@gavdi/cap-mcp 0.9.7 → 0.9.9-alpha.3

package/lib/auth/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/auth/utils.js

@@ -3,31 +3,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.isAuthEnabled = isAuthEnabled;
 exports.getAccessRights = getAccessRights;
 exports.registerAuthMiddleware = registerAuthMiddleware;
+exports.hasToolOperationAccess = hasToolOperationAccess;
+exports.getWrapAccesses = getWrapAccesses;
 const handler_1 = require("./handler");
-const proxyProvider_js_1 = require("@modelcontextprotocol/sdk/server/auth/providers/proxyProvider.js");
 const router_js_1 = require("@modelcontextprotocol/sdk/server/auth/router.js");
-/**
- * @fileoverview Authentication utilities for MCP-CAP integration.
- *
- * This module provides utilities for integrating CAP authentication with MCP servers.
- * It supports all standard CAP authentication types and provides functions for:
- * - Determining authentication status
- * - Managing user access rights
- * - Registering authentication middleware
- *
- * Supported CAP authentication types:
- * - 'dummy': No authentication (privileged access)
- * - 'mocked': Mock users with predefined credentials
- * - 'basic': HTTP Basic Authentication
- * - 'jwt': Generic JWT token validation
- * - 'xsuaa': SAP BTP XSUAA OAuth2/JWT authentication
- * - 'ias': SAP Identity Authentication Service
- * - Custom string types for user-defined authentication strategies
- *
- * Access CAP auth configuration via: cds.env.requires.auth.kind
- */
+const logger_1 = require("../logger");
 /* @ts-ignore */
-const cds = global.cds || require("@sap/cds"); // This is a work around for missing cds context
+const cds = global.cds || require("@sap/cds"); // Use hosting app's CDS instance exclusively
 /**
  * Determines whether authentication is enabled for the MCP plugin.
  *
@@ -115,7 +97,8 @@ function getAccessRights(authEnabled) {
  * @since 1.0.0
  */
 function registerAuthMiddleware(expressApp) {
-    const middlewares = cds.middlewares.before; // No types exists for this part of the CDS library
+    logger_1.LOGGER.debug("Configuring auth middleware");
+    const middlewares = cds.middlewares?.before || []; // Handle missing middlewares gracefully
     // Build array of auth middleware to apply
     const authMiddleware = [];
     // Add CAP middleware
@@ -130,8 +113,10 @@ function registerAuthMiddleware(expressApp) {
     authMiddleware.push((0, handler_1.authHandlerFactory)());
     // Apply auth middleware to all /mcp routes EXCEPT health
     expressApp?.use(/^\/mcp(?!\/health).*/, ...authMiddleware);
-    // Then finally we add the oauth proxy to the xsuaa instance
+    // Note: .well-known/oauth-authorization-server endpoint is automatically created by mcpAuthRouter
+    // Configure OAuth proxy for enterprise authentication scenarios
     configureOAuthProxy(expressApp);
+    logger_1.LOGGER.debug("Auth middleware configured");
 }
 /**
  * Configures OAuth proxy middleware for enterprise authentication scenarios.
@@ -144,6 +129,7 @@ function registerAuthMiddleware(expressApp) {
  * - Access token verification and validation
  * - Client credential management
  * - Integration with CAP authentication configuration
+ * - Dynamic client registration for MCP clients
  *
  * The OAuth proxy is only configured for enterprise authentication types
  * (jwt, xsuaa, ias) and skips configuration for basic auth types.
@@ -173,40 +159,142 @@ function configureOAuthProxy(expressApp) {
     const config = cds.env.requires.auth;
     const kind = config.kind;
     const credentials = config.credentials;
+    logger_1.LOGGER.debug("Running auth with configuration kind", kind);
     // Safety guard - skip OAuth proxy for basic auth types
-    if (kind === "dummy" || kind === "mocked" || kind === "basic")
+    if (kind === "dummy" || kind === "mocked" || kind === "basic") {
+        logger_1.LOGGER.debug("Skipping OAuth proxy for auth type:", kind);
         return;
-    else if (!credentials ||
+    }
+    if (!credentials ||
         !credentials.clientid ||
         !credentials.clientsecret ||
         !credentials.url) {
-        throw new Error("Invalid security credentials");
+        logger_1.LOGGER.warn("OAuth proxy skipped - missing required XSUAA credentials");
+        return; // Don't throw error, just skip OAuth proxy
     }
-    const proxyProvider = new proxyProvider_js_1.ProxyOAuthServerProvider({
-        endpoints: {
-            authorizationUrl: `${credentials.url}/oauth/authorize`,
-            tokenUrl: `${credentials.url}/oauth/token`,
-            revocationUrl: `${credentials.url}/oauth/revoke`,
-        },
-        verifyAccessToken: async (token) => {
-            return {
-                token,
-                clientId: credentials.clientid,
-                scopes: ["uaa.resource"],
-            };
-        },
-        getClient: async (client_id) => {
-            return {
-                client_secret: credentials.clientsecret,
-                client_id,
-                redirect_uris: ["http://localhost:3000/callback"], // Temporary value for now
-            };
+    logger_1.LOGGER.debug("Configuring OAuth proxy with XSUAA endpoints");
+    const baseUrl = process.env.MCP_BASE_URL ||
+        process.env.MCP_SERVER_URL ||
+        "http://localhost:4004";
+    // const proxyProvider = new ProxyOAuthServerProvider({
+    //   endpoints: {
+    //     authorizationUrl: `${credentials.url}/oauth/authorize`,
+    //     tokenUrl: `${credentials.url}/oauth/token`,
+    //     revocationUrl: `${credentials.url}/oauth/revoke`,
+    //   },
+    //   verifyAccessToken: async (token: string) => {
+    //     try {
+    //       LOGGER.debug("OAuth proxy: verifyAccessToken called");
+    //
+    //       // Use CAP's built-in JWT verification for XSUAA
+    //       const decoded = await cds.auth.jwt.verify(token);
+    //       LOGGER.debug(
+    //         "Token decoded successfully for client:",
+    //         decoded.client_id || decoded.azp,
+    //       );
+    //
+    //       return {
+    //         token,
+    //         clientId: decoded.client_id || decoded.azp,
+    //         scopes: decoded.scope?.split(" ") || [],
+    //         userId: decoded.sub,
+    //         expiresAt: decoded.exp, // Unix timestamp, not Date object
+    //       };
+    //     } catch (error) {
+    //       LOGGER.error("Token verification failed:", error);
+    //       throw new Error("Invalid access token");
+    //     }
+    //   },
+    //   getClient: async (client_id: string) => {
+    //     LOGGER.debug("OAuth proxy: Dynamic client registration requested");
+    //
+    //     return {
+    //       client_secret: credentials.clientsecret as string,
+    //       client_id,
+    //       redirect_uris: [
+    //         `${baseUrl}/oauth/callback`,
+    //         `${baseUrl}/mcp/oauth/callback`,
+    //         "http://localhost:3000/callback", // Claude Desktop default
+    //         "http://localhost:3000/auth/callback", // Alternative format
+    //       ],
+    //     };
+    //   },
+    // });
+    expressApp.use((0, router_js_1.mcpAuthMetadataRouter)({
+        oauthMetadata: {
+            issuer: credentials.url,
+            authorization_endpoint: `${credentials.url}/oauth/authorize`,
+            token_endpoint: `${credentials.url}/oauth/token`,
+            response_types_supported: ["code", "token"],
+            grant_types_supported: [
+                "authorization_code",
+                "client_credentials",
+                "urn:ietf:params:oauth:grant-type:jwt-bearer",
+                "refresh_token"
+            ],
+            token_endpoint_auth_methods_supported: ["client_secret_post", "client_secret_basic"],
+            code_challenge_methods_supported: ["S256"]
         },
-    });
-    expressApp.use((0, router_js_1.mcpAuthRouter)({
-        provider: proxyProvider,
-        issuerUrl: new URL(credentials.url),
-        //baseUrl: new URL(""), // I have left this out for the time being due to the defaulting to issuer
         serviceDocumentationUrl: new URL("https://docs.cloudfoundry.org/api/uaa/version/77.34.0/index.html#authorization"),
+        resourceServerUrl: new URL(baseUrl),
     }));
+    logger_1.LOGGER.info("OAuth proxy configured successfully for XSUAA integration");
+}
+/**
+ * Checks whether the requesting user's access matches that of the roles required
+ * @param user
+ * @returns true if the user has access
+ */
+function hasToolOperationAccess(user, roles) {
+    // If no restrictions are defined, allow access
+    if (!roles || roles.length === 0)
+        return true;
+    for (const el of roles) {
+        if (user.is(el.role))
+            return true;
+    }
+    return false;
+}
+/**
+ * Determines wrap accesses based on the given MCP restrictions derived from annotations
+ * @param user
+ * @param restrictions
+ * @returns wrap tool accesses
+ */
+function getWrapAccesses(user, restrictions) {
+    // If no restrictions are defined, allow all access
+    if (!restrictions || restrictions.length === 0) {
+        return {
+            canRead: true,
+            canCreate: true,
+            canUpdate: true,
+            canDelete: true,
+        };
+    }
+    const access = {};
+    for (const el of restrictions) {
+        // If the user does not even have the role then no reason to check
+        if (!user.is(el.role))
+            continue;
+        if (!el.operations || el.operations.length <= 0) {
+            access.canRead = true;
+            access.canCreate = true;
+            access.canDelete = true;
+            access.canUpdate = true;
+            break;
+        }
+        if (el.operations.includes("READ")) {
+            access.canRead = true;
+        }
+        if (el.operations.includes("UPDATE")) {
+            access.canUpdate = true;
+        }
+        if (el.operations.includes("CREATE")) {
+            access.canCreate = true;
+        }
+        if (el.operations.includes("DELETE")) {
+            access.canDelete = true;
+        }
+    }
+    return access;
 }

package/lib/config/loader.js

@@ -35,6 +35,7 @@ function loadConfiguration() {
             "create",
             "update",
         ],
+        instructions: cdsEnv?.instructions,
     };
 }
 /**

package/lib/mcp/customResourceTemplate.js

@@ -0,0 +1,156 @@
+"use strict";
+/**
+ * Custom URI template implementation that fixes the MCP SDK's broken
+ * URI template matching for grouped query parameters.
+ *
+ * This is duck typing implementation of the ResourceTemplate class.
+ * See @modelcontextprotocol/sdk/server/mcp.js
+ *
+ * This is only a temporary solution, as we should use the official implementation from the SDK
+ * Upon the SDK being fixed, we should switch over to that implementation.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CustomResourceTemplate = exports.CustomUriTemplate = void 0;
+// TODO: Get rid of 'any' typing
+/**
+ * Custom URI template class that properly handles grouped query parameters
+ * in the format {?param1,param2,param3}
+ */
+class CustomUriTemplate {
+    template;
+    baseUri = "";
+    queryParams = [];
+    constructor(template) {
+        this.template = template;
+        this.parseTemplate();
+    }
+    toString() {
+        return this.template;
+    }
+    parseTemplate() {
+        // Extract base URI and query parameters from template
+        // Template format: odata://CatalogService/books{?filter,orderby,select,skip,top}
+        const queryTemplateMatch = this.template.match(/^([^{]+)\{\?([^}]+)\}$/);
+        if (!queryTemplateMatch) {
+            // No query parameters, treat as static URI
+            this.baseUri = this.template;
+            this.queryParams = [];
+            return;
+        }
+        this.baseUri = queryTemplateMatch[1];
+        this.queryParams = queryTemplateMatch[2]
+            .split(",")
+            .map((param) => param.trim())
+            .filter((param) => param.length > 0);
+    }
+    /**
+     * Matches a URI against this template and extracts variables
+     * @param uri The URI to match
+     * @returns Object with extracted variables or null if no match
+     */
+    match(uri) {
+        // Check if base URI matches
+        if (!uri.startsWith(this.baseUri)) {
+            return null;
+        }
+        // Extract query string
+        const queryStart = uri.indexOf("?");
+        if (queryStart === -1) {
+            // No query parameters in URI
+            if (this.queryParams.length === 0) {
+                return {}; // Static URI match
+            }
+            // Template expects query params but URI has none - still valid for optional params
+            return {};
+        }
+        const queryString = uri.substring(queryStart + 1);
+        const queryPairs = queryString.split("&");
+        const extractedVars = {};
+        // Parse query parameters with strict validation
+        for (const pair of queryPairs) {
+            const equalIndex = pair.indexOf("=");
+            if (equalIndex > 0) {
+                const key = pair.substring(0, equalIndex);
+                const value = pair.substring(equalIndex + 1);
+                if (key && value !== undefined) {
+                    const decodedKey = decodeURIComponent(key);
+                    const decodedValue = decodeURIComponent(value);
+                    // SECURITY: Reject entire URI if ANY unauthorized parameter is present
+                    if (!this.queryParams.includes(decodedKey)) {
+                        return null; // Unauthorized parameter found - reject entire URI
+                    }
+                    extractedVars[decodedKey] = decodedValue;
+                }
+            }
+            else if (pair.trim().length > 0) {
+                // Handle malformed parameters (missing = or empty key)
+                // SECURITY: Reject malformed query parameters
+                return null;
+            }
+        }
+        // For static templates (no parameters allowed), reject any query string
+        if (this.queryParams.length === 0 && queryString.trim().length > 0) {
+            return null;
+        }
+        return extractedVars;
+    }
+    /**
+     * Expands the template with given variables
+     * @param variables Object containing variable values
+     * @returns Expanded URI string
+     */
+    expand(variables) {
+        if (this.queryParams.length === 0) {
+            return this.baseUri;
+        }
+        const queryPairs = [];
+        for (const param of this.queryParams) {
+            const value = variables[param];
+            if (value !== undefined && value !== null && value !== "") {
+                queryPairs.push(`${encodeURIComponent(param)}=${encodeURIComponent(value)}`);
+            }
+        }
+        if (queryPairs.length === 0) {
+            return this.baseUri;
+        }
+        return `${this.baseUri}?${queryPairs.join("&")}`;
+    }
+    /**
+     * Gets the variable names from the template
+     */
+    get variableNames() {
+        return [...this.queryParams];
+    }
+}
+exports.CustomUriTemplate = CustomUriTemplate;
+/**
+ * Custom ResourceTemplate that uses our CustomUriTemplate for proper URI matching
+ * Duck-types the MCP SDK's ResourceTemplate interface for compatibility
+ */
+class CustomResourceTemplate {
+    _uriTemplate;
+    _callbacks;
+    constructor(uriTemplate, callbacks) {
+        this._callbacks = callbacks;
+        this._uriTemplate = new CustomUriTemplate(uriTemplate);
+    }
+    /**
+     * Gets the URI template pattern - must match MCP SDK interface
+     */
+    get uriTemplate() {
+        return this._uriTemplate;
+    }
+    /**
+     * Gets the list callback, if one was provided
+     */
+    get listCallback() {
+        return this._callbacks.list;
+    }
+    /**
+     * Gets the callback for completing a specific URI template variable
+     */
+    completeCallback(variable) {
+        return this._callbacks.complete?.[variable];
+    }
+}
+exports.CustomResourceTemplate = CustomResourceTemplate;

package/lib/mcp/entity-tools.js

@@ -66,28 +66,36 @@ const TIMEOUT_MS = 10_000; // Standard timeout for tool calls (ms)
  * Modes can be controlled globally via configuration and per-entity via @mcp.wrap.
  *
  * Example tool names (naming is explicit for easier LLM usage):
- *   Service_Entity_query, Service_Entity_get, Service_Entity_create, Service_Entity_update
+ *   Service_Entity_query, Service_Entity_get, Service_Entity_create, Service_Entity_update, Service_Entity_delete
  */
-function registerEntityWrappers(resAnno, server, authEnabled, defaultModes) {
+function registerEntityWrappers(resAnno, server, authEnabled, defaultModes, accesses) {
     const CDS = global.cds;
     logger_1.LOGGER.debug(`[REGISTRATION TIME] Registering entity wrappers for ${resAnno.serviceName}.${resAnno.target}, available services:`, Object.keys(CDS.services || {}));
     const modes = resAnno.wrap?.modes ?? defaultModes;
-    if (modes.includes("query")) {
+    if (modes.includes("query") && accesses.canRead) {
         registerQueryTool(resAnno, server, authEnabled);
     }
     if (modes.includes("get") &&
         resAnno.resourceKeys &&
-        resAnno.resourceKeys.size > 0) {
+        resAnno.resourceKeys.size > 0 &&
+        accesses.canRead) {
         registerGetTool(resAnno, server, authEnabled);
     }
-    if (modes.includes("create")) {
+    if (modes.includes("create") && accesses.canCreate) {
         registerCreateTool(resAnno, server, authEnabled);
     }
     if (modes.includes("update") &&
         resAnno.resourceKeys &&
-        resAnno.resourceKeys.size > 0) {
+        resAnno.resourceKeys.size > 0 &&
+        accesses.canUpdate) {
         registerUpdateTool(resAnno, server, authEnabled);
     }
+    if (modes.includes("delete") &&
+        resAnno.resourceKeys &&
+        resAnno.resourceKeys.size > 0 &&
+        accesses.canDelete) {
+        registerDeleteTool(resAnno, server, authEnabled);
+    }
 }
 /**
  * Builds the visible tool name for a given operation mode.
@@ -474,6 +482,78 @@ function registerUpdateTool(resAnno, server, authEnabled) {
     };
     server.registerTool(toolName, { title: toolName, description: desc, inputSchema }, updateHandler);
 }
+/**
+ * Registers the delete tool for an entity.
+ * Requires keys to identify the entity to delete.
+ */
+function registerDeleteTool(resAnno, server, authEnabled) {
+    const toolName = nameFor(resAnno.serviceName, resAnno.target, "delete");
+    const inputSchema = {};
+    // Keys required for deletion
+    for (const [k, cdsType] of resAnno.resourceKeys.entries()) {
+        inputSchema[k] = (0, utils_2.determineMcpParameterType)(cdsType).describe(`Key ${k}`);
+    }
+    const keyList = Array.from(resAnno.resourceKeys.keys()).join(", ");
+    const hint = resAnno.wrap?.hint ? ` Hint: ${resAnno.wrap?.hint}` : "";
+    const desc = `Delete ${resAnno.target} by key(s): ${keyList}. This operation cannot be undone.${hint}`;
+    const deleteHandler = async (args) => {
+        const CDS = global.cds;
+        const { DELETE } = CDS.ql;
+        const svc = await resolveServiceInstance(resAnno.serviceName);
+        if (!svc) {
+            const msg = `Service not found: ${resAnno.serviceName}. Available: ${Object.keys(CDS.services || {}).join(", ")}`;
+            logger_1.LOGGER.error(msg);
+            return (0, utils_2.toolError)("ERR_MISSING_SERVICE", msg);
+        }
+        // Extract keys - similar to get/update handlers
+        const keys = {};
+        for (const [k] of resAnno.resourceKeys.entries()) {
+            let provided = args[k];
+            if (provided === undefined) {
+                // Case-insensitive key matching (like in get handler)
+                const alt = Object.entries(args || {}).find(([kk]) => String(kk).toLowerCase() === String(k).toLowerCase());
+                if (alt)
+                    provided = args[alt[0]];
+            }
+            if (provided === undefined) {
+                logger_1.LOGGER.warn(`Delete tool missing required key`, { key: k, toolName });
+                return (0, utils_2.toolError)("MISSING_KEY", `Missing key '${k}'`);
+            }
+            // Coerce numeric strings (like in get handler)
+            const raw = provided;
+            keys[k] =
+                typeof raw === "string" && /^\d+$/.test(raw) ? Number(raw) : raw;
+        }
+        logger_1.LOGGER.debug(`Executing DELETE on ${resAnno.target} with keys`, keys);
+        const tx = svc.tx({ user: (0, utils_1.getAccessRights)(authEnabled) });
+        try {
+            const response = await withTimeout(tx.run(DELETE.from(resAnno.target).where(keys)), TIMEOUT_MS, toolName, async () => {
+                try {
+                    await tx.rollback();
+                }
+                catch { }
+            });
+            try {
+                await tx.commit();
+            }
+            catch { }
+            return (0, utils_2.asMcpResult)(response ?? { deleted: true });
+        }
+        catch (error) {
+            try {
+                await tx.rollback();
+            }
+            catch { }
+            const isTimeout = String(error?.message || "").includes("timed out");
+            const msg = isTimeout
+                ? `${toolName} timed out after ${TIMEOUT_MS}ms`
+                : `DELETE_FAILED: ${error?.message || String(error)}`;
+            logger_1.LOGGER.error(msg, error);
+            return (0, utils_2.toolError)(isTimeout ? "TIMEOUT" : "DELETE_FAILED", msg);
+        }
+    };
+    server.registerTool(toolName, { title: toolName, description: desc, inputSchema }, deleteHandler);
+}
 // Helper: compile structured inputs into a CDS query
 // The function translates the validated MCP input into CQN safely,
 // including a basic escape of string literals to avoid invalid syntax.

package/lib/mcp/factory.js

@@ -24,7 +24,7 @@ function createMcpServer(config, annotations) {
         name: config.name,
         version: config.version,
         capabilities: config.capabilities,
-    });
+    }, { instructions: config.instructions });
     if (!annotations) {
         logger_1.LOGGER.debug("No annotations provided, skipping registration...");
         return server;
@@ -33,20 +33,26 @@ function createMcpServer(config, annotations) {
     const authEnabled = (0, utils_1.isAuthEnabled)(config.auth);
     // Always register discovery tool for better model planning
     (0, describe_model_1.registerDescribeModelTool)(server);
+    const accessRights = (0, utils_1.getAccessRights)(authEnabled);
     for (const entry of annotations.values()) {
         if (entry instanceof structures_1.McpToolAnnotation) {
+            if (!(0, utils_1.hasToolOperationAccess)(accessRights, entry.restrictions))
+                continue;
             (0, tools_1.assignToolToServer)(entry, server, authEnabled);
             continue;
         }
         else if (entry instanceof structures_1.McpResourceAnnotation) {
-            (0, resources_1.assignResourceToServer)(entry, server, authEnabled);
+            const accesses = (0, utils_1.getWrapAccesses)(accessRights, entry.restrictions);
+            if (accesses.canRead) {
+                (0, resources_1.assignResourceToServer)(entry, server, authEnabled);
+            }
             // Optionally expose entities as tools based on global/per-entity switches
             const globalWrap = !!config.wrap_entities_to_actions;
             const localWrap = entry.wrap?.tools;
             const enabled = localWrap === true || (localWrap === undefined && globalWrap);
             if (enabled) {
                 const modes = config.wrap_entity_modes ?? ["query", "get"];
-                (0, entity_tools_1.registerEntityWrappers)(entry, server, authEnabled, modes);
+                (0, entity_tools_1.registerEntityWrappers)(entry, server, authEnabled, modes, accesses);
             }
             continue;
         }

package/lib/mcp.js

@@ -39,8 +39,10 @@ class McpPlugin {
     async onBootstrap(app) {
         logger_1.LOGGER.debug("Event received for 'bootstrap'");
         this.expressApp = app;
-        this.expressApp.use(express_1.default.json());
-        if (this.config.auth === "inherit") {
+        this.expressApp.use("/mcp", express_1.default.json());
+        // To make it more safe, if there is a mispelling we will always implement auth
+        // Users will have to explicitly write none
+        if (this.config.auth !== "none") {
             (0, utils_2.registerAuthMiddleware)(this.expressApp);
         }
         await this.registerApiEndpoints();

package/lib/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });