@kya-os/mcp-i 1.6.11 → 1.6.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/runtime/http.js +1 -1
- package/dist/runtime/stdio.js +1 -1
- package/dist/runtime/utils/tools.js +9 -24
- package/package.json +1 -1
|
@@ -9,6 +9,7 @@ const auth_handshake_1 = require("../auth-handshake");
|
|
|
9
9
|
const session_1 = require("../session");
|
|
10
10
|
const request_context_1 = require("../request-context");
|
|
11
11
|
const proof_batch_queue_1 = require("../proof-batch-queue");
|
|
12
|
+
const mcp_i_core_1 = require("@kya-os/mcp-i-core");
|
|
12
13
|
const rawRuntimeConfigPath = typeof RUNTIME_CONFIG_PATH !== "undefined" ? RUNTIME_CONFIG_PATH : undefined;
|
|
13
14
|
// Single-parse to match single-stringify from webpack DefinePlugin
|
|
14
15
|
const runtimeConfigPath = rawRuntimeConfigPath
|
|
@@ -510,9 +511,13 @@ async function addToolsToServer(server, toolModules, identityConfig) {
|
|
|
510
511
|
}
|
|
511
512
|
// Check if authorization method matches current tool requirements
|
|
512
513
|
// This prevents stale delegations from working after tool auth method changes
|
|
513
|
-
|
|
514
|
+
// NOTE: Authorization validation only applies when credential is present (AgentShield API verifier).
|
|
515
|
+
// KV/Memory verifiers don't return credential data, so we skip auth method validation for them.
|
|
516
|
+
if (verifyResult.authorized &&
|
|
517
|
+
toolProtection.authorization &&
|
|
518
|
+
verifyResult.credential) {
|
|
514
519
|
const toolAuth = toolProtection.authorization;
|
|
515
|
-
const delegationAuth = verifyResult.credential
|
|
520
|
+
const delegationAuth = verifyResult.credential.authorization;
|
|
516
521
|
// If tool requires authorization but credential doesn't have auth data, reject
|
|
517
522
|
// This prevents bypassing auth checks with incomplete credential data
|
|
518
523
|
if (!delegationAuth) {
|
|
@@ -543,28 +548,8 @@ async function addToolsToServer(server, toolModules, identityConfig) {
|
|
|
543
548
|
isError: true,
|
|
544
549
|
};
|
|
545
550
|
}
|
|
546
|
-
// Compare authorization types
|
|
547
|
-
|
|
548
|
-
// For OAuth, also compare provider (undefined in toolAuth means "any provider acceptable")
|
|
549
|
-
if (authMatches &&
|
|
550
|
-
delegationAuth.type === "oauth" &&
|
|
551
|
-
toolAuth.type === "oauth") {
|
|
552
|
-
// If tool doesn't specify a provider, any provider is acceptable
|
|
553
|
-
if (toolAuth.provider) {
|
|
554
|
-
authMatches = delegationAuth.provider === toolAuth.provider;
|
|
555
|
-
}
|
|
556
|
-
}
|
|
557
|
-
// For credential, also compare credentialType (undefined in toolAuth means "any type acceptable")
|
|
558
|
-
if (authMatches &&
|
|
559
|
-
delegationAuth.type === "credential" &&
|
|
560
|
-
toolAuth.type === "credential") {
|
|
561
|
-
// If tool doesn't specify a credential type, any type is acceptable
|
|
562
|
-
if (toolAuth.credentialType) {
|
|
563
|
-
authMatches =
|
|
564
|
-
delegationAuth.credentialType === toolAuth.credentialType;
|
|
565
|
-
}
|
|
566
|
-
}
|
|
567
|
-
if (!authMatches) {
|
|
551
|
+
// Compare authorization types using the helper function
|
|
552
|
+
if (!(0, mcp_i_core_1.authorizationMatches)(delegationAuth, toolAuth)) {
|
|
568
553
|
if (identityConfig?.debug) {
|
|
569
554
|
console.error(`[MCPI] Tool "${name}" blocked - authorization method mismatch`);
|
|
570
555
|
}
|