@goke/mcp 0.0.4

package/dist/types.d.ts

@@ -0,0 +1,77 @@
+import type { OAuthTokens, OAuthClientInformation } from "@modelcontextprotocol/sdk/shared/auth.js";
+/**
+ * Persisted OAuth state for file-based storage
+ */
+export interface McpOAuthState {
+    tokens?: OAuthTokens;
+    clientInformation?: OAuthClientInformation;
+    codeVerifier?: string;
+    serverUrl?: string;
+}
+/**
+ * OAuth configuration for addMcpCommands
+ */
+export interface McpOAuthConfig {
+    /** Client name shown during OAuth consent screen */
+    clientName: string;
+    /**
+     * Load persisted OAuth state from storage (e.g., config file)
+     */
+    load: () => McpOAuthState | undefined;
+    /**
+     * Save OAuth state to storage. Called after successful auth or token refresh.
+     * Pass undefined to clear the state (logout).
+     */
+    save: (state: McpOAuthState | undefined) => void;
+    /**
+     * Called with the authorization URL. Default behavior opens the browser.
+     * Override to customize (e.g., just print the URL).
+     */
+    onAuthUrl?: (url: string) => void;
+    /**
+     * Called on successful authentication
+     */
+    onAuthSuccess?: () => void;
+    /**
+     * Called on authentication error
+     */
+    onAuthError?: (error: string) => void;
+}
+/**
+ * Result of startOAuthFlow
+ */
+export interface OAuthFlowResult {
+    success: boolean;
+    state?: McpOAuthState;
+    error?: string;
+}
+/**
+ * Options for starting OAuth flow
+ */
+export interface StartOAuthFlowOptions {
+    serverUrl: string;
+    clientName: string;
+    /** Existing OAuth state (for re-auth scenarios) */
+    existingState?: McpOAuthState;
+    /** Called with auth URL, default opens browser */
+    onAuthUrl?: (url: string) => void;
+    /** Timeout in ms waiting for callback, default 5 minutes */
+    timeout?: number;
+}
+/**
+ * Options for the local callback server
+ */
+export interface CallbackServerOptions {
+    /** Called when server starts with the redirect URI */
+    onReady?: (redirectUri: string) => void;
+    /** Timeout in ms, default 5 minutes */
+    timeout?: number;
+}
+/**
+ * Result from callback server
+ */
+export interface CallbackResult {
+    code: string;
+    state: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,sBAAsB,EAAE,MAAM,0CAA0C,CAAC;AAEpG;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;IAC3C,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oDAAoD;IACpD,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,IAAI,EAAE,MAAM,aAAa,GAAG,SAAS,CAAC;IAEtC;;;OAGG;IACH,IAAI,EAAE,CAAC,KAAK,EAAE,aAAa,GAAG,SAAS,KAAK,IAAI,CAAC;IAEjD;;;OAGG;IACH,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAElC;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,IAAI,CAAC;IAE3B;;OAEG;IACH,WAAW,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;CACvC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,aAAa,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,mDAAmD;IACnD,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B,kDAAkD;IAClD,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;IAClC,4DAA4D;IAC5D,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,sDAAsD;IACtD,OAAO,CAAC,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,CAAC;IACxC,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf"}

package/dist/types.js

@@ -0,0 +1 @@
+export {};

package/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "@goke/mcp",
+  "version": "0.0.4",
+  "description": "Dynamically generate CLI commands from MCP server tools",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./src/index.js": {
+      "types": "./src/index.ts",
+      "import": "./src/index.ts"
+    }
+  },
+  "files": [
+    "dist",
+    "src"
+  ],
+  "keywords": [
+    "mcp",
+    "cli",
+    "goke"
+  ],
+  "author": "Tommaso De Rossi, morse <beats.by.morse@gmail.com>",
+  "license": "MIT",
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.0.0",
+    "js-yaml": "^4.1.1"
+  },
+  "peerDependencies": {
+    "goke": "*"
+  },
+  "devDependencies": {
+    "@types/js-yaml": "^4.0.9",
+    "@types/node": "^22.19.7",
+    "goke": "6.1.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "watch": "tsc -w"
+  }
+}

package/src/auth.ts

@@ -0,0 +1,138 @@
+import { auth } from "@modelcontextprotocol/sdk/client/auth.js";
+import { FileOAuthProvider } from "./oauth-provider.js";
+import { startCallbackServer } from "./local-callback-server.js";
+import type { McpOAuthState, OAuthFlowResult, StartOAuthFlowOptions } from "./types.js";
+
+/**
+ * Open a URL in the default browser.
+ * Uses platform-specific commands.
+ */
+async function openBrowser(url: string): Promise<void> {
+  const { exec } = await import("node:child_process");
+  const { promisify } = await import("node:util");
+  const execAsync = promisify(exec);
+
+  const platform = process.platform;
+  const command = (() => {
+    if (platform === "darwin") {
+      return `open "${url}"`;
+    }
+    if (platform === "win32") {
+      return `start "" "${url}"`;
+    }
+    // Linux and others
+    return `xdg-open "${url}"`;
+  })();
+
+  await execAsync(command);
+}
+
+/**
+ * Start the OAuth flow for an MCP server.
+ * This is an internal function - consumers should not call this directly.
+ * It is automatically triggered by addMcpCommands when a 401 error occurs.
+ *
+ * This function:
+ * 1. Starts a local callback server on a random port
+ * 2. Initiates OAuth with the MCP server
+ * 3. Opens the browser for user authorization
+ * 4. Waits for the callback with the authorization code
+ * 5. Exchanges the code for tokens
+ * 6. Returns the OAuth state for persistence
+ */
+export async function startOAuthFlow(options: StartOAuthFlowOptions): Promise<OAuthFlowResult> {
+  const { serverUrl, clientName, existingState, onAuthUrl, timeout } = options;
+
+  // Start local callback server on random port
+  const callbackServer = await startCallbackServer({ timeout });
+  const { redirectUri, waitForCallback, close } = callbackServer;
+
+  try {
+    // Create OAuth provider with the dynamic redirect URI
+    const oauthProvider = new FileOAuthProvider({
+      serverUrl,
+      redirectUri,
+      clientName,
+      tokens: existingState?.tokens,
+      clientInformation: existingState?.clientInformation,
+      codeVerifier: existingState?.codeVerifier,
+    });
+
+    // Start the OAuth flow - this will trigger dynamic client registration
+    // and set the authorization URL on the provider
+    const authResult = await auth(oauthProvider, { serverUrl });
+
+    if (authResult !== "REDIRECT") {
+      // Auth succeeded without redirect (had valid tokens)
+      close();
+      return {
+        success: true,
+        state: oauthProvider.getState(),
+      };
+    }
+
+    // Get the authorization URL
+    const authUrl = oauthProvider.redirectStartAuthUrl;
+    if (!authUrl) {
+      close();
+      return {
+        success: false,
+        error: "No authorization URL returned from OAuth flow",
+      };
+    }
+
+    // Open browser or call custom handler
+    const authUrlString = authUrl.toString();
+    if (onAuthUrl) {
+      onAuthUrl(authUrlString);
+    } else {
+      await openBrowser(authUrlString);
+    }
+
+    // Wait for the callback
+    const callback = await waitForCallback();
+
+    // Complete the OAuth flow by exchanging the code for tokens
+    const finalResult = await auth(oauthProvider, {
+      serverUrl,
+      authorizationCode: callback.code,
+    });
+
+    if (finalResult === "REDIRECT") {
+      return {
+        success: false,
+        error: "Unexpected redirect after code exchange",
+      };
+    }
+
+    return {
+      success: true,
+      state: oauthProvider.getState(),
+    };
+  } catch (err) {
+    close();
+    return {
+      success: false,
+      error: err instanceof Error ? err.message : String(err),
+    };
+  }
+}
+
+/**
+ * Check if an error indicates authentication is required.
+ * Internal function used by addMcpCommands.
+ */
+export function isAuthRequiredError(err: unknown): boolean {
+  if (!(err instanceof Error)) {
+    return false;
+  }
+  const message = err.message.toLowerCase();
+  return (
+    message.includes("401") ||
+    message.includes("unauthorized") ||
+    message.includes("authentication required") ||
+    message.includes("not authenticated") ||
+    message.includes("invalid_token") ||
+    message.includes("missing or invalid access token")
+  );
+}