@hapticpaper/mcp-server 1.0.22 → 1.0.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +42 -32
- package/package.json +1 -1
- package/server.json +2 -2
package/dist/index.js
CHANGED
|
@@ -310,43 +310,53 @@ ${widgetJs}
|
|
|
310
310
|
verifyAccessToken: async (token) => {
|
|
311
311
|
const publicKey = process.env.JWT_PUBLIC_KEY ? process.env.JWT_PUBLIC_KEY.replace(/\\n/g, '\n') : undefined;
|
|
312
312
|
const secret = process.env.JWT_SECRET;
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
if (secret && e.message === 'invalid signature') {
|
|
321
|
-
decoded = jwt.verify(token, secret, { algorithms: ['HS256'] });
|
|
313
|
+
// Debug log (redacted)
|
|
314
|
+
console.error(`[MCP-Auth-Debug] Verifying token. HasPublicKey=${!!publicKey}, HasSecret=${!!secret}`);
|
|
315
|
+
try {
|
|
316
|
+
let decoded;
|
|
317
|
+
if (publicKey) {
|
|
318
|
+
try {
|
|
319
|
+
decoded = jwt.verify(token, publicKey, { algorithms: ['ES256'] });
|
|
322
320
|
}
|
|
323
|
-
|
|
324
|
-
|
|
321
|
+
catch (e) {
|
|
322
|
+
// If ES256 fails, and we have a secret, try HS256 (migration path)
|
|
323
|
+
// We catch 'invalid signature' (wrong key) AND 'invalid algorithm' (token is HS256 but we asked for ES256)
|
|
324
|
+
if (secret && (e.message === 'invalid signature' || e.message.includes('invalid algorithm'))) {
|
|
325
|
+
decoded = jwt.verify(token, secret, { algorithms: ['HS256'] });
|
|
326
|
+
}
|
|
327
|
+
else {
|
|
328
|
+
throw e;
|
|
329
|
+
}
|
|
325
330
|
}
|
|
326
331
|
}
|
|
332
|
+
else if (secret) {
|
|
333
|
+
decoded = jwt.verify(token, secret, { algorithms: ['HS256'] });
|
|
334
|
+
}
|
|
335
|
+
else {
|
|
336
|
+
console.error('[MCP-Auth-Error] No keys configured');
|
|
337
|
+
throw new Error('Server misconfigured: Neither JWT_PUBLIC_KEY nor JWT_SECRET is set');
|
|
338
|
+
}
|
|
339
|
+
if (!decoded || typeof decoded !== 'object') {
|
|
340
|
+
throw new Error('Invalid token');
|
|
341
|
+
}
|
|
342
|
+
const scopeStr = typeof decoded.scope === 'string' ? decoded.scope : '';
|
|
343
|
+
const permissions = Array.isArray(decoded.permissions) ? decoded.permissions : [];
|
|
344
|
+
const scopes = [
|
|
345
|
+
...scopeStr.split(/\s+/).map((s) => s.trim()).filter(Boolean),
|
|
346
|
+
...permissions.map((s) => (typeof s === 'string' ? s.trim() : '')).filter(Boolean),
|
|
347
|
+
];
|
|
348
|
+
const exp = decoded.exp;
|
|
349
|
+
return {
|
|
350
|
+
token,
|
|
351
|
+
clientId: decoded.client_id || 'unknown',
|
|
352
|
+
scopes: Array.from(new Set(scopes)),
|
|
353
|
+
expiresAt: typeof exp === 'number' ? exp : Math.floor(Date.now() / 1000) + 3600,
|
|
354
|
+
};
|
|
327
355
|
}
|
|
328
|
-
|
|
329
|
-
|
|
330
|
-
|
|
331
|
-
else {
|
|
332
|
-
throw new Error('Server misconfigured: Neither JWT_PUBLIC_KEY nor JWT_SECRET is set');
|
|
333
|
-
}
|
|
334
|
-
if (!decoded || typeof decoded !== 'object') {
|
|
335
|
-
throw new Error('Invalid token');
|
|
356
|
+
catch (err) {
|
|
357
|
+
console.error('[MCP-Auth-Error] Token verification failed:', err.message, err.stack);
|
|
358
|
+
throw err;
|
|
336
359
|
}
|
|
337
|
-
const scopeStr = typeof decoded.scope === 'string' ? decoded.scope : '';
|
|
338
|
-
const permissions = Array.isArray(decoded.permissions) ? decoded.permissions : [];
|
|
339
|
-
const scopes = [
|
|
340
|
-
...scopeStr.split(/\s+/).map((s) => s.trim()).filter(Boolean),
|
|
341
|
-
...permissions.map((s) => (typeof s === 'string' ? s.trim() : '')).filter(Boolean),
|
|
342
|
-
];
|
|
343
|
-
const exp = decoded.exp;
|
|
344
|
-
return {
|
|
345
|
-
token,
|
|
346
|
-
clientId: decoded.client_id || 'unknown',
|
|
347
|
-
scopes: Array.from(new Set(scopes)),
|
|
348
|
-
expiresAt: typeof exp === 'number' ? exp : Math.floor(Date.now() / 1000) + 3600,
|
|
349
|
-
};
|
|
350
360
|
},
|
|
351
361
|
};
|
|
352
362
|
const authMiddleware = requireBearerAuth({
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hapticpaper/mcp-server",
|
|
3
3
|
"mcpName": "com.hapticpaper/mcp",
|
|
4
|
-
"version": "1.0.
|
|
4
|
+
"version": "1.0.26",
|
|
5
5
|
"description": "Official MCP Server for Haptic Paper - Connect your account to create human tasks from agentic pipelines.",
|
|
6
6
|
"type": "module",
|
|
7
7
|
"main": "dist/index.js",
|
package/server.json
CHANGED
|
@@ -25,7 +25,7 @@
|
|
|
25
25
|
"subfolder": "packages/mcp-server"
|
|
26
26
|
},
|
|
27
27
|
"websiteUrl": "https://hapticpaper.com/developer",
|
|
28
|
-
"version": "1.0.
|
|
28
|
+
"version": "1.0.26",
|
|
29
29
|
"remotes": [
|
|
30
30
|
{
|
|
31
31
|
"type": "streamable-http",
|
|
@@ -37,7 +37,7 @@
|
|
|
37
37
|
"registryType": "npm",
|
|
38
38
|
"registryBaseUrl": "https://registry.npmjs.org",
|
|
39
39
|
"identifier": "@hapticpaper/mcp-server",
|
|
40
|
-
"version": "1.0.
|
|
40
|
+
"version": "1.0.26",
|
|
41
41
|
"transport": {
|
|
42
42
|
"type": "stdio"
|
|
43
43
|
},
|