/mcp-server 0.2.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +27 -0
- package/dist/auth/clients-store.d.ts +1 -0
- package/dist/auth/clients-store.d.ts.map +1 -1
- package/dist/auth/clients-store.js +13 -1
- package/dist/auth/clients-store.js.map +1 -1
- package/dist/auth/provider.d.ts +2 -19
- package/dist/auth/provider.d.ts.map +1 -1
- package/dist/auth/provider.js +61 -19
- package/dist/auth/provider.js.map +1 -1
- package/dist/constants.d.ts +2 -3
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +18 -3
- package/dist/constants.js.map +1 -1
- package/dist/index.js +155 -24
- package/dist/index.js.map +1 -1
- package/dist/middleware/cors.js +1 -1
- package/dist/middleware/cors.js.map +1 -1
- package/dist/middleware/rate-limiter.d.ts.map +1 -1
- package/dist/middleware/rate-limiter.js +2 -1
- package/dist/middleware/rate-limiter.js.map +1 -1
- package/dist/middleware/tool-logging.d.ts +14 -0
- package/dist/middleware/tool-logging.d.ts.map +1 -1
- package/dist/middleware/tool-logging.js +49 -4
- package/dist/middleware/tool-logging.js.map +1 -1
- package/dist/server.d.ts +2 -2
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +29 -2
- package/dist/server.js.map +1 -1
- package/dist/services/elnora-api-client.d.ts +12 -18
- package/dist/services/elnora-api-client.d.ts.map +1 -1
- package/dist/services/elnora-api-client.js +34 -42
- package/dist/services/elnora-api-client.js.map +1 -1
- package/dist/services/error-handler.d.ts.map +1 -1
- package/dist/services/error-handler.js +5 -6
- package/dist/services/error-handler.js.map +1 -1
- package/dist/tools/account.d.ts +5 -0
- package/dist/tools/account.d.ts.map +1 -0
- package/dist/tools/account.js +70 -0
- package/dist/tools/account.js.map +1 -0
- package/dist/tools/api-keys.d.ts +5 -0
- package/dist/tools/api-keys.d.ts.map +1 -0
- package/dist/tools/api-keys.js +53 -0
- package/dist/tools/api-keys.js.map +1 -0
- package/dist/tools/audit.d.ts +5 -0
- package/dist/tools/audit.d.ts.map +1 -0
- package/dist/tools/audit.js +28 -0
- package/dist/tools/audit.js.map +1 -0
- package/dist/tools/feedback.d.ts +5 -0
- package/dist/tools/feedback.d.ts.map +1 -0
- package/dist/tools/feedback.js +23 -0
- package/dist/tools/feedback.js.map +1 -0
- package/dist/tools/files.d.ts.map +1 -1
- package/dist/tools/files.js +275 -17
- package/dist/tools/files.js.map +1 -1
- package/dist/tools/flags.d.ts +5 -0
- package/dist/tools/flags.d.ts.map +1 -0
- package/dist/tools/flags.js +36 -0
- package/dist/tools/flags.js.map +1 -0
- package/dist/tools/folders.d.ts +5 -0
- package/dist/tools/folders.d.ts.map +1 -0
- package/dist/tools/folders.js +90 -0
- package/dist/tools/folders.js.map +1 -0
- package/dist/tools/health.d.ts +5 -0
- package/dist/tools/health.d.ts.map +1 -0
- package/dist/tools/health.js +19 -0
- package/dist/tools/health.js.map +1 -0
- package/dist/tools/library.d.ts +5 -0
- package/dist/tools/library.d.ts.map +1 -0
- package/dist/tools/library.js +93 -0
- package/dist/tools/library.js.map +1 -0
- package/dist/tools/messages.d.ts.map +1 -1
- package/dist/tools/messages.js +3 -10
- package/dist/tools/messages.js.map +1 -1
- package/dist/tools/orgs.d.ts +5 -0
- package/dist/tools/orgs.d.ts.map +1 -0
- package/dist/tools/orgs.js +221 -0
- package/dist/tools/orgs.js.map +1 -0
- package/dist/tools/projects.d.ts +5 -0
- package/dist/tools/projects.d.ts.map +1 -0
- package/dist/tools/projects.js +177 -0
- package/dist/tools/projects.js.map +1 -0
- package/dist/tools/protocols.d.ts.map +1 -1
- package/dist/tools/protocols.js +9 -24
- package/dist/tools/protocols.js.map +1 -1
- package/dist/tools/scope-guard.d.ts +0 -8
- package/dist/tools/scope-guard.d.ts.map +1 -1
- package/dist/tools/scope-guard.js +85 -10
- package/dist/tools/scope-guard.js.map +1 -1
- package/dist/tools/search.d.ts +5 -0
- package/dist/tools/search.d.ts.map +1 -0
- package/dist/tools/search.js +60 -0
- package/dist/tools/search.js.map +1 -0
- package/dist/tools/tasks.d.ts.map +1 -1
- package/dist/tools/tasks.js +83 -29
- package/dist/tools/tasks.js.map +1 -1
- package/dist/tools/with-guard.d.ts.map +1 -1
- package/dist/tools/with-guard.js +21 -6
- package/dist/tools/with-guard.js.map +1 -1
- package/dist/types.d.ts +0 -43
- package/dist/types.d.ts.map +1 -1
- package/package.json +2 -1
package/dist/index.js
CHANGED
|
@@ -6,8 +6,10 @@ import { ElnoraApiClient } from "./services/elnora-api-client.js";
|
|
|
6
6
|
import { ElnoraOAuthProvider } from "./auth/provider.js";
|
|
7
7
|
import { createElnoraServer } from "./server.js";
|
|
8
8
|
import { corsMiddleware } from "./middleware/cors.js";
|
|
9
|
-
import {
|
|
10
|
-
import {
|
|
9
|
+
import { SUPPORTED_SCOPES, ALL_SCOPES } from "./constants.js";
|
|
10
|
+
import { logAuthEvent } from "./middleware/tool-logging.js";
|
|
11
|
+
import rateLimit from "express-rate-limit";
|
|
12
|
+
import axios from "axios";
|
|
11
13
|
function requireEnv(name) {
|
|
12
14
|
const value = process.env[name];
|
|
13
15
|
if (!value) {
|
|
@@ -18,9 +20,8 @@ function requireEnv(name) {
|
|
|
18
20
|
function loadConfig() {
|
|
19
21
|
return {
|
|
20
22
|
apiUrl: requireEnv("ELNORA_API_URL"),
|
|
21
|
-
authUrl: requireEnv("ELNORA_AUTH_URL"),
|
|
22
23
|
tokenValidationUrl: requireEnv("ELNORA_TOKEN_VALIDATION_URL"),
|
|
23
|
-
port: parseInt(process.env.PORT || "3000", 10),
|
|
24
|
+
port: (() => { const p = parseInt(process.env.PORT || "3000", 10); return Number.isNaN(p) ? 3000 : p; })(),
|
|
24
25
|
publicUrl: requireEnv("ELNORA_PUBLIC_URL"),
|
|
25
26
|
loginUrl: requireEnv("ELNORA_LOGIN_URL"),
|
|
26
27
|
tokenExchangeUrl: requireEnv("ELNORA_TOKEN_EXCHANGE_URL"),
|
|
@@ -28,12 +29,46 @@ function loadConfig() {
|
|
|
28
29
|
platformClientSecret: requireEnv("ELNORA_PLATFORM_CLIENT_SECRET"),
|
|
29
30
|
};
|
|
30
31
|
}
|
|
32
|
+
/**
|
|
33
|
+
* Validate an API key against the Elnora platform.
|
|
34
|
+
* Returns the platform-assigned user identifier on success, or null on failure.
|
|
35
|
+
* The platform is the sole authority — no local format checks gate access.
|
|
36
|
+
*/
|
|
37
|
+
async function validateApiKeyWithPlatform(apiKey, config) {
|
|
38
|
+
try {
|
|
39
|
+
const validation = await axios.post(config.tokenValidationUrl, {}, { headers: { Authorization: `Bearer ${apiKey}` }, timeout: 10_000 });
|
|
40
|
+
if (validation.data.valid && validation.data.user_id) {
|
|
41
|
+
return { userId: String(validation.data.user_id) };
|
|
42
|
+
}
|
|
43
|
+
return null;
|
|
44
|
+
}
|
|
45
|
+
catch {
|
|
46
|
+
return null;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
31
49
|
async function main() {
|
|
32
50
|
const config = loadConfig();
|
|
51
|
+
// Enforce HTTPS for publicUrl and loginUrl in production (CoSAI MCP-T7)
|
|
52
|
+
for (const [name, url] of [["publicUrl", config.publicUrl], ["loginUrl", config.loginUrl]]) {
|
|
53
|
+
const parsed = new URL(url);
|
|
54
|
+
if (parsed.protocol !== "https:" && !["localhost", "127.0.0.1"].includes(parsed.hostname)) {
|
|
55
|
+
throw new Error(`${name} must use HTTPS in production (got ${parsed.protocol}). Use localhost for development.`);
|
|
56
|
+
}
|
|
57
|
+
}
|
|
33
58
|
const app = express();
|
|
34
59
|
// --- Security middleware (CoSAI MCP-T7) ---
|
|
35
60
|
app.use(corsMiddleware(config));
|
|
36
61
|
app.use(express.json({ limit: "1mb" })); // Payload size limit (CoSAI MCP-T10)
|
|
62
|
+
// Security headers — defense-in-depth (CoSAI MCP-T7)
|
|
63
|
+
app.use((_req, res, next) => {
|
|
64
|
+
res.setHeader("X-Content-Type-Options", "nosniff");
|
|
65
|
+
res.setHeader("X-Frame-Options", "DENY");
|
|
66
|
+
res.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
|
|
67
|
+
res.setHeader("X-XSS-Protection", "0"); // Disabled per OWASP (modern browsers don't need it)
|
|
68
|
+
res.setHeader("Strict-Transport-Security", "max-age=63072000; includeSubDomains");
|
|
69
|
+
res.setHeader("Cache-Control", "no-store");
|
|
70
|
+
next();
|
|
71
|
+
});
|
|
37
72
|
// Health check (no auth)
|
|
38
73
|
app.get("/health", (_req, res) => {
|
|
39
74
|
res.json({ status: "ok", service: "elnora-mcp-server" });
|
|
@@ -54,16 +89,23 @@ async function main() {
|
|
|
54
89
|
}));
|
|
55
90
|
// Platform OAuth callback — receives the auth code from Elnora platform login
|
|
56
91
|
// CSRF protection: validates mcp_code exists in our session store (CoSAI MCP-T7)
|
|
57
|
-
|
|
92
|
+
// Rate limited to prevent brute-force auth code guessing (CoSAI MCP-T10)
|
|
93
|
+
const callbackLimiter = rateLimit({
|
|
94
|
+
windowMs: 60_000,
|
|
95
|
+
limit: 20,
|
|
96
|
+
standardHeaders: "draft-7",
|
|
97
|
+
legacyHeaders: false,
|
|
98
|
+
message: { error: "rate_limit_exceeded", error_description: "Too many callback requests. Please retry later." },
|
|
99
|
+
});
|
|
100
|
+
app.get("/oauth/callback", callbackLimiter, (req, res) => {
|
|
58
101
|
const mcpCode = req.query.mcp_code;
|
|
59
102
|
const platformCode = req.query.code;
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
console.error(`[auth] platform callback error: ${error}`);
|
|
63
|
-
res.status(400).json({ error: "platform_auth_failed", error_description: error });
|
|
64
|
-
return;
|
|
65
|
-
}
|
|
103
|
+
// Both parameters are required for a valid callback — reject if either is missing.
|
|
104
|
+
// An OAuth error response from the platform will also lack `code`, so it's caught here.
|
|
66
105
|
if (!mcpCode || !platformCode) {
|
|
106
|
+
const errorParam = req.query.error;
|
|
107
|
+
const context = typeof errorParam === "string" ? errorParam.replace(/[\x00-\x1f\x7f]/g, "").slice(0, 200) : "missing_params";
|
|
108
|
+
logAuthEvent("platform_callback_error", "unknown", { reason: context });
|
|
67
109
|
res.status(400).json({ error: "invalid_request", error_description: "Missing mcp_code or code parameter" });
|
|
68
110
|
return;
|
|
69
111
|
}
|
|
@@ -73,27 +115,101 @@ async function main() {
|
|
|
73
115
|
res.redirect(redirectUrl);
|
|
74
116
|
}
|
|
75
117
|
catch (err) {
|
|
76
|
-
|
|
118
|
+
logAuthEvent("platform_callback_failed", "unknown", { error: String(err) });
|
|
77
119
|
res.status(400).json({
|
|
78
120
|
error: "invalid_grant",
|
|
79
121
|
error_description: err instanceof Error ? err.message : "Callback processing failed",
|
|
80
122
|
});
|
|
81
123
|
}
|
|
82
124
|
});
|
|
83
|
-
// ---
|
|
84
|
-
const
|
|
125
|
+
// --- Auth middleware for /mcp endpoint ---
|
|
126
|
+
const oauthMiddleware = requireBearerAuth({
|
|
85
127
|
verifier: provider,
|
|
86
128
|
requiredScopes: [],
|
|
87
129
|
resourceMetadataUrl: getOAuthProtectedResourceMetadataUrl(mcpServerUrl),
|
|
88
130
|
});
|
|
89
|
-
|
|
131
|
+
// Rate limiter for /mcp — applied at app level so CodeQL sees it (CoSAI MCP-T10)
|
|
132
|
+
app.use("/mcp", rateLimit({
|
|
133
|
+
windowMs: 60_000,
|
|
134
|
+
limit: 150,
|
|
135
|
+
standardHeaders: "draft-7",
|
|
136
|
+
legacyHeaders: false,
|
|
137
|
+
keyGenerator: (req) => {
|
|
138
|
+
const authHeader = req.headers.authorization;
|
|
139
|
+
const apiKeyHeader = req.headers["x-api-key"];
|
|
140
|
+
if (authHeader)
|
|
141
|
+
return `auth:${authHeader.slice(-16)}`;
|
|
142
|
+
if (apiKeyHeader)
|
|
143
|
+
return `key:${String(apiKeyHeader).slice(-8)}`;
|
|
144
|
+
return `ip:${req.ip || req.socket.remoteAddress || "unknown"}`;
|
|
145
|
+
},
|
|
146
|
+
message: { error: "rate_limit_exceeded", error_description: "Too many requests. Please retry later." },
|
|
147
|
+
}));
|
|
148
|
+
/**
|
|
149
|
+
* Middleware 1: API key authentication (runs first).
|
|
150
|
+
* If X-API-Key header is present, validates against the platform.
|
|
151
|
+
* If valid, sets auth context and calls next(). If invalid, returns 401.
|
|
152
|
+
* If no API key header, calls next() to proceed to OAuth middleware.
|
|
153
|
+
*/
|
|
154
|
+
async function apiKeyAuthMiddleware(req, res, next) {
|
|
155
|
+
const apiKey = req.headers["x-api-key"];
|
|
156
|
+
// codeql[js/user-controlled-bypass] Dual auth by design: both API key and OAuth paths
|
|
157
|
+
// validate credentials server-side. API key is validated by the platform's token endpoint;
|
|
158
|
+
// absence of API key falls through to OAuth bearer token verification in ensureAuthenticated.
|
|
159
|
+
if (!apiKey) {
|
|
160
|
+
next();
|
|
161
|
+
return;
|
|
162
|
+
}
|
|
163
|
+
// Validate against the platform (CoSAI MCP-T7)
|
|
164
|
+
const result = await validateApiKeyWithPlatform(apiKey, config);
|
|
165
|
+
if (!result) {
|
|
166
|
+
logAuthEvent("api_key_rejected", "unknown");
|
|
167
|
+
res.status(401).json({
|
|
168
|
+
error: "invalid_api_key",
|
|
169
|
+
error_description: "API key rejected by platform",
|
|
170
|
+
});
|
|
171
|
+
return;
|
|
172
|
+
}
|
|
173
|
+
// Use platform-assigned user ID as client identifier (no local hashing)
|
|
174
|
+
const apiKeyClientId = `apikey:${result.userId}`;
|
|
175
|
+
// Set auth context compatible with OAuth flow
|
|
176
|
+
// API key users get all scopes — platform enforces permissions
|
|
177
|
+
req.auth = {
|
|
178
|
+
token: apiKey,
|
|
179
|
+
clientId: apiKeyClientId,
|
|
180
|
+
scopes: ALL_SCOPES,
|
|
181
|
+
extra: { apiKey },
|
|
182
|
+
};
|
|
183
|
+
logAuthEvent("api_key_authenticated", apiKeyClientId);
|
|
184
|
+
next();
|
|
185
|
+
}
|
|
186
|
+
/**
|
|
187
|
+
* Middleware 2: Ensure request is authenticated.
|
|
188
|
+
* If auth context was set by apiKeyAuthMiddleware, proceeds.
|
|
189
|
+
* Otherwise delegates to OAuth bearer token verification.
|
|
190
|
+
*/
|
|
191
|
+
function ensureAuthenticated(req, res, next) {
|
|
192
|
+
const auth = req.auth;
|
|
193
|
+
if (auth) {
|
|
194
|
+
// Already authenticated via API key
|
|
195
|
+
next();
|
|
196
|
+
return;
|
|
197
|
+
}
|
|
198
|
+
// Delegate to OAuth bearer token verification
|
|
199
|
+
oauthMiddleware(req, res, next);
|
|
200
|
+
}
|
|
201
|
+
// --- MCP Endpoint (protected by dual auth — rate limiting applied via app.use above) ---
|
|
202
|
+
app.post("/mcp", apiKeyAuthMiddleware, ensureAuthenticated, async (req, res) => {
|
|
90
203
|
try {
|
|
91
|
-
|
|
92
|
-
const
|
|
93
|
-
const
|
|
94
|
-
const
|
|
95
|
-
|
|
96
|
-
|
|
204
|
+
const auth = req.auth;
|
|
205
|
+
const apiKey = auth?.extra?.apiKey;
|
|
206
|
+
const platformToken = auth?.extra?.platformToken || "";
|
|
207
|
+
const clientId = auth?.clientId || "unknown";
|
|
208
|
+
const scopes = auth?.scopes || [];
|
|
209
|
+
// Create per-request API client — API key or bearer token
|
|
210
|
+
const client = apiKey
|
|
211
|
+
? new ElnoraApiClient(config, { apiKey })
|
|
212
|
+
: new ElnoraApiClient(config, platformToken);
|
|
97
213
|
const getContext = () => ({ client, clientId, scopes });
|
|
98
214
|
const server = createElnoraServer(config, getContext);
|
|
99
215
|
// Stateless transport — new transport per request
|
|
@@ -101,7 +217,10 @@ async function main() {
|
|
|
101
217
|
sessionIdGenerator: undefined,
|
|
102
218
|
enableJsonResponse: true,
|
|
103
219
|
});
|
|
104
|
-
res.on("close", () =>
|
|
220
|
+
res.on("close", () => {
|
|
221
|
+
transport.close().catch(() => { });
|
|
222
|
+
server.close().catch(() => { });
|
|
223
|
+
});
|
|
105
224
|
await server.connect(transport);
|
|
106
225
|
await transport.handleRequest(req, res, req.body);
|
|
107
226
|
}
|
|
@@ -119,12 +238,24 @@ async function main() {
|
|
|
119
238
|
app.delete("/mcp", (_req, res) => {
|
|
120
239
|
res.status(405).json({ error: "method_not_allowed", error_description: "Stateless server — sessions not supported" });
|
|
121
240
|
});
|
|
122
|
-
|
|
123
|
-
|
|
241
|
+
const host = process.env.HOST || "127.0.0.1";
|
|
242
|
+
const httpServer = app.listen(config.port, host, () => {
|
|
243
|
+
console.error(`Elnora MCP server running on http://${host}:${config.port}/mcp`);
|
|
124
244
|
console.error(`OAuth AS Metadata: ${config.publicUrl}/.well-known/oauth-authorization-server`);
|
|
125
245
|
console.error(`Protected Resource Metadata: ${getOAuthProtectedResourceMetadataUrl(mcpServerUrl)}`);
|
|
246
|
+
console.error(`API Key auth: Send X-API-Key header with elnora_live_* key`);
|
|
126
247
|
console.error(`Health check: http://localhost:${config.port}/health`);
|
|
127
248
|
});
|
|
249
|
+
// Handle server-level errors (port in use, etc.) — prevents unhandled crash
|
|
250
|
+
httpServer.on("error", (err) => {
|
|
251
|
+
if (err.code === "EADDRINUSE") {
|
|
252
|
+
console.error(`Port ${config.port} is already in use`);
|
|
253
|
+
}
|
|
254
|
+
else {
|
|
255
|
+
console.error("HTTP server error:", err);
|
|
256
|
+
}
|
|
257
|
+
process.exit(1);
|
|
258
|
+
});
|
|
128
259
|
}
|
|
129
260
|
main().catch((error) => {
|
|
130
261
|
console.error("Server error:", error);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,aAAa,EAAE,oCAAoC,EAAE,MAAM,iDAAiD,CAAC;AACtH,OAAO,EAAE,iBAAiB,EAAE,MAAM,gEAAgE,CAAC;AACnG,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,aAAa,EAAE,oCAAoC,EAAE,MAAM,iDAAiD,CAAC;AACtH,OAAO,EAAE,iBAAiB,EAAE,MAAM,gEAAgE,CAAC;AACnG,OAAO,OAA4C,MAAM,SAAS,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,SAAS,MAAM,oBAAoB,CAAC;AAC3C,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,SAAS,UAAU,CAAC,IAAY;IAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAChC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,aAAa,CAAC,CAAC;IACtE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,UAAU;IACjB,OAAO;QACL,MAAM,EAAE,UAAU,CAAC,gBAAgB,CAAC;QACpC,kBAAkB,EAAE,UAAU,CAAC,6BAA6B,CAAC;QAC7D,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;QAC1G,SAAS,EAAE,UAAU,CAAC,mBAAmB,CAAC;QAC1C,QAAQ,EAAE,UAAU,CAAC,kBAAkB,CAAC;QACxC,gBAAgB,EAAE,UAAU,CAAC,2BAA2B,CAAC;QACzD,gBAAgB,EAAE,UAAU,CAAC,2BAA2B,CAAC;QACzD,oBAAoB,EAAE,UAAU,CAAC,+BAA+B,CAAC;KAClE,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,0BAA0B,CACvC,MAAc,EACd,MAAoB;IAEpB,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,IAAI,CACjC,MAAM,CAAC,kBAAkB,EACzB,EAAE,EACF,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CACpE,CAAC;QACF,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACrD,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAE5B,wEAAwE;IACxE,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAU,EAAE,CAAC;QACpG,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1F,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,sCAAsC,MAAM,CAAC,QAAQ,mCAAmC,CAAC,CAAC;QACnH,CAAC;IACH,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IAEtB,6CAA6C;IAC7C,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IAChC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;IAE9E,qDAAqD;IACrD,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC1B,GAAG,CAAC,SAAS,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;QACnD,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;QACzC,GAAG,CAAC,SAAS,CAAC,iBAAiB,EAAE,iCAAiC,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC,CAAC,qDAAqD;QAC7F,GAAG,CAAC,SAAS,CAAC,2BAA2B,EAAE,qCAAqC,CAAC,CAAC;QAClF,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC3C,IAAI,EAAE,CAAC;IACT,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC/B,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,yCAAyC;IACzC,MAAM,QAAQ,GAAG,IAAI,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,GAAG,MAAM,CAAC,SAAS,MAAM,CAAC,CAAC;IAExD,iEAAiE;IACjE,gFAAgF;IAChF,GAAG,CAAC,GAAG,CACL,aAAa,CAAC;QACZ,QAAQ;QACR,SAAS;QACT,iBAAiB,EAAE,YAAY;QAC/B,eAAe,EAAE,CAAC,GAAG,gBAAgB,CAAC;QACtC,YAAY,EAAE,mBAAmB;QACjC,uBAAuB,EAAE,IAAI,GAAG,CAAC,gDAAgD,CAAC;KACnF,CAAC,CACH,CAAC;IAEF,8EAA8E;IAC9E,iFAAiF;IACjF,yEAAyE;IACzE,MAAM,eAAe,GAAG,SAAS,CAAC;QAChC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,EAAE;QACT,eAAe,EAAE,SAAS;QAC1B,aAAa,EAAE,KAAK;QACpB,OAAO,EAAE,EAAE,KAAK,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,iDAAiD,EAAE;KAChH,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,eAAe,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACvD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,QAAkB,CAAC;QAC7C,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,IAAc,CAAC;QAE9C,mFAAmF;QACnF,wFAAwF;QACxF,IAAI,CAAC,OAAO,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC;YACnC,MAAM,OAAO,GAAG,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC;YAC7H,YAAY,CAAC,yBAAyB,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACxE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,oCAAoC,EAAE,CAAC,CAAC;YAC5G,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,QAAQ,CAAC,sBAAsB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YACvD,MAAM,WAAW,GAAG,QAAQ,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;YAC3D,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,YAAY,CAAC,0BAA0B,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC5E,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,eAAe;gBACtB,iBAAiB,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,4BAA4B;aACrF,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,4CAA4C;IAC5C,MAAM,eAAe,GAAG,iBAAiB,CAAC;QACxC,QAAQ,EAAE,QAAQ;QAClB,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,oCAAoC,CAAC,YAAY,CAAC;KACxE,CAAC,CAAC;IAEH,iFAAiF;IACjF,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC;QACxB,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,GAAG;QACV,eAAe,EAAE,SAAS;QAC1B,aAAa,EAAE,KAAK;QACpB,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE;YACpB,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;YAC7C,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAC9C,IAAI,UAAU;gBAAE,OAAO,QAAQ,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;YACvD,IAAI,YAAY;gBAAE,OAAO,OAAO,MAAM,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjE,OAAO,MAAM,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,EAAE,CAAC;QACjE,CAAC;QACD,OAAO,EAAE,EAAE,KAAK,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,wCAAwC,EAAE;KACvG,CAAC,CAAC,CAAC;IAEJ;;;;;OAKG;IACH,KAAK,UAAU,oBAAoB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;QACjF,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAuB,CAAC;QAE9D,sFAAsF;QACtF,2FAA2F;QAC3F,8FAA8F;QAC9F,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,+CAA+C;QAC/C,MAAM,MAAM,GAAG,MAAM,0BAA0B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEhE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,YAAY,CAAC,kBAAkB,EAAE,SAAS,CAAC,CAAC;YAC5C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,iBAAiB,EAAE,8BAA8B;aAClD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,wEAAwE;QACxE,MAAM,cAAc,GAAG,UAAU,MAAM,CAAC,MAAM,EAAE,CAAC;QAEjD,8CAA8C;QAC9C,+DAA+D;QAC9D,GAA0C,CAAC,IAAI,GAAG;YACjD,KAAK,EAAE,MAAM;YACb,QAAQ,EAAE,cAAc;YACxB,MAAM,EAAE,UAAU;YAClB,KAAK,EAAE,EAAE,MAAM,EAAE;SAClB,CAAC;QAEF,YAAY,CAAC,uBAAuB,EAAE,cAAc,CAAC,CAAC;QACtD,IAAI,EAAE,CAAC;IACT,CAAC;IAED;;;;OAIG;IACH,SAAS,mBAAmB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;QAC1E,MAAM,IAAI,GAAI,GAA0C,CAAC,IAAI,CAAC;QAC9D,IAAI,IAAI,EAAE,CAAC;YACT,oCAAoC;YACpC,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QACD,8CAA8C;QAC9C,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,0FAA0F;IAC1F,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;QAChG,IAAI,CAAC;YACH,MAAM,IAAI,GAAI,GAA0C,CAAC,IAI5C,CAAC;YAEd,MAAM,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,MAA4B,CAAC;YACzD,MAAM,aAAa,GAAI,IAAI,EAAE,KAAK,EAAE,aAAwB,IAAI,EAAE,CAAC;YACnE,MAAM,QAAQ,GAAG,IAAI,EAAE,QAAQ,IAAI,SAAS,CAAC;YAC7C,MAAM,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,EAAE,CAAC;YAElC,0DAA0D;YAC1D,MAAM,MAAM,GAAG,MAAM;gBACnB,CAAC,CAAC,IAAI,eAAe,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC;gBACzC,CAAC,CAAC,IAAI,eAAe,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;YAE/C,MAAM,UAAU,GAAG,GAAG,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACxD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YAEtD,kDAAkD;YAClD,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;gBAClD,kBAAkB,EAAE,SAAS;gBAC7B,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACnB,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBAClC,MAAM,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YACjC,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAChC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QACpD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;YAC3C,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;gBACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,CAAC,CAAC;YAC7F,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,kFAAkF;IAClF,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC5B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,6BAA6B,EAAE,CAAC,CAAC;IAC1G,CAAC,CAAC,CAAC;IACH,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,2CAA2C,EAAE,CAAC,CAAC;IACxH,CAAC,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,WAAW,CAAC;IAC7C,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;QACpD,OAAO,CAAC,KAAK,CAAC,uCAAuC,IAAI,IAAI,MAAM,CAAC,IAAI,MAAM,CAAC,CAAC;QAChF,OAAO,CAAC,KAAK,CAAC,sBAAsB,MAAM,CAAC,SAAS,yCAAyC,CAAC,CAAC;QAC/F,OAAO,CAAC,KAAK,CAAC,gCAAgC,oCAAoC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QACpG,OAAO,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;QAC5E,OAAO,CAAC,KAAK,CAAC,kCAAkC,MAAM,CAAC,IAAI,SAAS,CAAC,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,4EAA4E;IAC5E,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;QACpD,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YAC9B,OAAO,CAAC,KAAK,CAAC,QAAQ,MAAM,CAAC,IAAI,oBAAoB,CAAC,CAAC;QACzD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/middleware/cors.js
CHANGED
|
@@ -28,7 +28,7 @@ export function corsMiddleware(config) {
|
|
|
28
28
|
res.setHeader("Vary", "Origin");
|
|
29
29
|
}
|
|
30
30
|
res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
|
|
31
|
-
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, MCP-Protocol-Version");
|
|
31
|
+
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, X-API-Key, MCP-Protocol-Version");
|
|
32
32
|
res.setHeader("Access-Control-Max-Age", "86400");
|
|
33
33
|
// Never expose tokens or auth headers to browsers
|
|
34
34
|
res.setHeader("Access-Control-Expose-Headers", "WWW-Authenticate");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../src/middleware/cors.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAAC,MAAoB;IACjD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC;IACtD,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;IAEhF,0DAA0D;IAC1D,MAAM,cAAc,GAAG,IAAI,GAAG,CAAS,CAAC,YAAY,CAAC,CAAC,CAAC;IACvD,IAAI,cAAc;QAAE,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAEvD,qEAAqE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;IACtD,IAAI,YAAY,EAAE,CAAC;QACjB,KAAK,MAAM,MAAM,IAAI,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;YAC9B,IAAI,OAAO;gBAAE,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;QAElC,IAAI,MAAM,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACzC,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;YACrD,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClC,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,
|
|
1
|
+
{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../src/middleware/cors.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAAC,MAAoB;IACjD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC;IACtD,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;IAEhF,0DAA0D;IAC1D,MAAM,cAAc,GAAG,IAAI,GAAG,CAAS,CAAC,YAAY,CAAC,CAAC,CAAC;IACvD,IAAI,cAAc;QAAE,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAEvD,qEAAqE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;IACtD,IAAI,YAAY,EAAE,CAAC;QACjB,KAAK,MAAM,MAAM,IAAI,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;YAC9B,IAAI,OAAO;gBAAE,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;QAElC,IAAI,MAAM,IAAI,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACzC,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;YACrD,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClC,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,8DAA8D,CAAC,CAAC;QAC9G,GAAG,CAAC,SAAS,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC;QACjD,kDAAkD;QAClD,GAAG,CAAC,SAAS,CAAC,+BAA+B,EAAE,kBAAkB,CAAC,CAAC;QAEnE,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/middleware/rate-limiter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/middleware/rate-limiter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,IAAI,CAAC,EAAE;IAAE,WAAW,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,cAAc,CAiDjG"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { logRateLimitEvent } from "./tool-logging.js";
|
|
1
2
|
/**
|
|
2
3
|
* Simple in-memory rate limiter for the /mcp endpoint.
|
|
3
4
|
* CoSAI MCP-T10: Prevent resource exhaustion and denial-of-wallet attacks.
|
|
@@ -38,7 +39,7 @@ export function mcpRateLimiter(opts) {
|
|
|
38
39
|
if (record.count > maxRequests) {
|
|
39
40
|
const retryAfter = Math.ceil((record.resetAt - now) / 1000);
|
|
40
41
|
res.setHeader("Retry-After", retryAfter);
|
|
41
|
-
|
|
42
|
+
logRateLimitEvent(key, record.count, maxRequests);
|
|
42
43
|
res.status(429).json({
|
|
43
44
|
error: "rate_limit_exceeded",
|
|
44
45
|
error_description: `Too many requests. Retry after ${retryAfter} seconds.`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/middleware/rate-limiter.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/middleware/rate-limiter.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAAC,IAAkD;IAC/E,MAAM,WAAW,GAAG,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC;IAC5C,MAAM,QAAQ,GAAG,IAAI,EAAE,QAAQ,IAAI,MAAM,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,GAAG,EAA8C,CAAC;IAEnE,0CAA0C;IAC1C,WAAW,CAAC,GAAG,EAAE;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACjC,IAAI,MAAM,CAAC,OAAO,IAAI,GAAG;gBAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC,EAAE,QAAQ,CAAC,CAAC,KAAK,EAAE,CAAC;IAErB,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,yCAAyC;QACzC,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,MAAM,GAAG,GAAG,UAAU;YACpB,CAAC,CAAC,QAAQ,UAAU,CAAC,UAAU,CAAC,EAAE;YAClC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,EAAE,CAAC;QAE5D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE3B,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC;YACrC,MAAM,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,GAAG,QAAQ,EAAE,CAAC;YAC/C,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACxB,CAAC;QAED,MAAM,CAAC,KAAK,EAAE,CAAC;QAEf,kCAAkC;QAClC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;QAC1D,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,WAAW,CAAC,CAAC;QAChD,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,SAAS,CAAC,CAAC;QAClD,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC;QAErE,IAAI,MAAM,CAAC,KAAK,GAAG,WAAW,EAAE,CAAC;YAC/B,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;YAC5D,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YACzC,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;YAClD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,qBAAqB;gBAC5B,iBAAiB,EAAE,kCAAkC,UAAU,WAAW;aAC3E,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAED,oEAAoE;AACpE,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC"}
|
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Structured auth event logger.
|
|
3
|
+
* CoSAI MCP-T12: Log auth events for SIEM correlation.
|
|
4
|
+
*/
|
|
5
|
+
export declare function logAuthEvent(event: string, clientId: string, details?: Record<string, unknown>): void;
|
|
6
|
+
/**
|
|
7
|
+
* Structured rate limit event logger.
|
|
8
|
+
*/
|
|
9
|
+
export declare function logRateLimitEvent(key: string, count: number, limit: number): void;
|
|
1
10
|
/**
|
|
2
11
|
* Tool invocation audit logger.
|
|
3
12
|
* CoSAI MCP-T12: Log every tool call with tool name, parameters, user ID, timestamp.
|
|
@@ -8,4 +17,9 @@ export declare function logToolInvocation(toolName: string, params: Record<strin
|
|
|
8
17
|
success: boolean;
|
|
9
18
|
durationMs: number;
|
|
10
19
|
}): void;
|
|
20
|
+
/**
|
|
21
|
+
* Sanitize a string for safe log output.
|
|
22
|
+
* Strips control characters that could enable log injection / log forging.
|
|
23
|
+
*/
|
|
24
|
+
export declare function sanitizeLogValue(value: string): string;
|
|
11
25
|
//# sourceMappingURL=tool-logging.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tool-logging.d.ts","sourceRoot":"","sources":["../../src/middleware/tool-logging.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC/C,IAAI,CAYN"}
|
|
1
|
+
{"version":3,"file":"tool-logging.d.ts","sourceRoot":"","sources":["../../src/middleware/tool-logging.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAChC,IAAI,CAeN;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,GACZ,IAAI,CASN;AAED;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,GAC/C,IAAI,CAYN;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEtD"}
|
|
@@ -1,3 +1,36 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Structured auth event logger.
|
|
3
|
+
* CoSAI MCP-T12: Log auth events for SIEM correlation.
|
|
4
|
+
*/
|
|
5
|
+
export function logAuthEvent(event, clientId, details) {
|
|
6
|
+
const entry = {
|
|
7
|
+
type: "auth_event",
|
|
8
|
+
timestamp: new Date().toISOString(),
|
|
9
|
+
event: sanitizeLogValue(event),
|
|
10
|
+
clientId: sanitizeLogValue(clientId),
|
|
11
|
+
};
|
|
12
|
+
if (details) {
|
|
13
|
+
const sanitized = {};
|
|
14
|
+
for (const [k, v] of Object.entries(details)) {
|
|
15
|
+
sanitized[k] = typeof v === "string" ? sanitizeLogValue(v) : v;
|
|
16
|
+
}
|
|
17
|
+
entry.details = sanitized;
|
|
18
|
+
}
|
|
19
|
+
console.error(JSON.stringify(entry));
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Structured rate limit event logger.
|
|
23
|
+
*/
|
|
24
|
+
export function logRateLimitEvent(key, count, limit) {
|
|
25
|
+
const entry = {
|
|
26
|
+
type: "rate_limit_block",
|
|
27
|
+
timestamp: new Date().toISOString(),
|
|
28
|
+
key,
|
|
29
|
+
count,
|
|
30
|
+
limit,
|
|
31
|
+
};
|
|
32
|
+
console.error(JSON.stringify(entry));
|
|
33
|
+
}
|
|
1
34
|
/**
|
|
2
35
|
* Tool invocation audit logger.
|
|
3
36
|
* CoSAI MCP-T12: Log every tool call with tool name, parameters, user ID, timestamp.
|
|
@@ -16,20 +49,32 @@ export function logToolInvocation(toolName, params, clientId, result) {
|
|
|
16
49
|
};
|
|
17
50
|
console.error(JSON.stringify(entry));
|
|
18
51
|
}
|
|
52
|
+
/**
|
|
53
|
+
* Sanitize a string for safe log output.
|
|
54
|
+
* Strips control characters that could enable log injection / log forging.
|
|
55
|
+
*/
|
|
56
|
+
export function sanitizeLogValue(value) {
|
|
57
|
+
return value.replace(/[\x00-\x1f\x7f]/g, "").slice(0, 500);
|
|
58
|
+
}
|
|
19
59
|
/**
|
|
20
60
|
* Redact sensitive parameter values from logs.
|
|
21
61
|
* Keep keys and value types visible for debugging, but mask actual content
|
|
22
62
|
* for fields that might contain user data.
|
|
23
63
|
*/
|
|
64
|
+
const REDACT_CONTENT_KEYS = new Set(["content", "message", "description", "initial_message"]);
|
|
65
|
+
const REDACT_PII_KEYS = new Set(["email", "first_name", "last_name", "token"]);
|
|
66
|
+
const REDACT_ARRAY_KEYS = new Set(["file_ids", "context_file_ids", "scopes"]);
|
|
24
67
|
function sanitizeParams(params) {
|
|
25
68
|
const sanitized = {};
|
|
26
69
|
for (const [key, value] of Object.entries(params)) {
|
|
27
|
-
if (key
|
|
28
|
-
// Log length instead of content to avoid PII in logs
|
|
70
|
+
if (REDACT_CONTENT_KEYS.has(key)) {
|
|
29
71
|
sanitized[key] = typeof value === "string" ? `[${value.length} chars]` : typeof value;
|
|
30
72
|
}
|
|
31
|
-
else if (key
|
|
32
|
-
sanitized[key] =
|
|
73
|
+
else if (REDACT_PII_KEYS.has(key)) {
|
|
74
|
+
sanitized[key] = "[REDACTED]";
|
|
75
|
+
}
|
|
76
|
+
else if (REDACT_ARRAY_KEYS.has(key)) {
|
|
77
|
+
sanitized[key] = Array.isArray(value) ? `[${value.length} items]` : typeof value;
|
|
33
78
|
}
|
|
34
79
|
else {
|
|
35
80
|
sanitized[key] = value;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tool-logging.js","sourceRoot":"","sources":["../../src/middleware/tool-logging.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,MAA+B,EAC/B,QAAgB,EAChB,MAAgD;IAEhD,MAAM,KAAK,GAAG;QACZ,IAAI,EAAE,iBAAiB;QACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC;QAC9B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,UAAU,EAAE,MAAM,CAAC,UAAU;KAC9B,CAAC;IAEF,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACvC,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,MAA+B;IACrD,MAAM,SAAS,GAA4B,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,
|
|
1
|
+
{"version":3,"file":"tool-logging.js","sourceRoot":"","sources":["../../src/middleware/tool-logging.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,UAAU,YAAY,CAC1B,KAAa,EACb,QAAgB,EAChB,OAAiC;IAEjC,MAAM,KAAK,GAA4B;QACrC,IAAI,EAAE,YAAY;QAClB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,KAAK,EAAE,gBAAgB,CAAC,KAAK,CAAC;QAC9B,QAAQ,EAAE,gBAAgB,CAAC,QAAQ,CAAC;KACrC,CAAC;IACF,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,SAAS,GAA4B,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACjE,CAAC;QACD,KAAK,CAAC,OAAO,GAAG,SAAS,CAAC;IAC5B,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAC/B,GAAW,EACX,KAAa,EACb,KAAa;IAEb,MAAM,KAAK,GAAG;QACZ,IAAI,EAAE,kBAAkB;QACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,GAAG;QACH,KAAK;QACL,KAAK;KACN,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAC/B,QAAgB,EAChB,MAA+B,EAC/B,QAAgB,EAChB,MAAgD;IAEhD,MAAM,KAAK,GAAG;QACZ,IAAI,EAAE,iBAAiB;QACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,MAAM,EAAE,cAAc,CAAC,MAAM,CAAC;QAC9B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,UAAU,EAAE,MAAM,CAAC,UAAU;KAC9B,CAAC;IAEF,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACvC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC7D,CAAC;AAED;;;;GAIG;AACH,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,iBAAiB,CAAC,CAAC,CAAC;AAC9F,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC,CAAC;AAC/E,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,kBAAkB,EAAE,QAAQ,CAAC,CAAC,CAAC;AAE9E,SAAS,cAAc,CAAC,MAA+B;IACrD,MAAM,SAAS,GAA4B,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACjC,SAAS,CAAC,GAAG,CAAC,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,SAAS,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC;QACxF,CAAC;aAAM,IAAI,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACpC,SAAS,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;QAChC,CAAC;aAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACtC,SAAS,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,SAAS,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC;QACnF,CAAC;aAAM,CAAC;YACN,SAAS,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACzB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
package/dist/server.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
|
|
2
|
-
import { ElnoraApiClient } from "./services/elnora-api-client.js";
|
|
3
|
-
import { ElnoraConfig } from "./types.js";
|
|
2
|
+
import type { ElnoraApiClient } from "./services/elnora-api-client.js";
|
|
3
|
+
import type { ElnoraConfig } from "./types.js";
|
|
4
4
|
export interface RequestContext {
|
|
5
5
|
client: ElnoraApiClient;
|
|
6
6
|
clientId: string;
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEpE,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEpE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAqB/C,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,eAAe,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,YAAY,EACpB,UAAU,EAAE,MAAM,cAAc,GAC/B,SAAS,CAgCX"}
|
package/dist/server.js
CHANGED
|
@@ -4,18 +4,45 @@ import { registerTaskTools } from "./tools/tasks.js";
|
|
|
4
4
|
import { registerMessageTools } from "./tools/messages.js";
|
|
5
5
|
import { registerFileTools } from "./tools/files.js";
|
|
6
6
|
import { registerProtocolTools } from "./tools/protocols.js";
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
import { registerProjectTools } from "./tools/projects.js";
|
|
8
|
+
import { registerOrgTools } from "./tools/orgs.js";
|
|
9
|
+
import { registerFolderTools } from "./tools/folders.js";
|
|
10
|
+
import { registerLibraryTools } from "./tools/library.js";
|
|
11
|
+
import { registerSearchTools } from "./tools/search.js";
|
|
12
|
+
import { registerApiKeyTools } from "./tools/api-keys.js";
|
|
13
|
+
import { registerAuditTools } from "./tools/audit.js";
|
|
14
|
+
import { registerAccountTools } from "./tools/account.js";
|
|
15
|
+
import { registerFeedbackTools } from "./tools/feedback.js";
|
|
16
|
+
import { registerFlagTools } from "./tools/flags.js";
|
|
17
|
+
import { registerHealthTools } from "./tools/health.js";
|
|
18
|
+
// Hoist to module scope — runs once at import time, not per-request
|
|
19
|
+
const _require = createRequire(import.meta.url);
|
|
20
|
+
const { version } = _require("../package.json");
|
|
9
21
|
export function createElnoraServer(config, getContext) {
|
|
10
22
|
const server = new McpServer({
|
|
11
23
|
name: "elnora-mcp-server",
|
|
12
24
|
version,
|
|
13
25
|
});
|
|
14
26
|
const getClient = () => getContext().client;
|
|
27
|
+
// Core tools
|
|
15
28
|
registerTaskTools(server, getClient, getContext);
|
|
16
29
|
registerMessageTools(server, getClient, getContext);
|
|
17
30
|
registerFileTools(server, getClient, getContext);
|
|
18
31
|
registerProtocolTools(server, getClient, getContext);
|
|
32
|
+
// Project & org management
|
|
33
|
+
registerProjectTools(server, getClient, getContext);
|
|
34
|
+
registerOrgTools(server, getClient, getContext);
|
|
35
|
+
registerFolderTools(server, getClient, getContext);
|
|
36
|
+
registerLibraryTools(server, getClient, getContext);
|
|
37
|
+
// Search & discovery
|
|
38
|
+
registerSearchTools(server, getClient, getContext);
|
|
39
|
+
// Admin & utility
|
|
40
|
+
registerApiKeyTools(server, getClient, getContext);
|
|
41
|
+
registerAuditTools(server, getClient, getContext);
|
|
42
|
+
registerAccountTools(server, getClient, getContext);
|
|
43
|
+
registerFeedbackTools(server, getClient, getContext);
|
|
44
|
+
registerFlagTools(server, getClient, getContext);
|
|
45
|
+
registerHealthTools(server, getClient, getContext);
|
|
19
46
|
return server;
|
|
20
47
|
}
|
|
21
48
|
//# sourceMappingURL=server.js.map
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAExD,oEAAoE;AACpE,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChD,MAAM,EAAE,OAAO,EAAE,GAAG,QAAQ,CAAC,iBAAiB,CAAwB,CAAC;AAQvE,MAAM,UAAU,kBAAkB,CAChC,MAAoB,EACpB,UAAgC;IAEhC,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;QAC3B,IAAI,EAAE,mBAAmB;QACzB,OAAO;KACR,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,GAAG,EAAE,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC;IAE5C,aAAa;IACb,iBAAiB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACjD,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,iBAAiB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACjD,qBAAqB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAErD,2BAA2B;IAC3B,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,gBAAgB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAChD,mBAAmB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACnD,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAEpD,qBAAqB;IACrB,mBAAmB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAEnD,kBAAkB;IAClB,mBAAmB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACnD,kBAAkB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAClD,oBAAoB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,qBAAqB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACrD,iBAAiB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACjD,mBAAmB,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAEnD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -1,27 +1,21 @@
|
|
|
1
|
-
import { ElnoraConfig
|
|
1
|
+
import { ElnoraConfig } from "../types.js";
|
|
2
2
|
export declare class ElnoraApiClient {
|
|
3
3
|
private client;
|
|
4
|
-
constructor(config: ElnoraConfig,
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
}>;
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
}>;
|
|
15
|
-
sendMessage(taskId: string, content: string, fileIds?: string[]): Promise<ElnoraMessage>;
|
|
16
|
-
listFiles(projectId?: string, limit?: number, offset?: number): Promise<{
|
|
17
|
-
items: ElnoraFile[];
|
|
18
|
-
totalCount: number;
|
|
19
|
-
}>;
|
|
4
|
+
constructor(config: Pick<ElnoraConfig, "apiUrl">, auth: string | {
|
|
5
|
+
apiKey: string;
|
|
6
|
+
});
|
|
7
|
+
get<T = unknown>(path: string, params?: Record<string, string | number | undefined>): Promise<T>;
|
|
8
|
+
post<T = unknown>(path: string, body?: unknown, options?: {
|
|
9
|
+
timeout?: number;
|
|
10
|
+
}): Promise<T>;
|
|
11
|
+
put<T = unknown>(path: string, body?: unknown): Promise<T>;
|
|
12
|
+
del<T = unknown>(path: string): Promise<T>;
|
|
13
|
+
sendMessage(taskId: string, content: string, fileIds?: string[]): Promise<unknown>;
|
|
20
14
|
getFileContent(fileId: string): Promise<{
|
|
21
15
|
content: string;
|
|
22
16
|
name: string;
|
|
23
17
|
fileType: string;
|
|
24
18
|
}>;
|
|
25
|
-
uploadFile(name: string, content: string, fileType?: string): Promise<
|
|
19
|
+
uploadFile(name: string, content: string, fileType?: string): Promise<unknown>;
|
|
26
20
|
}
|
|
27
21
|
//# sourceMappingURL=elnora-api-client.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"elnora-api-client.d.ts","sourceRoot":"","sources":["../../src/services/elnora-api-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,
|
|
1
|
+
{"version":3,"file":"elnora-api-client.d.ts","sourceRoot":"","sources":["../../src/services/elnora-api-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAgB;gBAElB,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,IAAI,EAAE,MAAM,GAAG;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE;IAuB7E,GAAG,CAAC,CAAC,GAAG,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAWhG,IAAI,CAAC,CAAC,GAAG,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,CAAC,CAAC;IAK3F,GAAG,CAAC,CAAC,GAAG,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAK1D,GAAG,CAAC,CAAC,GAAG,OAAO,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAO1C,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAIlF,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAI5F,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAGrF"}
|