npm - @gethmy/mcp - Versions diffs - 2.4.4 → 2.4.7 - Mend

@gethmy/mcp 2.4.4 → 2.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/cli.js +56 -12
package/dist/index.js +56 -12
package/dist/lib/api-client.js +29 -1
package/dist/lib/config.js +5 -1
package/package.json +1 -1
package/src/__tests__/memory-audit.test.ts +83 -1
package/src/__tests__/remote-routing.test.ts +285 -0
package/src/api-client.ts +40 -1
package/src/memory-audit.ts +36 -16
package/src/remote.ts +318 -56

package/src/__tests__/remote-routing.test.ts ADDED Viewed

@@ -0,0 +1,285 @@
+/**
+ * Routing/auth tests for the remote MCP server (`src/remote.ts`).
+ *
+ * Covers the four session-routing branches mandated by the MCP Streamable
+ * HTTP spec — the regression that surfaced as "Harmony MCP not responding"
+ * after a server restart, OAuth refresh, or stale-session GC was a missing
+ * 404 branch for unknown `Mcp-Session-Id` values.
+ *
+ * These tests stub `globalThis.fetch` so we don't depend on harmony-api
+ * being reachable.
+ *
+ * Run with: bun test packages/mcp-server/src/__tests__/remote-routing.test.ts
+ */
+import {
+  afterAll,
+  afterEach,
+  beforeAll,
+  beforeEach,
+  describe,
+  expect,
+  test,
+} from "bun:test";
+const ORIGINAL_FETCH = globalThis.fetch;
+// Fixed values used across tests
+const TEST_USER = "user-alpha";
+const OTHER_USER = "user-beta";
+const TEST_WORKSPACE = "ws-1";
+const VALID_TOKEN = "hmy_at_alpha_valid";
+const REFRESHED_TOKEN = "hmy_at_alpha_refreshed";
+const OTHER_USER_TOKEN = "hmy_at_beta_valid";
+const REVOKED_TOKEN = "hmy_at_revoked";
+function makeFetchStub() {
+  return async (
+    input: string | URL | Request,
+    init?: RequestInit,
+  ): Promise<Response> => {
+    const url = typeof input === "string" ? input : input.toString();
+    const apiKey =
+      (init?.headers as Record<string, string> | undefined)?.["X-API-Key"] ??
+      "";
+    if (url.endsWith("/v1/auth/context")) {
+      const map: Record<
+        string,
+        { userId: string; workspaceId: string | null; source: string } | null
+      > = {
+        [VALID_TOKEN]: {
+          userId: TEST_USER,
+          workspaceId: TEST_WORKSPACE,
+          source: "oauth",
+        },
+        [REFRESHED_TOKEN]: {
+          userId: TEST_USER,
+          workspaceId: TEST_WORKSPACE,
+          source: "oauth",
+        },
+        [OTHER_USER_TOKEN]: {
+          userId: OTHER_USER,
+          workspaceId: "ws-2",
+          source: "oauth",
+        },
+      };
+      const ctx = map[apiKey];
+      if (!ctx) {
+        return new Response(JSON.stringify({ error: "unauthorized" }), {
+          status: 401,
+          headers: { "Content-Type": "application/json" },
+        });
+      }
+      return new Response(JSON.stringify(ctx), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    }
+    // Anything else — return a benign 404 so unrelated lookups don't blow up.
+    return new Response("{}", {
+      status: 404,
+      headers: { "Content-Type": "application/json" },
+    });
+  };
+}
+let fetchHandler: (req: Request) => Promise<Response>;
+let _sessionsForTests: Map<string, unknown>;
+beforeAll(async () => {
+  globalThis.fetch = makeFetchStub() as unknown as typeof fetch;
+  // Import after the stub is in place (module init is synchronous-only.)
+  const mod = await import("../remote.js");
+  fetchHandler = mod.fetchHandler as (req: Request) => Promise<Response>;
+  _sessionsForTests = mod._sessionsForTests as Map<string, unknown>;
+});
+afterAll(() => {
+  globalThis.fetch = ORIGINAL_FETCH;
+});
+beforeEach(() => {
+  // Refresh the fetch stub each test (preserves across the cache TTL).
+  globalThis.fetch = makeFetchStub() as unknown as typeof fetch;
+});
+afterEach(() => {
+  // Wipe sessions between tests so state doesn't leak.
+  _sessionsForTests.clear();
+});
+const INIT_BODY = {
+  jsonrpc: "2.0",
+  id: 1,
+  method: "initialize",
+  params: {
+    protocolVersion: "2025-06-18",
+    capabilities: {},
+    clientInfo: { name: "test", version: "0.0.1" },
+  },
+};
+const TOOLS_LIST_BODY = {
+  jsonrpc: "2.0",
+  id: 2,
+  method: "tools/list",
+  params: {},
+};
+function makePost(
+  body: unknown,
+  opts: { token?: string; sessionId?: string } = {},
+): Request {
+  const headers: Record<string, string> = {
+    "Content-Type": "application/json",
+    Accept: "application/json, text/event-stream",
+  };
+  if (opts.token) headers.Authorization = `Bearer ${opts.token}`;
+  if (opts.sessionId) headers["Mcp-Session-Id"] = opts.sessionId;
+  return new Request("http://localhost/mcp", {
+    method: "POST",
+    headers,
+    body: JSON.stringify(body),
+  });
+}
+describe("remote MCP routing", () => {
+  test("no Authorization header → 401 + WWW-Authenticate", async () => {
+    const res = await fetchHandler(
+      new Request("http://localhost/mcp", { method: "POST" }),
+    );
+    expect(res.status).toBe(401);
+    const wwwAuth = res.headers.get("WWW-Authenticate") ?? "";
+    expect(wwwAuth).toContain("Bearer");
+    expect(wwwAuth).toContain("resource_metadata=");
+  });
+  test("invalid bearer on initialize → 401 invalid_token", async () => {
+    const res = await fetchHandler(
+      makePost(INIT_BODY, { token: REVOKED_TOKEN }),
+    );
+    expect(res.status).toBe(401);
+    expect(res.headers.get("WWW-Authenticate") ?? "").toContain(
+      "invalid_token",
+    );
+  });
+  test("POST without session id and not initialize → 400", async () => {
+    const res = await fetchHandler(
+      makePost(TOOLS_LIST_BODY, { token: VALID_TOKEN }),
+    );
+    expect(res.status).toBe(400);
+    const body = (await res.json()) as { error: { message: string } };
+    expect(body.error.message).toMatch(/Mcp-Session-Id header required/i);
+  });
+  test("POST with unknown session id → 404 (forces client re-init)", async () => {
+    const res = await fetchHandler(
+      makePost(TOOLS_LIST_BODY, {
+        token: VALID_TOKEN,
+        sessionId: "ghost-session-id",
+      }),
+    );
+    // This is the spec-mandated behavior that fixes "Harmony MCP not responding".
+    expect(res.status).toBe(404);
+    const body = (await res.json()) as { error: { code: number } };
+    expect(body.error.code).toBe(-32001);
+    expect(res.headers.get("Mcp-Session-Id")).toBe("ghost-session-id");
+  });
+  test("initialize succeeds and registers a session", async () => {
+    const res = await fetchHandler(makePost(INIT_BODY, { token: VALID_TOKEN }));
+    expect(res.status).toBe(200);
+    const sid = res.headers.get("mcp-session-id");
+    expect(sid).toBeTruthy();
+    expect(_sessionsForTests.has(sid!)).toBe(true);
+  });
+  test("rotated token (same user) is accepted on hot-swap", async () => {
+    // Bootstrap a session.
+    const initRes = await fetchHandler(
+      makePost(INIT_BODY, { token: VALID_TOKEN }),
+    );
+    const sid = initRes.headers.get("mcp-session-id")!;
+    // Send a follow-up with the *new* token + same session id.
+    // We're not asserting on the body — just that the rotation didn't
+    // produce a 401/404, which it would if hot-swap were broken.
+    const follow = await fetchHandler(
+      makePost(TOOLS_LIST_BODY, {
+        token: REFRESHED_TOKEN,
+        sessionId: sid,
+      }),
+    );
+    expect(follow.status).not.toBe(401);
+    expect(follow.status).not.toBe(404);
+  });
+  test("token from a different user is REJECTED on hot-swap", async () => {
+    const initRes = await fetchHandler(
+      makePost(INIT_BODY, { token: VALID_TOKEN }),
+    );
+    const sid = initRes.headers.get("mcp-session-id")!;
+    // Attempt to ride the session with another user's bearer.
+    const hijack = await fetchHandler(
+      makePost(TOOLS_LIST_BODY, {
+        token: OTHER_USER_TOKEN,
+        sessionId: sid,
+      }),
+    );
+    expect(hijack.status).toBe(401);
+    const wwwAuth = hijack.headers.get("WWW-Authenticate") ?? "";
+    expect(wwwAuth).toContain("invalid_token");
+  });
+  test("GET without valid session id → 400", async () => {
+    const res = await fetchHandler(
+      new Request("http://localhost/mcp", {
+        method: "GET",
+        headers: {
+          Authorization: `Bearer ${VALID_TOKEN}`,
+          Accept: "text/event-stream",
+        },
+      }),
+    );
+    // GET without a session id falls into "session required" — 400.
+    expect(res.status).toBe(400);
+  });
+  test("GET with unknown session id → 404", async () => {
+    const res = await fetchHandler(
+      new Request("http://localhost/mcp", {
+        method: "GET",
+        headers: {
+          Authorization: `Bearer ${VALID_TOKEN}`,
+          Accept: "text/event-stream",
+          "Mcp-Session-Id": "ghost",
+        },
+      }),
+    );
+    expect(res.status).toBe(404);
+  });
+  test("/.well-known/oauth-protected-resource is unauthenticated", async () => {
+    const res = await fetchHandler(
+      new Request("http://localhost/.well-known/oauth-protected-resource"),
+    );
+    expect(res.status).toBe(200);
+    const body = (await res.json()) as {
+      authorization_servers: string[];
+      bearer_methods_supported: string[];
+    };
+    expect(body.authorization_servers.length).toBeGreaterThan(0);
+    expect(body.bearer_methods_supported).toContain("header");
+  });
+  test("/health is unauthenticated", async () => {
+    const res = await fetchHandler(new Request("http://localhost/health"));
+    expect(res.status).toBe(200);
+    const body = (await res.json()) as { status: string };
+    expect(body.status).toBe("ok");
+  });
+});

package/src/api-client.ts CHANGED Viewed

@@ -112,19 +112,47 @@ export async function requestWithBearer<T = unknown>(
   return result as T;
 }
+// Sentinel thrown when the API rejects the bearer/api-key with HTTP 401.
+// Lets the MCP transport layer turn it into an HTTP 401 + WWW-Authenticate
+// challenge so OAuth clients can refresh, instead of burying it inside a
+// JSON-RPC tool error envelope.
+export class HarmonyUnauthorizedError extends Error {
+  constructor(message = "Invalid or expired credentials") {
+    super(message);
+    this.name = "HarmonyUnauthorizedError";
+  }
+}
 export class HarmonyApiClient {
   private apiKey: string;
   private apiUrl: string;
+  private onUnauthorized?: () => void;
-  constructor(options?: { apiKey?: string; apiUrl?: string }) {
+  constructor(options?: {
+    apiKey?: string;
+    apiUrl?: string;
+    onUnauthorized?: () => void;
+  }) {
     this.apiKey = options?.apiKey ?? getApiKey();
     this.apiUrl = options?.apiUrl ?? getApiUrl();
+    this.onUnauthorized = options?.onUnauthorized;
   }
   getApiUrl(): string {
     return this.apiUrl;
   }
+  // Lets the MCP session swap in a freshly refreshed OAuth access token
+  // without recreating the client. Called from remote.ts when the incoming
+  // Bearer header differs from the cached token.
+  setApiKey(apiKey: string): void {
+    this.apiKey = apiKey;
+  }
+  getApiKey(): string {
+    return this.apiKey;
+  }
   private async request<T>(
     method: string,
     path: string,
@@ -197,6 +225,13 @@ export class HarmonyApiClient {
               ? null
               : `API error: ${response.status} (non-JSON response)`) ||
             `API error: ${response.status}`;
+          // 401: token rejected by harmony-api. Don't retry — surface a typed
+          // error so the MCP transport layer can issue an HTTP 401 challenge
+          // and trigger the client's OAuth refresh flow.
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -259,6 +294,10 @@ export class HarmonyApiClient {
           } catch {
             errorMsg = text || `API error: ${response.status}`;
           }
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }

package/src/memory-audit.ts CHANGED Viewed

@@ -116,27 +116,45 @@ export interface AuditReport {
   healthReport: string;
 }
+// Patterns must stay in sync with:
+//   supabase/functions/_shared/memory-boilerplate.ts (edge function guard)
+//   supabase/migrations/*_harden_memory_cleanup.sql  (cron sweeper)
+//
+// End-anchored where possible to avoid matching legitimate titles like
+// "Placeholder pattern in React" or "Untitled.fig reference". The retired
+// mid-session extractor's "Task transition: ..." prefix is the one open-ended
+// pattern — it was never a user-chosen format.
 const BOILERPLATE_PATTERNS = [
   /^todo:?$/i,
-  /^placeholder/i,
+  /^placeholder(\s+\d+|:)?$/i,
   /^\.\.\.$/,
-  /^untitled/i,
-  /^(note|memo|draft)\s*\d*$/i,
-  // Auto-captured task-transition snapshots from a retired active-learning rule.
-  // No user intent, no access pattern — treat as boilerplate so scoring archives them.
+  /^untitled(\s+\d+|:)?$/i,
+  /^(note|memo|draft)\s+\d+$/i,
   /^task transition:/i,
 ];
-function isBoilerplate(title: string, content: string): boolean {
+/**
+ * Title-only check. Used by the audit override — should not delete an entry
+ * just because its content is empty (may be a draft the user hasn't finished).
+ */
+function isBoilerplateTitle(title: string): boolean {
   const t = title.trim();
-  const c = content.trim();
-  if (c.length === 0) return true;
   for (const pat of BOILERPLATE_PATTERNS) {
     if (pat.test(t)) return true;
   }
   return false;
 }
+/**
+ * Stricter check used by the content-quality scoring band. Empty content is
+ * "boilerplate" for scoring — an empty memory contributes nothing regardless
+ * of title — but does not on its own trigger the delete-bucket override.
+ */
+function isBoilerplate(title: string, content: string): boolean {
+  if (content.trim().length === 0) return true;
+  return isBoilerplateTitle(title);
+}
 function scoreEntity(
   entity: AuditEntity,
   relationCount: number,
@@ -253,16 +271,18 @@ function scoreEntity(
     legacyReasons.push("no graph presence");
   }
-  // Bucket — boilerplate is a one-way door to delete. High access counts on
-  // noise titles signal re-read churn (recall/dedup loops), not genuine reuse;
-  // letting confidence + tier + decay drag the composite score back into
-  // "keep" leaves promoted-to-reference junk untouched. Override scoring,
-  // except when deleteBelow=0 (the "no deletions" escape hatch) — in that
-  // mode boilerplate falls through to archive.
+  // Bucket — boilerplate TITLE is a one-way door to delete. High access
+  // counts on noise titles signal re-read churn (recall/dedup loops), not
+  // genuine reuse; letting confidence + tier + decay drag the composite
+  // score back into "keep" leaves promoted-to-reference junk untouched.
+  // Override scoring, except when deleteBelow=0 (the "no deletions" escape
+  // hatch). Title-only on purpose: an empty-content entry with a real title
+  // may be a draft; the user should see it in the audit, not lose it.
+  const boilerplateTitle = isBoilerplateTitle(entity.title);
   let bucket: AuditBucket;
-  if (boilerplate && deleteBelow > 0) {
+  if (boilerplateTitle && deleteBelow > 0) {
     bucket = "delete";
-    reasons.push("boilerplate override");
+    reasons.push("boilerplate title override");
   } else if (score < deleteBelow) bucket = "delete";
   else if (score < archiveBelow) bucket = "archive";
   else if (score < 70) bucket = "review";