npm - @frontmcp/adapters - Versions diffs - 0.3.1 → 0.4.1 - Mend

@frontmcp/adapters 0.3.1 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/LICENSE +201 -0
package/README.md +4 -1
package/package.json +7 -5
package/src/openapi/README.md +753 -0
package/src/openapi/__tests__/fixtures.d.ts +58 -0
package/src/openapi/__tests__/fixtures.js +286 -0
package/src/openapi/__tests__/fixtures.js.map +1 -0
package/src/openapi/openapi.adapter.d.ts +6 -1
package/src/openapi/openapi.adapter.js +73 -22
package/src/openapi/openapi.adapter.js.map +1 -1
package/src/openapi/openapi.security.d.ts +56 -0
package/src/openapi/openapi.security.js +174 -0
package/src/openapi/openapi.security.js.map +1 -0
package/src/openapi/openapi.tool.d.ts +10 -3
package/src/openapi/openapi.tool.js +50 -78
package/src/openapi/openapi.tool.js.map +1 -1
package/src/openapi/openapi.types.d.ts +75 -5
package/src/openapi/openapi.types.js.map +1 -1
package/src/openapi/openapi.utils.d.ts +35 -0
package/src/openapi/openapi.utils.js +126 -0
package/src/openapi/openapi.utils.js.map +1 -0

package/src/openapi/__tests__/fixtures.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * Test fixtures and mocks for OpenAPI adapter tests
+ */
+import type { OpenAPIV3 } from 'openapi-types';
+/**
+ * Basic OpenAPI spec without security
+ */
+export declare const basicOpenApiSpec: OpenAPIV3.Document;
+/**
+ * OpenAPI spec with Bearer authentication
+ */
+export declare const bearerAuthSpec: OpenAPIV3.Document;
+/**
+ * OpenAPI spec with multiple security schemes
+ */
+export declare const multiAuthSpec: OpenAPIV3.Document;
+/**
+ * Mock AuthInfo for testing
+ */
+export declare const mockAuthInfo: {
+    token: string;
+    user: {
+        id: string;
+        email: string;
+        githubToken: string;
+        slackToken: string;
+        apiKey: string;
+    };
+};
+/**
+ * Mock context for tool execution
+ */
+export declare const mockContext: {
+    authInfo: {
+        token: string;
+        user: {
+            id: string;
+            email: string;
+            githubToken: string;
+            slackToken: string;
+            apiKey: string;
+        };
+    };
+};
+/**
+ * Mock fetch responses
+ */
+export declare const mockFetchSuccess: (data: unknown) => Promise<Response>;
+export declare const mockFetchError: (status: number, message: string) => Promise<Response>;
+/**
+ * Spy on console methods for testing logs
+ */
+export declare const spyOnConsole: () => {
+    restore: () => void;
+    log: jest.SpyInstance<void, [message?: any, ...optionalParams: any[]], any>;
+    error: jest.SpyInstance<void, [message?: any, ...optionalParams: any[]], any>;
+    warn: jest.SpyInstance<void, [message?: any, ...optionalParams: any[]], any>;
+};

package/src/openapi/__tests__/fixtures.js ADDED Viewed

@@ -0,0 +1,286 @@
+"use strict";
+/// <reference types="jest" />
+/**
+ * Test fixtures and mocks for OpenAPI adapter tests
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.spyOnConsole = exports.mockFetchError = exports.mockFetchSuccess = exports.mockContext = exports.mockAuthInfo = exports.multiAuthSpec = exports.bearerAuthSpec = exports.basicOpenApiSpec = void 0;
+/**
+ * Basic OpenAPI spec without security
+ */
+exports.basicOpenApiSpec = {
+    openapi: '3.0.0',
+    info: {
+        title: 'Test API',
+        version: '1.0.0',
+    },
+    paths: {
+        '/users/{id}': {
+            get: {
+                operationId: 'getUser',
+                summary: 'Get user by ID',
+                parameters: [
+                    {
+                        name: 'id',
+                        in: 'path',
+                        required: true,
+                        schema: { type: 'string' },
+                    },
+                ],
+                responses: {
+                    '200': {
+                        description: 'Success',
+                        content: {
+                            'application/json': {
+                                schema: {
+                                    type: 'object',
+                                    properties: {
+                                        id: { type: 'string' },
+                                        name: { type: 'string' },
+                                    },
+                                },
+                            },
+                        },
+                    },
+                },
+            },
+            post: {
+                operationId: 'createUser',
+                summary: 'Create a new user',
+                requestBody: {
+                    required: true,
+                    content: {
+                        'application/json': {
+                            schema: {
+                                type: 'object',
+                                properties: {
+                                    name: { type: 'string' },
+                                    email: { type: 'string' },
+                                },
+                                required: ['name', 'email'],
+                            },
+                        },
+                    },
+                },
+                responses: {
+                    '201': {
+                        description: 'Created',
+                        content: {
+                            'application/json': {
+                                schema: {
+                                    type: 'object',
+                                    properties: {
+                                        id: { type: 'string' },
+                                        name: { type: 'string' },
+                                        email: { type: 'string' },
+                                    },
+                                },
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+};
+/**
+ * OpenAPI spec with Bearer authentication
+ */
+exports.bearerAuthSpec = {
+    openapi: '3.0.0',
+    info: {
+        title: 'Authenticated API',
+        version: '1.0.0',
+    },
+    components: {
+        securitySchemes: {
+            BearerAuth: {
+                type: 'http',
+                scheme: 'bearer',
+                bearerFormat: 'JWT',
+            },
+        },
+    },
+    security: [{ BearerAuth: [] }],
+    paths: {
+        '/protected': {
+            get: {
+                operationId: 'getProtected',
+                summary: 'Get protected resource',
+                responses: {
+                    '200': {
+                        description: 'Success',
+                        content: {
+                            'application/json': {
+                                schema: {
+                                    type: 'object',
+                                    properties: {
+                                        message: { type: 'string' },
+                                    },
+                                },
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+};
+/**
+ * OpenAPI spec with multiple security schemes
+ */
+exports.multiAuthSpec = {
+    openapi: '3.0.0',
+    info: {
+        title: 'Multi-Auth API',
+        version: '1.0.0',
+    },
+    components: {
+        securitySchemes: {
+            GitHubAuth: {
+                type: 'http',
+                scheme: 'bearer',
+                description: 'GitHub OAuth token',
+            },
+            SlackAuth: {
+                type: 'http',
+                scheme: 'bearer',
+                description: 'Slack OAuth token',
+            },
+            ApiKeyAuth: {
+                type: 'apiKey',
+                in: 'header',
+                name: 'X-API-Key',
+            },
+        },
+    },
+    paths: {
+        '/github/repos': {
+            get: {
+                operationId: 'github_getRepos',
+                summary: 'Get GitHub repos',
+                security: [{ GitHubAuth: [] }],
+                responses: {
+                    '200': {
+                        description: 'Success',
+                        content: {
+                            'application/json': {
+                                schema: {
+                                    type: 'array',
+                                    items: {
+                                        type: 'object',
+                                        properties: {
+                                            name: { type: 'string' },
+                                        },
+                                    },
+                                },
+                            },
+                        },
+                    },
+                },
+            },
+        },
+        '/slack/messages': {
+            post: {
+                operationId: 'slack_postMessage',
+                summary: 'Post Slack message',
+                security: [{ SlackAuth: [] }],
+                requestBody: {
+                    required: true,
+                    content: {
+                        'application/json': {
+                            schema: {
+                                type: 'object',
+                                properties: {
+                                    channel: { type: 'string' },
+                                    text: { type: 'string' },
+                                },
+                                required: ['channel', 'text'],
+                            },
+                        },
+                    },
+                },
+                responses: {
+                    '200': {
+                        description: 'Success',
+                    },
+                },
+            },
+        },
+        '/admin/settings': {
+            get: {
+                operationId: 'admin_getSettings',
+                summary: 'Get admin settings',
+                security: [{ ApiKeyAuth: [] }],
+                responses: {
+                    '200': {
+                        description: 'Success',
+                    },
+                },
+            },
+        },
+    },
+};
+/**
+ * Mock AuthInfo for testing
+ */
+exports.mockAuthInfo = {
+    token: 'mock-jwt-token',
+    user: {
+        id: 'user-123',
+        email: 'test@example.com',
+        githubToken: 'github-token-123',
+        slackToken: 'slack-token-456',
+        apiKey: 'api-key-789',
+    },
+};
+/**
+ * Mock context for tool execution
+ */
+exports.mockContext = {
+    authInfo: exports.mockAuthInfo,
+};
+/**
+ * Mock fetch responses
+ */
+const mockFetchSuccess = (data) => {
+    return Promise.resolve({
+        ok: true,
+        status: 200,
+        statusText: 'OK',
+        headers: new Headers({ 'content-type': 'application/json' }),
+        text: () => Promise.resolve(JSON.stringify(data)),
+        json: () => Promise.resolve(data),
+    });
+};
+exports.mockFetchSuccess = mockFetchSuccess;
+const mockFetchError = (status, message) => {
+    return Promise.resolve({
+        ok: false,
+        status,
+        statusText: message,
+        headers: new Headers({ 'content-type': 'text/plain' }),
+        text: () => Promise.resolve(message),
+    });
+};
+exports.mockFetchError = mockFetchError;
+/**
+ * Spy on console methods for testing logs
+ */
+const spyOnConsole = () => {
+    const consoleSpy = {
+        log: jest.spyOn(console, 'log').mockImplementation(),
+        error: jest.spyOn(console, 'error').mockImplementation(),
+        warn: jest.spyOn(console, 'warn').mockImplementation(),
+    };
+    return {
+        ...consoleSpy,
+        restore: () => {
+            consoleSpy.log.mockRestore();
+            consoleSpy.error.mockRestore();
+            consoleSpy.warn.mockRestore();
+        },
+    };
+};
+exports.spyOnConsole = spyOnConsole;
+//# sourceMappingURL=fixtures.js.map

package/src/openapi/__tests__/fixtures.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"fixtures.js","sourceRoot":"","sources":["../../../../src/openapi/__tests__/fixtures.ts"],"names":[],"mappings":";AAAA,8BAA8B;AAC9B;;GAEG;;;AAGH;;GAEG;AACU,QAAA,gBAAgB,GAAuB;IAClD,OAAO,EAAE,OAAO;IAChB,IAAI,EAAE;QACJ,KAAK,EAAE,UAAU;QACjB,OAAO,EAAE,OAAO;KACjB;IACD,KAAK,EAAE;QACL,aAAa,EAAE;YACb,GAAG,EAAE;gBACH,WAAW,EAAE,SAAS;gBACtB,OAAO,EAAE,gBAAgB;gBACzB,UAAU,EAAE;oBACV;wBACE,IAAI,EAAE,IAAI;wBACV,EAAE,EAAE,MAAM;wBACV,QAAQ,EAAE,IAAI;wBACd,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;qBAC3B;iBACF;gBACD,SAAS,EAAE;oBACT,KAAK,EAAE;wBACL,WAAW,EAAE,SAAS;wBACtB,OAAO,EAAE;4BACP,kBAAkB,EAAE;gCAClB,MAAM,EAAE;oCACN,IAAI,EAAE,QAAQ;oCACd,UAAU,EAAE;wCACV,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wCACtB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;qCACzB;iCACF;6BACF;yBACF;qBACF;iBACF;aACF;YACD,IAAI,EAAE;gBACJ,WAAW,EAAE,YAAY;gBACzB,OAAO,EAAE,mBAAmB;gBAC5B,WAAW,EAAE;oBACX,QAAQ,EAAE,IAAI;oBACd,OAAO,EAAE;wBACP,kBAAkB,EAAE;4BAClB,MAAM,EAAE;gCACN,IAAI,EAAE,QAAQ;gCACd,UAAU,EAAE;oCACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oCACxB,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;iCAC1B;gCACD,QAAQ,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;6BAC5B;yBACF;qBACF;iBACF;gBACD,SAAS,EAAE;oBACT,KAAK,EAAE;wBACL,WAAW,EAAE,SAAS;wBACtB,OAAO,EAAE;4BACP,kBAAkB,EAAE;gCAClB,MAAM,EAAE;oCACN,IAAI,EAAE,QAAQ;oCACd,UAAU,EAAE;wCACV,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wCACtB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wCACxB,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;qCAC1B;iCACF;6BACF;yBACF;qBACF;iBACF;aACF;SACF;KACF;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,cAAc,GAAuB;IAChD,OAAO,EAAE,OAAO;IAChB,IAAI,EAAE;QACJ,KAAK,EAAE,mBAAmB;QAC1B,OAAO,EAAE,OAAO;KACjB;IACD,UAAU,EAAE;QACV,eAAe,EAAE;YACf,UAAU,EAAE;gBACV,IAAI,EAAE,MAAM;gBACZ,MAAM,EAAE,QAAQ;gBAChB,YAAY,EAAE,KAAK;aACpB;SACF;KACF;IACD,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC9B,KAAK,EAAE;QACL,YAAY,EAAE;YACZ,GAAG,EAAE;gBACH,WAAW,EAAE,cAAc;gBAC3B,OAAO,EAAE,wBAAwB;gBACjC,SAAS,EAAE;oBACT,KAAK,EAAE;wBACL,WAAW,EAAE,SAAS;wBACtB,OAAO,EAAE;4BACP,kBAAkB,EAAE;gCAClB,MAAM,EAAE;oCACN,IAAI,EAAE,QAAQ;oCACd,UAAU,EAAE;wCACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;qCAC5B;iCACF;6BACF;yBACF;qBACF;iBACF;aACF;SACF;KACF;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,aAAa,GAAuB;IAC/C,OAAO,EAAE,OAAO;IAChB,IAAI,EAAE;QACJ,KAAK,EAAE,gBAAgB;QACvB,OAAO,EAAE,OAAO;KACjB;IACD,UAAU,EAAE;QACV,eAAe,EAAE;YACf,UAAU,EAAE;gBACV,IAAI,EAAE,MAAM;gBACZ,MAAM,EAAE,QAAQ;gBAChB,WAAW,EAAE,oBAAoB;aAClC;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,MAAM;gBACZ,MAAM,EAAE,QAAQ;gBAChB,WAAW,EAAE,mBAAmB;aACjC;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,EAAE,EAAE,QAAQ;gBACZ,IAAI,EAAE,WAAW;aAClB;SACF;KACF;IACD,KAAK,EAAE;QACL,eAAe,EAAE;YACf,GAAG,EAAE;gBACH,WAAW,EAAE,iBAAiB;gBAC9B,OAAO,EAAE,kBAAkB;gBAC3B,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;gBAC9B,SAAS,EAAE;oBACT,KAAK,EAAE;wBACL,WAAW,EAAE,SAAS;wBACtB,OAAO,EAAE;4BACP,kBAAkB,EAAE;gCAClB,MAAM,EAAE;oCACN,IAAI,EAAE,OAAO;oCACb,KAAK,EAAE;wCACL,IAAI,EAAE,QAAQ;wCACd,UAAU,EAAE;4CACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;yCACzB;qCACF;iCACF;6BACF;yBACF;qBACF;iBACF;aACF;SACF;QACD,iBAAiB,EAAE;YACjB,IAAI,EAAE;gBACJ,WAAW,EAAE,mBAAmB;gBAChC,OAAO,EAAE,oBAAoB;gBAC7B,QAAQ,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;gBAC7B,WAAW,EAAE;oBACX,QAAQ,EAAE,IAAI;oBACd,OAAO,EAAE;wBACP,kBAAkB,EAAE;4BAClB,MAAM,EAAE;gCACN,IAAI,EAAE,QAAQ;gCACd,UAAU,EAAE;oCACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oCAC3B,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;iCACzB;gCACD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;6BAC9B;yBACF;qBACF;iBACF;gBACD,SAAS,EAAE;oBACT,KAAK,EAAE;wBACL,WAAW,EAAE,SAAS;qBACvB;iBACF;aACF;SACF;QACD,iBAAiB,EAAE;YACjB,GAAG,EAAE;gBACH,WAAW,EAAE,mBAAmB;gBAChC,OAAO,EAAE,oBAAoB;gBAC7B,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;gBAC9B,SAAS,EAAE;oBACT,KAAK,EAAE;wBACL,WAAW,EAAE,SAAS;qBACvB;iBACF;aACF;SACF;KACF;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,YAAY,GAAG;IAC1B,KAAK,EAAE,gBAAgB;IACvB,IAAI,EAAE;QACJ,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,kBAAkB;QACzB,WAAW,EAAE,kBAAkB;QAC/B,UAAU,EAAE,iBAAiB;QAC7B,MAAM,EAAE,aAAa;KACtB;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,WAAW,GAAG;IACzB,QAAQ,EAAE,oBAAY;CACvB,CAAC;AAEF;;GAEG;AACI,MAAM,gBAAgB,GAAG,CAAC,IAAa,EAAE,EAAE;IAChD,OAAO,OAAO,CAAC,OAAO,CAAC;QACrB,EAAE,EAAE,IAAI;QACR,MAAM,EAAE,GAAG;QACX,UAAU,EAAE,IAAI;QAChB,OAAO,EAAE,IAAI,OAAO,CAAC,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC;QAC5D,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACjD,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;KACtB,CAAC,CAAC;AACjB,CAAC,CAAC;AATW,QAAA,gBAAgB,oBAS3B;AAEK,MAAM,cAAc,GAAG,CAAC,MAAc,EAAE,OAAe,EAAE,EAAE;IAChE,OAAO,OAAO,CAAC,OAAO,CAAC;QACrB,EAAE,EAAE,KAAK;QACT,MAAM;QACN,UAAU,EAAE,OAAO;QACnB,OAAO,EAAE,IAAI,OAAO,CAAC,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC;QACtD,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;KACzB,CAAC,CAAC;AACjB,CAAC,CAAC;AARW,QAAA,cAAc,kBAQzB;AAEF;;GAEG;AACI,MAAM,YAAY,GAAG,GAAG,EAAE;IAC/B,MAAM,UAAU,GAAG;QACjB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,kBAAkB,EAAE;QACpD,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,EAAE;QACxD,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,kBAAkB,EAAE;KACvD,CAAC;IAEF,OAAO;QACL,GAAG,UAAU;QACb,OAAO,EAAE,GAAG,EAAE;YACZ,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YAC7B,UAAU,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;YAC/B,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAChC,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAfW,QAAA,YAAY,gBAevB","sourcesContent":["/// <reference types=\"jest\" />\n/**\n * Test fixtures and mocks for OpenAPI adapter tests\n */\n\nimport type { OpenAPIV3 } from 'openapi-types';\n/**\n * Basic OpenAPI spec without security\n */\nexport const basicOpenApiSpec: OpenAPIV3.Document = {\n openapi: '3.0.0',\n info: {\n title: 'Test API',\n version: '1.0.0',\n },\n paths: {\n '/users/{id}': {\n get: {\n operationId: 'getUser',\n summary: 'Get user by ID',\n parameters: [\n {\n name: 'id',\n in: 'path',\n required: true,\n schema: { type: 'string' },\n },\n ],\n responses: {\n '200': {\n description: 'Success',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n id: { type: 'string' },\n name: { type: 'string' },\n },\n },\n },\n },\n },\n },\n },\n post: {\n operationId: 'createUser',\n summary: 'Create a new user',\n requestBody: {\n required: true,\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n name: { type: 'string' },\n email: { type: 'string' },\n },\n required: ['name', 'email'],\n },\n },\n },\n },\n responses: {\n '201': {\n description: 'Created',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n id: { type: 'string' },\n name: { type: 'string' },\n email: { type: 'string' },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n};\n\n/**\n * OpenAPI spec with Bearer authentication\n */\nexport const bearerAuthSpec: OpenAPIV3.Document = {\n openapi: '3.0.0',\n info: {\n title: 'Authenticated API',\n version: '1.0.0',\n },\n components: {\n securitySchemes: {\n BearerAuth: {\n type: 'http',\n scheme: 'bearer',\n bearerFormat: 'JWT',\n },\n },\n },\n security: [{ BearerAuth: [] }],\n paths: {\n '/protected': {\n get: {\n operationId: 'getProtected',\n summary: 'Get protected resource',\n responses: {\n '200': {\n description: 'Success',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n message: { type: 'string' },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n};\n\n/**\n * OpenAPI spec with multiple security schemes\n */\nexport const multiAuthSpec: OpenAPIV3.Document = {\n openapi: '3.0.0',\n info: {\n title: 'Multi-Auth API',\n version: '1.0.0',\n },\n components: {\n securitySchemes: {\n GitHubAuth: {\n type: 'http',\n scheme: 'bearer',\n description: 'GitHub OAuth token',\n },\n SlackAuth: {\n type: 'http',\n scheme: 'bearer',\n description: 'Slack OAuth token',\n },\n ApiKeyAuth: {\n type: 'apiKey',\n in: 'header',\n name: 'X-API-Key',\n },\n },\n },\n paths: {\n '/github/repos': {\n get: {\n operationId: 'github_getRepos',\n summary: 'Get GitHub repos',\n security: [{ GitHubAuth: [] }],\n responses: {\n '200': {\n description: 'Success',\n content: {\n 'application/json': {\n schema: {\n type: 'array',\n items: {\n type: 'object',\n properties: {\n name: { type: 'string' },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n '/slack/messages': {\n post: {\n operationId: 'slack_postMessage',\n summary: 'Post Slack message',\n security: [{ SlackAuth: [] }],\n requestBody: {\n required: true,\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n channel: { type: 'string' },\n text: { type: 'string' },\n },\n required: ['channel', 'text'],\n },\n },\n },\n },\n responses: {\n '200': {\n description: 'Success',\n },\n },\n },\n },\n '/admin/settings': {\n get: {\n operationId: 'admin_getSettings',\n summary: 'Get admin settings',\n security: [{ ApiKeyAuth: [] }],\n responses: {\n '200': {\n description: 'Success',\n },\n },\n },\n },\n },\n};\n\n/**\n * Mock AuthInfo for testing\n */\nexport const mockAuthInfo = {\n token: 'mock-jwt-token',\n user: {\n id: 'user-123',\n email: 'test@example.com',\n githubToken: 'github-token-123',\n slackToken: 'slack-token-456',\n apiKey: 'api-key-789',\n },\n};\n\n/**\n * Mock context for tool execution\n */\nexport const mockContext = {\n authInfo: mockAuthInfo,\n};\n\n/**\n * Mock fetch responses\n */\nexport const mockFetchSuccess = (data: unknown) => {\n return Promise.resolve({\n ok: true,\n status: 200,\n statusText: 'OK',\n headers: new Headers({ 'content-type': 'application/json' }),\n text: () => Promise.resolve(JSON.stringify(data)),\n json: () => Promise.resolve(data),\n } as Response);\n};\n\nexport const mockFetchError = (status: number, message: string) => {\n return Promise.resolve({\n ok: false,\n status,\n statusText: message,\n headers: new Headers({ 'content-type': 'text/plain' }),\n text: () => Promise.resolve(message),\n } as Response);\n};\n\n/**\n * Spy on console methods for testing logs\n */\nexport const spyOnConsole = () => {\n const consoleSpy = {\n log: jest.spyOn(console, 'log').mockImplementation(),\n error: jest.spyOn(console, 'error').mockImplementation(),\n warn: jest.spyOn(console, 'warn').mockImplementation(),\n };\n\n return {\n ...consoleSpy,\n restore: () => {\n consoleSpy.log.mockRestore();\n consoleSpy.error.mockRestore();\n consoleSpy.warn.mockRestore();\n },\n };\n};\n"]}

package/src/openapi/openapi.adapter.d.ts CHANGED Viewed

@@ -1,8 +1,13 @@
 import { DynamicAdapter, FrontMcpAdapterResponse } from '@frontmcp/sdk';
 import { OpenApiAdapterOptions } from './openapi.types';
 export default class OpenapiAdapter extends DynamicAdapter<OpenApiAdapterOptions> {
+    private generator?;
     options: OpenApiAdapterOptions;
     constructor(options: OpenApiAdapterOptions);
     fetch(): Promise<FrontMcpAdapterResponse>;
-    private parseTools;
+    /**
+     * Initialize the OpenAPI tool generator from URL or spec
+     * @private
+     */
+    private initializeGenerator;
 }

package/src/openapi/openapi.adapter.js CHANGED Viewed

@@ -2,46 +2,97 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 const tslib_1 = require("tslib");
 const sdk_1 = require("@frontmcp/sdk");
-const openapi_mcp_generator_1 = require("openapi-mcp-generator");
+const mcp_from_openapi_1 = require("mcp-from-openapi");
 const openapi_tool_1 = require("./openapi.tool");
+const openapi_security_1 = require("./openapi.security");
 let OpenapiAdapter = class OpenapiAdapter extends sdk_1.DynamicAdapter {
     constructor(options) {
         super();
         this.options = options;
     }
     async fetch() {
-        let urlOrSpec = '';
+        // Lazy load: Initialize generator on first fetch if not already initialized
+        if (!this.generator) {
+            this.generator = await this.initializeGenerator();
+        }
+        // Generate tools from OpenAPI spec
+        const openapiTools = await this.generator.generateTools({
+            includeOperations: this.options.generateOptions?.includeOperations,
+            excludeOperations: this.options.generateOptions?.excludeOperations,
+            filterFn: this.options.generateOptions?.filterFn,
+            namingStrategy: this.options.generateOptions?.namingStrategy,
+            preferredStatusCodes: this.options.generateOptions?.preferredStatusCodes ?? [200, 201, 202, 204],
+            includeDeprecated: this.options.generateOptions?.includeDeprecated ?? false,
+            includeAllResponses: this.options.generateOptions?.includeAllResponses ?? true,
+            includeSecurityInInput: this.options.generateOptions?.includeSecurityInInput ?? false,
+            maxSchemaDepth: this.options.generateOptions?.maxSchemaDepth,
+            includeExamples: this.options.generateOptions?.includeExamples,
+        });
+        // Validate security configuration
+        const validation = (0, openapi_security_1.validateSecurityConfiguration)(openapiTools, this.options);
+        // Log security information
+        console.log(`\n[OpenAPI Adapter: ${this.options.name}] Security Analysis:`);
+        console.log(`  Security Risk Score: ${validation.securityRiskScore.toUpperCase()}`);
+        console.log(`  Valid Configuration: ${validation.valid ? 'YES' : 'NO'}`);
+        if (validation.warnings.length > 0) {
+            console.log('\n  Messages:');
+            validation.warnings.forEach((warning) => {
+                console.log(`    - ${warning}`);
+            });
+        }
+        // Fail if configuration is invalid and security is required
+        if (!validation.valid) {
+            throw new Error(`[OpenAPI Adapter: ${this.options.name}] Invalid security configuration.\n` +
+                `Missing auth provider mappings for security schemes: ${validation.missingMappings.join(', ')}\n\n` +
+                `Your OpenAPI spec requires these security schemes, but no auth configuration was provided.\n\n` +
+                `Add one of the following to your adapter configuration:\n\n` +
+                `1. authProviderMapper (recommended):\n` +
+                `   authProviderMapper: {\n` +
+                validation.missingMappings.map((s) => `     '${s}': (authInfo) => authInfo.user?.${s.toLowerCase()}Token,`).join('\n') +
+                `\n   }\n\n` +
+                `2. securityResolver:\n` +
+                `   securityResolver: (tool, authInfo) => ({ jwt: authInfo.token })\n\n` +
+                `3. staticAuth:\n` +
+                `   staticAuth: { jwt: process.env.API_TOKEN }\n\n` +
+                `4. Include security in input (NOT recommended for production):\n` +
+                `   generateOptions: { includeSecurityInInput: true }`);
+        }
+        console.log(''); // Empty line for readability
+        // Convert OpenAPI tools to FrontMCP tools
+        const tools = openapiTools.map((openapiTool) => (0, openapi_tool_1.createOpenApiTool)(openapiTool, this.options));
+        return { tools };
+    }
+    /**
+     * Initialize the OpenAPI tool generator from URL or spec
+     * @private
+     */
+    async initializeGenerator() {
         if ('url' in this.options) {
-            urlOrSpec = this.options.url;
+            return await mcp_from_openapi_1.OpenAPIToolGenerator.fromURL(this.options.url, {
+                baseUrl: this.options.baseUrl,
+                validate: this.options.loadOptions?.validate ?? true,
+                dereference: this.options.loadOptions?.dereference ?? true,
+                headers: this.options.loadOptions?.headers,
+                timeout: this.options.loadOptions?.timeout,
+                followRedirects: this.options.loadOptions?.followRedirects,
+            });
         }
         else if ('spec' in this.options) {
-            urlOrSpec = this.options.spec;
+            return await mcp_from_openapi_1.OpenAPIToolGenerator.fromJSON(this.options.spec, {
+                baseUrl: this.options.baseUrl,
+                validate: this.options.loadOptions?.validate ?? true,
+                dereference: this.options.loadOptions?.dereference ?? true,
+            });
         }
         else {
-            throw new Error('Either url or spec must be provided');
+            throw new Error('Either url or spec must be provided in OpenApiAdapterOptions');
         }
-        const { baseUrl, filterFn, defaultInclude, excludeOperationIds } = this.options;
-        const openApiTools = await (0, openapi_mcp_generator_1.getToolsFromOpenApi)(urlOrSpec, {
-            baseUrl,
-            filterFn,
-            defaultInclude,
-            excludeOperationIds,
-            dereference: false,
-        });
-        return {
-            tools: this.parseTools(openApiTools),
-        };
-    }
-    parseTools(openApiTools) {
-        return openApiTools.map(tool => {
-            return (0, openapi_tool_1.createOpenApiTool)(tool, this.options);
-        });
     }
 };
 OpenapiAdapter = tslib_1.__decorate([
     (0, sdk_1.Adapter)({
         name: 'openapi',
-        description: 'OpenAPI adapter that  plugin for expense-mcp',
+        description: 'OpenAPI adapter for FrontMCP - Automatically generates MCP tools from OpenAPI specifications',
     }),
     tslib_1.__metadata("design:paramtypes", [Object])
 ], OpenapiAdapter);

package/src/openapi/openapi.adapter.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"openapi.adapter.js","sourceRoot":"","sources":["../../../src/openapi/openapi.adapter.ts"],"names":[],"mappings":";;;AAAA,~~uCAIuB~~;~~AAEvB~~,~~iEAA6E~~;~~AAC7E~~,~~iDAAiD~~;~~AAOlC~~,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,oBAAqC;~~IAG~~/E,YAAY,OAA8B;QACxC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;~~IAGD~~,KAAK,CAAC,KAAK;QACT,IAAI,SAAS,~~GAAgC,~~EAAE,~~CAAA~~;~~QAC/C~~,IAAI,~~KAAK~~,~~IAAI~~,IAAI,CAAC,~~OAAO~~,EAAE,CAAC;~~YAC1B~~,~~SAAS~~,GAAG,IAAI,CAAC,~~OAAO~~,CAAC,~~GAAG~~,CAAC;~~QAC/B~~,CAAC;~~aAAM~~,IAAI,~~MAAM~~,IAAI,IAAI,CAAC,OAAO,EAAE,~~CAAC~~;~~YAClC~~,~~SAAS~~,~~GAAG~~,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;~~QAChC~~,CAAC;~~aAAM~~,CAAC;~~YACN~~,~~MAAM~~,IAAI,KAAK,CAAC,~~qCAAqC~~,CAAC,CAAC;~~QACzD~~,CAAC;~~QACD~~,MAAM,EAAC,OAAO,EAAE,QAAQ,EAAE,~~cAAc~~,EAAE,~~mBAAmB~~,~~EAAC~~,GAAG,IAAI,CAAC,OAAO,CAAC;~~QAC9E~~,MAAM,YAAY,GAAG,MAAM,IAAA,~~2CAAmB~~,EAAC,~~SAAS~~,EAAE~~;YACxD~~,OAAO;~~YACP~~,~~QAAQ~~;~~YACR~~,~~cAAc~~;~~YACd~~,mBAAmB;~~YACnB~~,WAAW,EAAE,~~KAAK~~;~~SACnB~~,CAAC,CAAC;~~QAEH~~,OAAO;~~YACL~~,~~KAAK~~,EAAE,IAAI,CAAC,~~UAAU~~,CAAC,~~YAAY~~,CAAC;~~SACrC~~,CAAC;~~IACJ~~,CAAC;~~IAEO~~,~~UAAU~~,CAAC,~~YAAiC~~;~~QAClD~~,OAAO,~~YAAY~~,CAAC,~~GAAG~~,CAAC,IAAI,CAAC,EAAE;~~YAC7B~~,OAAO,~~IAAA~~,~~gCAAiB~~,~~EAAC~~,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;~~QAC/C~~,CAAC,CAAC,CAAC;~~IACL~~,CAAC;CACF,CAAA;~~AArCoB~~,cAAc;IAJlC,IAAA,aAAO,EAAC;QACP,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,~~8CAA8C~~;~~KAC5D~~,CAAC;;GACmB,cAAc,~~CAqClC~~;~~kBArCoB~~,cAAc","sourcesContent":["import {\n Adapter~~,\n~~ DynamicAdapter~~,\n~~ FrontMcpAdapterResponse~~,\n~~} from '@frontmcp/sdk';\nimport {OpenApiAdapterOptions} from './openapi.types';\nimport {~~getToolsFromOpenApi,~~ ~~McpToolDefinition~~} from '~~openapi-~~mcp-~~generator~~';\nimport {createOpenApiTool} from \"./openapi.tool\";\nimport {~~OpenAPIV3~~} from \"openapi~~-types\"~~;\n\n@Adapter({\n name: 'openapi',\n description: 'OpenAPI adapter ~~that plugin~~ for ~~expense~~-~~mcp~~',\n})\nexport default class OpenapiAdapter extends DynamicAdapter<OpenApiAdapterOptions> {\n options: OpenApiAdapterOptions;\n\n constructor(options: OpenApiAdapterOptions) {\n super();\n this.options = options;\n }\n\n\n async fetch(): Promise<FrontMcpAdapterResponse> {\n ~~let~~ ~~urlOrSpec~~: ~~string~~ \| ~~OpenAPIV3.Document~~ = ''\n if (~~'url'~~ in this.~~options~~) {\n ~~urlOrSpec~~ = this.options.~~url~~;\n } ~~else~~ if ('~~spec~~' in ~~this~~.~~options~~) {\n ~~urlOrSpec~~ = ~~this~~.~~options.spec~~;\n } ~~else~~ {\n throw new Error('~~Either~~ ~~url~~ or spec ~~must~~ be provided');\n }\n ~~const~~ {~~baseUrl,~~ ~~filterFn,~~ ~~defaultInclude,~~ ~~excludeOperationIds~~} = ~~this~~.~~options;\~~n ~~const~~ ~~openApiTools~~ = ~~await~~ ~~getToolsFromOpenApi~~(~~urlOrSpec~~, {\n ~~baseUrl,\~~n ~~filterFn,\~~n ~~defaultInclude,\~~n ~~excludeOperationIds,\~~n ~~dereference~~: ~~false,\~~n });\n\n ~~return~~ {\n tools: ~~this~~.~~parseTools~~(~~openApiTools~~),\n };\n }\n\n private ~~parseTools~~(~~openApiTools~~: ~~McpToolDefinition[]~~) {\n return ~~openApiTools~~.~~map~~(~~tool~~ => {\n return ~~createOpenApiTool~~(~~tool~~, this.options);\n });\n }\n}"]}
1	+ {"version":3,"file":"openapi.adapter.js","sourceRoot":"","sources":["../../../src/openapi/openapi.adapter.ts"],"names":[],"mappings":";;;AAAA,uCAAiF;AAEjF,uDAAwD;AACxD,iDAAmD;AACnD,yDAAmE;AAMpD,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,oBAAqC;IAI/E,YAAY,OAA8B;QACxC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,4EAA4E;QAC5E,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACpD,CAAC;QAED,mCAAmC;QACnC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC;YACtD,iBAAiB,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,iBAAiB;YAClE,iBAAiB,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,iBAAiB;YAClE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,QAAQ;YAChD,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,cAAc;YAC5D,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,oBAAoB,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;YAChG,iBAAiB,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,iBAAiB,IAAI,KAAK;YAC3E,mBAAmB,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,mBAAmB,IAAI,IAAI;YAC9E,sBAAsB,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,sBAAsB,IAAI,KAAK;YACrF,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,cAAc;YAC5D,eAAe,EAAE,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,eAAe;SAC/D,CAAC,CAAC;QAEH,kCAAkC;QAClC,MAAM,UAAU,GAAG,IAAA,gDAA6B,EAAC,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAE7E,2BAA2B;QAC3B,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,CAAC,OAAO,CAAC,IAAI,sBAAsB,CAAC,CAAC;QAC5E,OAAO,CAAC,GAAG,CAAC,0BAA0B,UAAU,CAAC,iBAAiB,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;QACpF,OAAO,CAAC,GAAG,CAAC,0BAA0B,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEzE,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAC7B,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBACtC,OAAO,CAAC,GAAG,CAAC,SAAS,OAAO,EAAE,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,4DAA4D;QAC5D,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CACb,qBAAqB,IAAI,CAAC,OAAO,CAAC,IAAI,qCAAqC;gBACzE,wDAAwD,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM;gBACnG,gGAAgG;gBAChG,6DAA6D;gBAC7D,wCAAwC;gBACxC,4BAA4B;gBAC5B,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,mCAAmC,CAAC,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;gBACtH,YAAY;gBACZ,wBAAwB;gBACxB,wEAAwE;gBACxE,kBAAkB;gBAClB,mDAAmD;gBACnD,kEAAkE;gBAClE,sDAAsD,CACzD,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,6BAA6B;QAE9C,0CAA0C;QAC1C,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAC7C,IAAA,gCAAiB,EAAC,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,CAC7C,CAAC;QAEF,OAAO,EAAE,KAAK,EAAE,CAAC;IACnB,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,mBAAmB;QAC/B,IAAI,KAAK,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,MAAM,uCAAoB,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;gBAC1D,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;gBAC7B,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,QAAQ,IAAI,IAAI;gBACpD,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,WAAW,IAAI,IAAI;gBAC1D,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO;gBAC1C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO;gBAC1C,eAAe,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,eAAe;aAC3D,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,OAAO,MAAM,uCAAoB,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;gBAC5D,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;gBAC7B,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,QAAQ,IAAI,IAAI;gBACpD,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,WAAW,IAAI,IAAI;aAC3D,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;CACF,CAAA;AAlGoB,cAAc;IAJlC,IAAA,aAAO,EAAC;QACP,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,8FAA8F;KAC5G,CAAC;;GACmB,cAAc,CAkGlC;kBAlGoB,cAAc","sourcesContent":["import { Adapter, DynamicAdapter, FrontMcpAdapterResponse } from '@frontmcp/sdk';\nimport { OpenApiAdapterOptions } from './openapi.types';\nimport { OpenAPIToolGenerator } from 'mcp-from-openapi';\nimport { createOpenApiTool } from './openapi.tool';\nimport { validateSecurityConfiguration } from './openapi.security';\n\n@Adapter({\n name: 'openapi',\n description: 'OpenAPI adapter for FrontMCP - Automatically generates MCP tools from OpenAPI specifications',\n})\nexport default class OpenapiAdapter extends DynamicAdapter<OpenApiAdapterOptions> {\n private generator?: OpenAPIToolGenerator;\n public options: OpenApiAdapterOptions;\n\n constructor(options: OpenApiAdapterOptions) {\n super();\n this.options = options;\n }\n\n async fetch(): Promise<FrontMcpAdapterResponse> {\n // Lazy load: Initialize generator on first fetch if not already initialized\n if (!this.generator) {\n this.generator = await this.initializeGenerator();\n }\n\n // Generate tools from OpenAPI spec\n const openapiTools = await this.generator.generateTools({\n includeOperations: this.options.generateOptions?.includeOperations,\n excludeOperations: this.options.generateOptions?.excludeOperations,\n filterFn: this.options.generateOptions?.filterFn,\n namingStrategy: this.options.generateOptions?.namingStrategy,\n preferredStatusCodes: this.options.generateOptions?.preferredStatusCodes ?? [200, 201, 202, 204],\n includeDeprecated: this.options.generateOptions?.includeDeprecated ?? false,\n includeAllResponses: this.options.generateOptions?.includeAllResponses ?? true,\n includeSecurityInInput: this.options.generateOptions?.includeSecurityInInput ?? false,\n maxSchemaDepth: this.options.generateOptions?.maxSchemaDepth,\n includeExamples: this.options.generateOptions?.includeExamples,\n });\n\n // Validate security configuration\n const validation = validateSecurityConfiguration(openapiTools, this.options);\n\n // Log security information\n console.log(`\\n[OpenAPI Adapter: ${this.options.name}] Security Analysis:`);\n console.log(` Security Risk Score: ${validation.securityRiskScore.toUpperCase()}`);\n console.log(` Valid Configuration: ${validation.valid ? 'YES' : 'NO'}`);\n\n if (validation.warnings.length > 0) {\n console.log('\\n Messages:');\n validation.warnings.forEach((warning) => {\n console.log(` - ${warning}`);\n });\n }\n\n // Fail if configuration is invalid and security is required\n if (!validation.valid) {\n throw new Error(\n `[OpenAPI Adapter: ${this.options.name}] Invalid security configuration.\\n` +\n `Missing auth provider mappings for security schemes: ${validation.missingMappings.join(', ')}\\n\\n` +\n `Your OpenAPI spec requires these security schemes, but no auth configuration was provided.\\n\\n` +\n `Add one of the following to your adapter configuration:\\n\\n` +\n `1. authProviderMapper (recommended):\\n` +\n ` authProviderMapper: {\\n` +\n validation.missingMappings.map((s) => ` '${s}': (authInfo) => authInfo.user?.${s.toLowerCase()}Token,`).join('\\n') +\n `\\n }\\n\\n` +\n `2. securityResolver:\\n` +\n ` securityResolver: (tool, authInfo) => ({ jwt: authInfo.token })\\n\\n` +\n `3. staticAuth:\\n` +\n ` staticAuth: { jwt: process.env.API_TOKEN }\\n\\n` +\n `4. Include security in input (NOT recommended for production):\\n` +\n ` generateOptions: { includeSecurityInInput: true }`\n );\n }\n\n console.log(''); // Empty line for readability\n\n // Convert OpenAPI tools to FrontMCP tools\n const tools = openapiTools.map((openapiTool) =>\n createOpenApiTool(openapiTool, this.options)\n );\n\n return { tools };\n }\n\n /*\n Initialize the OpenAPI tool generator from URL or spec\n * @private\n */\n private async initializeGenerator(): Promise<OpenAPIToolGenerator> {\n if ('url' in this.options) {\n return await OpenAPIToolGenerator.fromURL(this.options.url, {\n baseUrl: this.options.baseUrl,\n validate: this.options.loadOptions?.validate ?? true,\n dereference: this.options.loadOptions?.dereference ?? true,\n headers: this.options.loadOptions?.headers,\n timeout: this.options.loadOptions?.timeout,\n followRedirects: this.options.loadOptions?.followRedirects,\n });\n } else if ('spec' in this.options) {\n return await OpenAPIToolGenerator.fromJSON(this.options.spec, {\n baseUrl: this.options.baseUrl,\n validate: this.options.loadOptions?.validate ?? true,\n dereference: this.options.loadOptions?.dereference ?? true,\n });\n } else {\n throw new Error('Either url or spec must be provided in OpenApiAdapterOptions');\n }\n }\n}\n"]}

package/src/openapi/openapi.security.d.ts ADDED Viewed

@@ -0,0 +1,56 @@
+import { type McpOpenAPITool, type SecurityContext } from 'mcp-from-openapi';
+import type { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';
+import type { OpenApiAdapterOptions } from './openapi.types';
+/**
+ * Security scheme information extracted from OpenAPI spec
+ */
+export interface SecuritySchemeInfo {
+    name: string;
+    type: string;
+    scheme?: string;
+    in?: string;
+    description?: string;
+}
+/**
+ * Security validation result
+ */
+export interface SecurityValidationResult {
+    valid: boolean;
+    missingMappings: string[];
+    warnings: string[];
+    securityRiskScore: 'low' | 'medium' | 'high';
+}
+/**
+ * Resolve security context from FrontMCP auth info with support for multiple auth providers
+ *
+ * @param tool - OpenAPI tool to resolve security for
+ * @param authInfo - FrontMCP authentication info
+ * @param options - Adapter options with auth configuration
+ * @returns Security context for resolver
+ */
+export declare function createSecurityContextFromAuth(tool: McpOpenAPITool, authInfo: AuthInfo, options: Pick<OpenApiAdapterOptions, 'securityResolver' | 'authProviderMapper' | 'staticAuth'>): Promise<SecurityContext>;
+/**
+ * Extract all security schemes used by a set of tools
+ *
+ * @param tools - OpenAPI tools
+ * @returns Set of security scheme names
+ */
+export declare function extractSecuritySchemes(tools: McpOpenAPITool[]): Set<string>;
+/**
+ * Validate security configuration against OpenAPI security requirements
+ *
+ * @param tools - OpenAPI tools
+ * @param options - Adapter options
+ * @returns Validation result with errors and warnings
+ */
+export declare function validateSecurityConfiguration(tools: McpOpenAPITool[], options: Pick<OpenApiAdapterOptions, 'securityResolver' | 'authProviderMapper' | 'staticAuth' | 'generateOptions'>): SecurityValidationResult;
+/**
+ * Resolve security for an OpenAPI tool with validation
+ *
+ * @param tool - OpenAPI tool with mapper
+ * @param authInfo - FrontMCP authentication info
+ * @param options - Adapter options with auth configuration
+ * @returns Resolved security (headers, query params, etc.)
+ * @throws Error if security cannot be resolved
+ */
+export declare function resolveToolSecurity(tool: McpOpenAPITool, authInfo: AuthInfo, options: Pick<OpenApiAdapterOptions, 'securityResolver' | 'authProviderMapper' | 'staticAuth'>): Promise<import("mcp-from-openapi").ResolvedSecurity>;