@kya-os/mcp-i 1.6.8 → 1.6.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/295.js +1 -1
- package/dist/runtime/adapter-express.js +3 -3
- package/dist/runtime/adapter-nextjs.js +3 -3
- package/dist/runtime/auth-handshake.d.ts +12 -0
- package/dist/runtime/auth-handshake.js +1 -0
- package/dist/runtime/delegation-verifier-agentshield.js +2 -0
- package/dist/runtime/delegation-verifier.d.ts +12 -0
- package/dist/runtime/http.js +3 -3
- package/dist/runtime/stdio.js +3 -3
- package/dist/runtime/tool-protection.d.ts +6 -0
- package/dist/runtime/utils/tools.js +55 -0
- package/package.json +3 -3
|
@@ -21,6 +21,12 @@ export interface ToolProtectionConfig {
|
|
|
21
21
|
riskLevel?: 'low' | 'medium' | 'high' | 'critical';
|
|
22
22
|
/** Optional custom authorization URL for this specific tool */
|
|
23
23
|
authorizationUrl?: string;
|
|
24
|
+
/** Authorization method required for this tool */
|
|
25
|
+
authorization?: {
|
|
26
|
+
type: 'oauth' | 'credential' | 'none';
|
|
27
|
+
provider?: string;
|
|
28
|
+
credentialType?: string;
|
|
29
|
+
};
|
|
24
30
|
}
|
|
25
31
|
/**
|
|
26
32
|
* Map of tool names to their protection configurations
|
|
@@ -508,6 +508,61 @@ async function addToolsToServer(server, toolModules, identityConfig) {
|
|
|
508
508
|
isError: true,
|
|
509
509
|
};
|
|
510
510
|
}
|
|
511
|
+
// Check if authorization method matches current tool requirements
|
|
512
|
+
// This prevents stale delegations from working after tool auth method changes
|
|
513
|
+
if (verifyResult.authorized &&
|
|
514
|
+
verifyResult.credential?.authorization &&
|
|
515
|
+
toolProtection.authorization) {
|
|
516
|
+
const delegationAuth = verifyResult.credential.authorization;
|
|
517
|
+
const toolAuth = toolProtection.authorization;
|
|
518
|
+
// Compare authorization types
|
|
519
|
+
let authMatches = delegationAuth.type === toolAuth.type;
|
|
520
|
+
// For OAuth, also compare provider
|
|
521
|
+
if (authMatches &&
|
|
522
|
+
delegationAuth.type === "oauth" &&
|
|
523
|
+
toolAuth.type === "oauth") {
|
|
524
|
+
authMatches = delegationAuth.provider === toolAuth.provider;
|
|
525
|
+
}
|
|
526
|
+
// For credential, also compare credentialType
|
|
527
|
+
if (authMatches &&
|
|
528
|
+
delegationAuth.type === "credential" &&
|
|
529
|
+
toolAuth.type === "credential") {
|
|
530
|
+
authMatches =
|
|
531
|
+
delegationAuth.credentialType === toolAuth.credentialType;
|
|
532
|
+
}
|
|
533
|
+
if (!authMatches) {
|
|
534
|
+
if (identityConfig?.debug) {
|
|
535
|
+
console.error(`[MCPI] Tool "${name}" blocked - authorization method mismatch`);
|
|
536
|
+
}
|
|
537
|
+
// Build authorization URL for re-authorization
|
|
538
|
+
const authUrl = new URL(authConfig.bouncer.authorizationUrl);
|
|
539
|
+
authUrl.searchParams.set("agent_did", agentDid);
|
|
540
|
+
authUrl.searchParams.set("scopes", (toolProtection.requiredScopes || []).join(","));
|
|
541
|
+
authUrl.searchParams.set("tool", name);
|
|
542
|
+
return {
|
|
543
|
+
content: [
|
|
544
|
+
{
|
|
545
|
+
type: "text",
|
|
546
|
+
text: JSON.stringify({
|
|
547
|
+
error: "authorization_method_mismatch",
|
|
548
|
+
message: `Tool "${name}" requires re-authorization. ` +
|
|
549
|
+
`Delegation was created with ${delegationAuth.type}` +
|
|
550
|
+
`${delegationAuth.provider ? `:${delegationAuth.provider}` : ""}` +
|
|
551
|
+
`${delegationAuth.credentialType ? `:${delegationAuth.credentialType}` : ""} ` +
|
|
552
|
+
`but tool now requires ${toolAuth.type}` +
|
|
553
|
+
`${toolAuth.provider ? `:${toolAuth.provider}` : ""}` +
|
|
554
|
+
`${toolAuth.credentialType ? `:${toolAuth.credentialType}` : ""}.`,
|
|
555
|
+
authorizationUrl: authUrl.toString(),
|
|
556
|
+
scopes: toolProtection.requiredScopes || [],
|
|
557
|
+
currentAuth: delegationAuth,
|
|
558
|
+
requiredAuth: toolAuth,
|
|
559
|
+
}),
|
|
560
|
+
},
|
|
561
|
+
],
|
|
562
|
+
isError: true,
|
|
563
|
+
};
|
|
564
|
+
}
|
|
565
|
+
}
|
|
511
566
|
if (identityConfig?.debug) {
|
|
512
567
|
console.error(`[MCPI] Tool "${name}" authorized - executing handler`);
|
|
513
568
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@kya-os/mcp-i",
|
|
3
|
-
"version": "1.6.
|
|
3
|
+
"version": "1.6.10",
|
|
4
4
|
"description": "The TypeScript MCP framework with identity features built-in",
|
|
5
5
|
"type": "commonjs",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -63,8 +63,8 @@
|
|
|
63
63
|
"model-context-protocol"
|
|
64
64
|
],
|
|
65
65
|
"dependencies": {
|
|
66
|
-
"@kya-os/contracts": "^1.6.
|
|
67
|
-
"@kya-os/mcp-i-core": "^1.3.
|
|
66
|
+
"@kya-os/contracts": "^1.6.14",
|
|
67
|
+
"@kya-os/mcp-i-core": "^1.3.21",
|
|
68
68
|
"@modelcontextprotocol/sdk": "^1.11.4",
|
|
69
69
|
"@swc/core": "^1.11.24",
|
|
70
70
|
"@types/express": "^5.0.1",
|