@loxtep/customer-mcp-server 1.0.4 → 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +18 -2
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +74 -7
- package/dist/cli.js.map +1 -1
- package/dist/index.js +19 -5
- package/dist/index.js.map +1 -1
- package/dist/sign.d.ts +16 -0
- package/dist/sign.d.ts.map +1 -0
- package/dist/sign.js +79 -0
- package/dist/sign.js.map +1 -0
- package/package.json +4 -1
package/README.md
CHANGED
|
@@ -6,11 +6,27 @@ tokens.
|
|
|
6
6
|
|
|
7
7
|
## Prerequisites
|
|
8
8
|
|
|
9
|
-
- **Role:** Your account must have `owner`, `
|
|
10
|
-
`ai:mcp_tools` permission is
|
|
9
|
+
- **Role:** Your account must have `owner`, `org_admin`, or `developer` role. The
|
|
10
|
+
`ai:mcp_tools` permission is granted to those roles. If you get 403
|
|
11
11
|
errors, contact your organization owner.
|
|
12
12
|
- Node.js 18+.
|
|
13
13
|
|
|
14
|
+
## Authentication (Bearer vs SigV4)
|
|
15
|
+
|
|
16
|
+
The server sends your JWT to the Loxtep API in one of two ways:
|
|
17
|
+
|
|
18
|
+
- **SigV4 + JWT (recommended when API is IAM-secured):** If **AWS credentials** are
|
|
19
|
+
available (e.g. `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or the default
|
|
20
|
+
credential chain), the server **signs** the request with AWS Signature V4 and
|
|
21
|
+
sends the JWT in the `x-jwt-token` header. Use this when the Loxtep API is
|
|
22
|
+
behind API Gateway with IAM (`secure: true`); otherwise the gateway returns 403
|
|
23
|
+
before your role is checked.
|
|
24
|
+
- **Bearer only:** If no AWS credentials are found, the server sends
|
|
25
|
+
`Authorization: Bearer <your-jwt>`. This works when the API does not require
|
|
26
|
+
IAM (e.g. a proxy or non-IAM deployment).
|
|
27
|
+
|
|
28
|
+
Optional: `LOXTEP_AWS_REGION` or `AWS_REGION` (default `us-east-1`) for SigV4.
|
|
29
|
+
|
|
14
30
|
## Quickstart
|
|
15
31
|
|
|
16
32
|
### 1. Login (one-time setup)
|
package/dist/cli.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AA4HA,wBAAsB,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC,CAgF9C"}
|
package/dist/cli.js
CHANGED
|
@@ -11,24 +11,91 @@ const PORT = 38473;
|
|
|
11
11
|
const HOST = '127.0.0.1';
|
|
12
12
|
const APP_BASE_URL = getAppBaseUrl();
|
|
13
13
|
const API_BASE_URL = getApiBaseUrl();
|
|
14
|
+
const LOGO_SVG = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1821 414" aria-hidden="true"><path d="M598.9,250.92c-3.41.94-6.71,1.4-9.92,1.4-5.34,0-9.79-1.63-13.32-4.91-3.54-3.27-5.31-8.65-5.31-16.13V20.91h-81.35v212.98c0,15.23,2.3,28.35,6.91,39.37,4.61,11.02,10.75,20.17,18.43,27.45,7.68,7.28,16.6,12.69,26.75,16.23,10.15,3.54,20.7,5.31,31.66,5.31,6.94,0,13.99-.74,21.14-2.2,7.14-1.47,14.12-3.54,20.94-6.21l-5.61-66.92c-3.48,1.74-6.91,3.07-10.32,4.01Z"/><path d="M830.31,127.9c-10.62-9.75-23.38-17.26-38.27-22.54-14.9-5.27-31.49-7.91-49.79-7.91s-35.1,2.64-49.99,7.91c-14.9,5.28-27.65,12.79-38.27,22.54-10.62,9.75-18.8,21.51-24.54,35.26-5.74,13.76-8.62,29.05-8.62,45.88s2.87,32.36,8.62,46.18c5.74,13.83,13.92,25.62,24.54,35.36,10.62,9.75,23.37,17.27,38.27,22.54,14.89,5.28,31.56,7.91,49.99,7.91s34.89-2.64,49.79-7.91c14.89-5.27,27.65-12.79,38.27-22.54,10.62-9.75,18.8-21.54,24.54-35.36,5.74-13.82,8.62-29.22,8.62-46.18s-2.87-32.12-8.62-45.88c-5.74-13.76-13.92-25.51-24.54-35.26ZM778.72,229.88c-1.87,5.88-4.54,10.95-8.01,15.23-3.48,4.28-7.61,7.55-12.42,9.82-4.81,2.27-10.15,3.41-16.03,3.41s-11.25-1.13-16.13-3.41c-4.88-2.27-9.05-5.54-12.52-9.82-3.48-4.27-6.15-9.35-8.01-15.23-1.87-5.88-2.8-12.49-2.8-19.83s.93-13.76,2.8-19.64c1.87-5.88,4.54-10.95,8.01-15.23,3.47-4.27,7.64-7.54,12.52-9.82,4.87-2.27,10.25-3.41,16.13-3.41s11.22,1.14,16.03,3.41c4.81,2.27,8.95,5.54,12.42,9.82,3.47,4.28,6.14,9.35,8.01,15.23,1.87,5.88,2.81,12.42,2.81,19.64s-.94,13.96-2.81,19.83Z"/><polygon points="1113.31 100.25 1024.36 100.25 990.9 156.35 961.24 100.25 867.88 100.25 936.4 206.64 863.47 318.24 952.83 318.24 990.9 256.73 1024.56 318.24 1118.12 318.24 1045.19 206.44 1113.31 100.25"/><path d="M1263.68,256.33c-4.21,1.2-7.91,1.8-11.12,1.8-2.81.13-5.38-.23-7.71-1.1-2.34-.87-4.31-2.17-5.91-3.91-1.6-1.73-2.84-3.91-3.71-6.51-.87-2.6-1.3-5.64-1.3-9.12v-85.15h53.7v-52.09h-53.7v-49.49h-80.94v49.49h-30.05v52.09h30.05v97.57c0,11.36,1.87,21.51,5.61,30.46,3.74,8.95,9.05,16.5,15.93,22.64,6.88,6.15,15.09,10.85,24.64,14.13,9.55,3.27,20.14,4.84,31.76,4.71,5.61,0,11.22-.3,16.83-.9,5.61-.6,11.02-1.54,16.23-2.81,5.21-1.27,10.18-2.77,14.93-4.51,4.74-1.73,8.92-3.67,12.52-5.81l-14.43-56.1c-4.68,1.87-9.12,3.41-13.32,4.61Z"/><path d="M1500.7,133.21c-9.69-11.42-21.87-20.24-36.57-26.45-14.69-6.21-31.52-9.32-50.49-9.32-17.23,0-32.93,2.67-47.08,8.01-14.16,5.34-26.28,12.92-36.36,22.74-10.09,9.82-17.9,21.64-23.44,35.46-5.54,13.82-8.31,29.29-8.31,46.38s2.67,32.06,8.01,45.68c5.34,13.62,13.05,25.31,23.14,35.06,10.08,9.75,22.41,17.23,36.97,22.44,14.56,5.21,30.99,7.81,49.29,7.81,20.7,0,39.17-3.37,55.4-10.12,16.23-6.74,30.08-16.46,41.57-29.15l-42.28-41.67c-7.08,6.81-14.69,11.99-22.84,15.53-8.15,3.54-16.43,5.31-24.84,5.31-6.95,0-13.22-1.23-18.83-3.71-5.61-2.47-10.39-6.04-14.33-10.72-3.94-4.67-7.01-10.48-9.22-17.43-.02-.07-.04-.13-.06-.2h146.42c1.2-20.04-.44-38.13-4.91-54.3-4.48-16.16-11.55-29.95-21.24-41.37ZM1446.71,189.01h-68.05c.3-1.57.64-3.11,1.03-4.61,1.67-6.41,4.11-11.99,7.31-16.73,3.21-4.74,7.11-8.45,11.72-11.12,4.61-2.67,9.78-4.01,15.53-4.01,4.94,0,9.42.87,13.42,2.6,4.01,1.74,7.48,4.24,10.42,7.51,2.94,3.27,5.14,7.15,6.61,11.62,1.47,4.48,2.13,9.39,2,14.73Z"/><path d="M1795.72,163.96c-4.81-13.89-11.62-25.75-20.44-35.56-8.82-9.82-19.4-17.43-31.76-22.84-12.36-5.41-26.15-8.12-41.37-8.12-12.96,0-24.64,2.64-35.06,7.91-9.4,4.76-17.54,11.39-24.44,19.85v-24.96h-81.34v295.73h81.34v-102.93c7.21,8.61,15.74,15.36,25.65,20.19,10.69,5.21,22.64,7.81,35.86,7.81,15.09,0,28.72-2.6,40.87-7.81,12.15-5.21,22.51-12.65,31.06-22.34,8.55-9.68,15.16-21.3,19.84-34.86,4.67-13.56,7.01-28.75,7.01-45.58s-2.4-32.59-7.21-46.48ZM1717.99,228.08c-1.87,5.88-4.51,10.95-7.91,15.23-3.41,4.28-7.51,7.55-12.32,9.82-4.81,2.27-10.22,3.41-16.23,3.41s-11.02-1.13-15.83-3.41c-4.81-2.27-8.92-5.54-12.32-9.82-3.41-4.27-6.05-9.35-7.91-15.23-1.87-5.88-2.81-12.42-2.81-19.63s.93-13.79,2.81-19.74c1.87-5.94,4.51-11.02,7.91-15.23,3.41-4.21,7.51-7.48,12.32-9.82,4.81-2.34,10.08-3.51,15.83-3.51s11.42,1.17,16.23,3.51c4.81,2.34,8.92,5.64,12.32,9.92,3.41,4.28,6.04,9.35,7.91,15.23,1.87,5.88,2.81,12.42,2.81,19.63s-.94,13.76-2.81,19.63Z"/><circle cx="298.46" cy="332.47" r="46.07" transform="translate(-147.68 308.42) rotate(-45)"/><path d="M367.89,171.43l-58.18-34.79-77.46,46.33,29.12,17.42-26.54,15.87-24.2,14.48-77.46,46.33-24.21,14.48-67.74,40.52,77.46,46.33,67.75-40.52,24.21-14.48,77.46-46.33,24.2-14.48,55.59-33.24c26.63-15.93,26.63-41.99,0-57.91Z"/><circle cx="114.04" cy="61.97" r="46.07" transform="translate(-8.45 19.07) rotate(-9.22)"/><path d="M102.78,257.8l77.46-46.33-29.12-17.42,26.54-15.87,24.2-14.48,77.46-46.33,24.21-14.48,67.74-40.52-77.46-46.33-67.75,40.52-24.21,14.48-77.46,46.33-24.2,14.48-55.59,33.24c-26.63,15.93-26.63,41.99,0,57.91l58.18,34.79Z"/></svg>';
|
|
14
15
|
function getCallbackPage() {
|
|
16
|
+
const appUrl = APP_BASE_URL;
|
|
15
17
|
return `<!DOCTYPE html>
|
|
16
|
-
<html>
|
|
17
|
-
<head
|
|
18
|
+
<html lang="en">
|
|
19
|
+
<head>
|
|
20
|
+
<meta charset="utf-8">
|
|
21
|
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
22
|
+
<title>Loxtep MCP Login</title>
|
|
23
|
+
<style>
|
|
24
|
+
* { box-sizing: border-box; }
|
|
25
|
+
body {
|
|
26
|
+
margin: 0;
|
|
27
|
+
min-height: 100vh;
|
|
28
|
+
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
|
|
29
|
+
background: linear-gradient(180deg, #f8fafc 0%, #e2e8f0 100%);
|
|
30
|
+
color: #1e293b;
|
|
31
|
+
display: flex;
|
|
32
|
+
align-items: center;
|
|
33
|
+
justify-content: center;
|
|
34
|
+
padding: 24px;
|
|
35
|
+
}
|
|
36
|
+
.card {
|
|
37
|
+
background: #fff;
|
|
38
|
+
border-radius: 12px;
|
|
39
|
+
box-shadow: 0 4px 24px rgba(0,0,0,0.08);
|
|
40
|
+
padding: 40px 32px;
|
|
41
|
+
max-width: 400px;
|
|
42
|
+
width: 100%;
|
|
43
|
+
text-align: center;
|
|
44
|
+
}
|
|
45
|
+
.logo {
|
|
46
|
+
width: 160px;
|
|
47
|
+
height: auto;
|
|
48
|
+
margin: 0 auto 24px;
|
|
49
|
+
display: block;
|
|
50
|
+
color: #0f172a;
|
|
51
|
+
}
|
|
52
|
+
.logo svg { width: 100%; height: auto; }
|
|
53
|
+
.msg {
|
|
54
|
+
font-size: 1rem;
|
|
55
|
+
line-height: 1.5;
|
|
56
|
+
margin: 0 0 20px;
|
|
57
|
+
color: #334155;
|
|
58
|
+
}
|
|
59
|
+
.msg.error { color: #b91c1c; }
|
|
60
|
+
a {
|
|
61
|
+
color: #2563eb;
|
|
62
|
+
text-decoration: none;
|
|
63
|
+
font-size: 0.9375rem;
|
|
64
|
+
font-weight: 500;
|
|
65
|
+
}
|
|
66
|
+
a:hover { text-decoration: underline; }
|
|
67
|
+
</style>
|
|
68
|
+
</head>
|
|
18
69
|
<body>
|
|
19
|
-
<
|
|
70
|
+
<div class="card">
|
|
71
|
+
<div class="logo">${LOGO_SVG}</div>
|
|
72
|
+
<p id="msg" class="msg">Connecting...</p>
|
|
73
|
+
<a id="appLink" href="${appUrl}" style="display: none;">Open Loxtep →</a>
|
|
74
|
+
</div>
|
|
20
75
|
<script>
|
|
21
76
|
(function() {
|
|
77
|
+
var appLink = document.getElementById('appLink');
|
|
78
|
+
var msg = document.getElementById('msg');
|
|
79
|
+
function showSuccess(text) {
|
|
80
|
+
msg.textContent = text || 'Login successful. You can close this window.';
|
|
81
|
+
msg.classList.remove('error');
|
|
82
|
+
appLink.style.display = 'inline-block';
|
|
83
|
+
}
|
|
84
|
+
function showError(text) {
|
|
85
|
+
msg.textContent = text;
|
|
86
|
+
msg.classList.add('error');
|
|
87
|
+
appLink.style.display = 'inline-block';
|
|
88
|
+
}
|
|
22
89
|
var hash = window.location.hash.slice(1);
|
|
23
90
|
if (!hash) {
|
|
24
|
-
|
|
91
|
+
showError('No tokens in URL. Close this window and run: npx @loxtep/customer-mcp-server login');
|
|
25
92
|
return;
|
|
26
93
|
}
|
|
27
94
|
var params = new URLSearchParams(hash);
|
|
28
95
|
var access_token = params.get('access_token');
|
|
29
96
|
var refresh_token = params.get('refresh_token');
|
|
30
97
|
if (!access_token || !refresh_token) {
|
|
31
|
-
|
|
98
|
+
showError('Missing access_token or refresh_token. Close and run: npx @loxtep/customer-mcp-server login');
|
|
32
99
|
return;
|
|
33
100
|
}
|
|
34
101
|
fetch('/receive', {
|
|
@@ -39,9 +106,9 @@ function getCallbackPage() {
|
|
|
39
106
|
if (r.ok) return r.text();
|
|
40
107
|
throw new Error(r.status + ' ' + r.statusText);
|
|
41
108
|
}).then(function(text) {
|
|
42
|
-
|
|
109
|
+
showSuccess(text || 'Login successful. You can close this window.');
|
|
43
110
|
}).catch(function(e) {
|
|
44
|
-
|
|
111
|
+
showError('Error: ' + e.message + '. You can close this window and try again (npx @loxtep/customer-mcp-server login).');
|
|
45
112
|
});
|
|
46
113
|
})();
|
|
47
114
|
</script>
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,YAAY,EAAmC,MAAM,MAAM,CAAC;AACrE,OAAO,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,KAAK,CAAC;AACxC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACxD,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAErC,MAAM,IAAI,GAAG,KAAK,CAAC;AACnB,MAAM,IAAI,GAAG,WAAW,CAAC;AAEzB,MAAM,YAAY,GAAG,aAAa,EAAE,CAAC;AACrC,MAAM,YAAY,GAAG,aAAa,EAAE,CAAC;AAErC,SAAS,eAAe;IACtB,OAAO
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,YAAY,EAAmC,MAAM,MAAM,CAAC;AACrE,OAAO,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,KAAK,CAAC;AACxC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACxD,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAErC,MAAM,IAAI,GAAG,KAAK,CAAC;AACnB,MAAM,IAAI,GAAG,WAAW,CAAC;AAEzB,MAAM,YAAY,GAAG,aAAa,EAAE,CAAC;AACrC,MAAM,YAAY,GAAG,aAAa,EAAE,CAAC;AAErC,MAAM,QAAQ,GACZ,8lJAA8lJ,CAAC;AAEjmJ,SAAS,eAAe;IACtB,MAAM,MAAM,GAAG,YAAY,CAAC;IAC5B,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wBAsDe,QAAQ;;4BAEJ,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA2C1B,CAAC;AACT,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,QAAQ;IAC5B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,GAAoB,EAAE,GAAmB,EAAE,EAAE;YACxE,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC;YAErC,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;gBACrD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC;gBAC3B,OAAO;YACT,CAAC;YAED,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,KAAK,UAAU,EAAE,CAAC;gBACrD,IAAI,IAAI,GAAG,EAAE,CAAC;gBACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC;gBACzC,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;oBACjB,IAAI,CAAC;wBACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAsD,CAAC;wBACnF,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;wBACvC,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;wBACzC,IAAI,CAAC,YAAY,IAAI,CAAC,aAAa,EAAE,CAAC;4BACpC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;4BACrD,GAAG,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;4BACjD,OAAO;wBACT,CAAC;wBACD,MAAM,UAAU,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAC;wBACrD,cAAc,CAAC;4BACb,YAAY;4BACZ,aAAa;4BACb,UAAU;4BACV,YAAY,EAAE,YAAY;yBAC3B,CAAC,CAAC;wBACH,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;wBACrD,GAAG,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;wBACxD,IAAI,EAAE,CAAC;oBACT,CAAC;oBAAC,OAAO,CAAC,EAAE,CAAC;wBACX,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;wBACrD,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;oBAC/B,CAAC;gBACH,CAAC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvB,CAAC,CAAC,CAAC;QAEH,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,SAAS,IAAI;YACX,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,UAAU,CAAC,GAAG,EAAE;gBACd,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;YAChC,CAAC,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YAC7B,MAAM,OAAO,GAAG,GAAG,YAAY,kBAAkB,IAAI,EAAE,CAAC;YACxD,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBACxB,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,OAAO,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,6CAA6C,GAAG,IAAI,CAAC,CAAC;YAClE,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;YAChD,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC9B,OAAO,CAAC,KAAK,CACX,iIAAiI,CAClI,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;YACtC,CAAC;YACD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,GAAG,IAAI,CAAC;gBACf,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,gDAAgD;AAChD,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAE5B,SAAS,WAAW;IAClB,2CAA2C;IAC3C,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IAEhD,4EAA4E;IAC5E,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE;QACvC,KAAK,EAAE,SAAS;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;KACjB,CAAC,CAAC;IAEH,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE;QACtB,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;IACpB,QAAQ,EAAE;SACP,IAAI,CAAC,GAAG,EAAE;QACT,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;SACD,KAAK,CAAC,GAAG,CAAC,EAAE;QACX,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACP,CAAC;KAAM,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;IACjD,WAAW,EAAE,CAAC;AAChB,CAAC;KAAM,IAAI,CAAC,GAAG,EAAE,CAAC;IAChB,6DAA6D;IAC7D,WAAW,EAAE,CAAC;AAChB,CAAC;KAAM,CAAC;IACN,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtB,OAAO,CAAC,GAAG,CAAC,qEAAqE,CAAC,CAAC;IACnF,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;IAC9E,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAC;IACrF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -4,6 +4,7 @@ import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js'
|
|
|
4
4
|
import { CallToolRequestSchema, ListToolsRequestSchema, InitializeRequestSchema, PingRequestSchema, ListResourcesRequestSchema, ReadResourceRequestSchema, ListPromptsRequestSchema, GetPromptRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
|
|
5
5
|
import { getTools } from './tools.js';
|
|
6
6
|
import { loadTokens, isAccessExpired, refreshAccess, writeTokenFile, } from './auth.js';
|
|
7
|
+
import { signRequest } from './sign.js';
|
|
7
8
|
const DEBUG = process.env.MCP_DEBUG === '1' || process.env.MCP_DEBUG === 'true';
|
|
8
9
|
function log(msg, data) {
|
|
9
10
|
if (DEBUG) {
|
|
@@ -40,13 +41,26 @@ async function ensureValidTokens() {
|
|
|
40
41
|
}
|
|
41
42
|
async function callToolApi(apiBaseUrl, accessToken, name, args) {
|
|
42
43
|
const url = `${apiBaseUrl.replace(/\/$/, '')}/ai/mcp/tools/call`;
|
|
43
|
-
const
|
|
44
|
-
|
|
45
|
-
|
|
44
|
+
const body = JSON.stringify({ name, arguments: args ?? {} });
|
|
45
|
+
let headers;
|
|
46
|
+
const signed = await signRequest('POST', url, {
|
|
47
|
+
'content-type': 'application/json',
|
|
48
|
+
'x-jwt-token': accessToken,
|
|
49
|
+
}, body);
|
|
50
|
+
if (signed) {
|
|
51
|
+
headers = signed;
|
|
52
|
+
log('Using SigV4 + x-jwt-token');
|
|
53
|
+
}
|
|
54
|
+
else {
|
|
55
|
+
headers = {
|
|
46
56
|
'Content-Type': 'application/json',
|
|
47
57
|
Authorization: `Bearer ${accessToken}`,
|
|
48
|
-
}
|
|
49
|
-
|
|
58
|
+
};
|
|
59
|
+
}
|
|
60
|
+
const res = await fetch(url, {
|
|
61
|
+
method: 'POST',
|
|
62
|
+
headers,
|
|
63
|
+
body,
|
|
50
64
|
});
|
|
51
65
|
if (res.status === 401) {
|
|
52
66
|
throw new Error('Unauthorized (token expired or invalid). Run `npx @loxtep/customer-mcp-server login` again.');
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EACL,UAAU,EACV,eAAe,EACf,aAAa,EACb,cAAc,GAGf,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAE5C,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EACL,UAAU,EACV,eAAe,EACf,aAAa,EACb,cAAc,GAGf,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,MAAM,CAAC;AAEhF,SAAS,GAAG,CAAC,GAAW,EAAE,IAAc;IACtC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,KAAK,CAAC,kBAAkB,GAAG,EAAE,EAAE,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzF,CAAC;AACH,CAAC;AAED,uFAAuF;AACvF,KAAK,UAAU,iBAAiB;IAC9B,IAAI,MAAM,GAAG,UAAU,EAAE,CAAC;IAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CACb,0GAA0G,CAC3G,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,IAAI,eAAe,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACpD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;QACjF,MAAM,OAAO,GAAc;YACzB,YAAY,EAAE,SAAS,CAAC,YAAY;YACpC,aAAa,EAAE,SAAS,CAAC,aAAa;YACtC,UAAU,EAAE,SAAS,CAAC,UAAU;YAChC,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAC;QACF,cAAc,CAAC,OAAO,CAAC,CAAC;QACxB,MAAM,GAAG;YACP,YAAY,EAAE,SAAS,CAAC,YAAY;YACpC,aAAa,EAAE,SAAS,CAAC,aAAa;YACtC,UAAU,EAAE,SAAS,CAAC,UAAU;YAChC,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAC;QACF,GAAG,CAAC,4BAA4B,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,WAAW,CACxB,UAAkB,EAClB,WAAmB,EACnB,IAAY,EACZ,IAA6B;IAE7B,MAAM,GAAG,GAAG,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,oBAAoB,CAAC;IACjE,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;IAE7D,IAAI,OAA+B,CAAC;IACpC,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,EACN,GAAG,EACH;QACE,cAAc,EAAE,kBAAkB;QAClC,aAAa,EAAE,WAAW;KAC3B,EACD,IAAI,CACL,CAAC;IACF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,GAAG,MAAM,CAAC;QACjB,GAAG,CAAC,2BAA2B,CAAC,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,OAAO,GAAG;YACR,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,UAAU,WAAW,EAAE;SACvC,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,MAAM,EAAE,MAAM;QACd,OAAO;QACP,IAAI;KACL,CAAC,CAAC;IAEH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAC;IACjH,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,qFAAqF,CACtF,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,qBAAqB,GAAG,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAG7B,CAAC;IACF,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IACD,MAAM,OAAO,GAA2C,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAClF,IAAI,EAAE,MAAe;QACrB,IAAI,EAAE,CAAC,CAAC,IAAI;KACb,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,OAAO,EAAE,CAAC;AACrB,CAAC;AAED,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;IACE,IAAI,EAAE,qBAAqB;IAC3B,OAAO,EAAE,OAAO;CACjB,EACD;IACE,YAAY,EAAE;QACZ,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;KACZ;CACF,CACF,CAAC;AAEF,MAAM,QAAQ,GAAW,QAAQ,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC5C,IAAI,EAAE,CAAC,CAAC,IAAI;IACZ,WAAW,EAAE,CAAC,CAAC,WAAW;IAC1B,WAAW,EAAE,CAAC,CAAC,WAAkC;CAClD,CAAC,CAAC,CAAC;AAEJ,MAAM,CAAC,iBAAiB,CAAC,uBAAuB,EAAE,KAAK,IAAI,EAAE;IAC3D,GAAG,CAAC,YAAY,CAAC,CAAC;IAClB,OAAO;QACL,eAAe,EAAE,YAAY;QAC7B,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE;QACvD,UAAU,EAAE,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,OAAO,EAAE;KAC9D,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE;IAC1D,GAAG,CAAC,WAAW,CAAC,CAAC;IACjB,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAC,GAAG,EAAC,EAAE;IAC1D,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAC7C,GAAG,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1B,MAAM,MAAM,GAAG,MAAM,iBAAiB,EAAE,CAAC;IACzC,MAAM,MAAM,GAAG,MAAM,WAAW,CAC9B,MAAM,CAAC,YAAY,EACnB,MAAM,CAAC,YAAY,EACnB,IAAI,EACH,IAAgC,IAAI,EAAE,CACxC,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,iBAAiB,CAAC,iBAAiB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9D,MAAM,CAAC,iBAAiB,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AACtF,MAAM,CAAC,iBAAiB,CAAC,yBAAyB,EAAE,KAAK,IAAI,EAAE;IAC7D,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAC5C,CAAC,CAAC,CAAC;AACH,MAAM,CAAC,iBAAiB,CAAC,wBAAwB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AAClF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE;IAC1D,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;AAC1C,CAAC,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;AACzB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;IACjB,OAAO,CAAC,KAAK,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/sign.d.ts
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Optional AWS SigV4 signing for MCP tool API calls.
|
|
3
|
+
* When the Loxtep API is behind API Gateway with IAM (secure: true), requests must be
|
|
4
|
+
* signed. We send the JWT in x-jwt-token so the Lambda can perform RBAC.
|
|
5
|
+
* When AWS credentials are not available, callers use Bearer token only.
|
|
6
|
+
*/
|
|
7
|
+
export interface SignedHeaders {
|
|
8
|
+
[key: string]: string;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Try to sign a request with SigV4. Returns null if credentials are unavailable.
|
|
12
|
+
* When non-null, the caller must send these headers (including x-jwt-token) and must NOT
|
|
13
|
+
* send Authorization: Bearer (API Gateway expects SigV4 in Authorization).
|
|
14
|
+
*/
|
|
15
|
+
export declare function signRequest(method: string, url: string, headers: Record<string, string>, body?: string): Promise<SignedHeaders | null>;
|
|
16
|
+
//# sourceMappingURL=sign.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AASH,MAAM,WAAW,aAAa;IAC5B,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CACvB;AAED;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,IAAI,CAAC,EAAE,MAAM,GACZ,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CA+D/B"}
|
package/dist/sign.js
ADDED
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Optional AWS SigV4 signing for MCP tool API calls.
|
|
3
|
+
* When the Loxtep API is behind API Gateway with IAM (secure: true), requests must be
|
|
4
|
+
* signed. We send the JWT in x-jwt-token so the Lambda can perform RBAC.
|
|
5
|
+
* When AWS credentials are not available, callers use Bearer token only.
|
|
6
|
+
*/
|
|
7
|
+
import { SignatureV4 } from '@smithy/signature-v4';
|
|
8
|
+
import { Sha256 } from '@aws-crypto/sha256-js';
|
|
9
|
+
import { defaultProvider } from '@aws-sdk/credential-provider-node';
|
|
10
|
+
const region = process.env.LOXTEP_AWS_REGION || process.env.AWS_REGION || 'us-east-1';
|
|
11
|
+
const service = 'execute-api';
|
|
12
|
+
/**
|
|
13
|
+
* Try to sign a request with SigV4. Returns null if credentials are unavailable.
|
|
14
|
+
* When non-null, the caller must send these headers (including x-jwt-token) and must NOT
|
|
15
|
+
* send Authorization: Bearer (API Gateway expects SigV4 in Authorization).
|
|
16
|
+
*/
|
|
17
|
+
export async function signRequest(method, url, headers, body) {
|
|
18
|
+
try {
|
|
19
|
+
const credentials = await defaultProvider()();
|
|
20
|
+
if (!credentials?.accessKeyId || !credentials?.secretAccessKey) {
|
|
21
|
+
return null;
|
|
22
|
+
}
|
|
23
|
+
const parsedUrl = new URL(url);
|
|
24
|
+
const requestHeaders = {
|
|
25
|
+
host: parsedUrl.host,
|
|
26
|
+
'content-type': headers['content-type'] || 'application/json',
|
|
27
|
+
...headers,
|
|
28
|
+
};
|
|
29
|
+
const signer = new SignatureV4({
|
|
30
|
+
credentials: {
|
|
31
|
+
accessKeyId: credentials.accessKeyId,
|
|
32
|
+
secretAccessKey: credentials.secretAccessKey,
|
|
33
|
+
sessionToken: credentials.sessionToken,
|
|
34
|
+
},
|
|
35
|
+
region,
|
|
36
|
+
service,
|
|
37
|
+
sha256: Sha256,
|
|
38
|
+
applyChecksum: false,
|
|
39
|
+
uriEscapePath: true,
|
|
40
|
+
});
|
|
41
|
+
const query = {};
|
|
42
|
+
for (const [key, value] of parsedUrl.searchParams.entries()) {
|
|
43
|
+
const existing = query[key];
|
|
44
|
+
if (existing === undefined) {
|
|
45
|
+
query[key] = value;
|
|
46
|
+
}
|
|
47
|
+
else if (Array.isArray(existing)) {
|
|
48
|
+
existing.push(value);
|
|
49
|
+
}
|
|
50
|
+
else {
|
|
51
|
+
query[key] = [existing, value];
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
const signed = await signer.sign({
|
|
55
|
+
method,
|
|
56
|
+
hostname: parsedUrl.hostname,
|
|
57
|
+
path: parsedUrl.pathname,
|
|
58
|
+
protocol: 'https:',
|
|
59
|
+
query: query,
|
|
60
|
+
headers: requestHeaders,
|
|
61
|
+
body,
|
|
62
|
+
});
|
|
63
|
+
const out = {};
|
|
64
|
+
for (const [key, value] of Object.entries(signed.headers)) {
|
|
65
|
+
if (value != null && key.toLowerCase() !== 'x-amz-content-sha256') {
|
|
66
|
+
out[key] = Array.isArray(value) ? value.join(',') : String(value);
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
// Preserve x-jwt-token in output (signer may have normalized header names)
|
|
70
|
+
if (headers['x-jwt-token']) {
|
|
71
|
+
out['x-jwt-token'] = headers['x-jwt-token'];
|
|
72
|
+
}
|
|
73
|
+
return out;
|
|
74
|
+
}
|
|
75
|
+
catch {
|
|
76
|
+
return null;
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
//# sourceMappingURL=sign.js.map
|
package/dist/sign.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sign.js","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,WAAW,CAAC;AACtF,MAAM,OAAO,GAAG,aAAa,CAAC;AAM9B;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAc,EACd,GAAW,EACX,OAA+B,EAC/B,IAAa;IAEb,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,eAAe,EAAE,EAAE,CAAC;QAC9C,IAAI,CAAC,WAAW,EAAE,WAAW,IAAI,CAAC,WAAW,EAAE,eAAe,EAAE,CAAC;YAC/D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,cAAc,GAA2B;YAC7C,IAAI,EAAE,SAAS,CAAC,IAAI;YACpB,cAAc,EAAE,OAAO,CAAC,cAAc,CAAC,IAAI,kBAAkB;YAC7D,GAAG,OAAO;SACX,CAAC;QAEF,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC;YAC7B,WAAW,EAAE;gBACX,WAAW,EAAE,WAAW,CAAC,WAAW;gBACpC,eAAe,EAAE,WAAW,CAAC,eAAe;gBAC5C,YAAY,EAAE,WAAW,CAAC,YAAY;aACvC;YACD,MAAM;YACN,OAAO;YACP,MAAM,EAAE,MAAM;YACd,aAAa,EAAE,KAAK;YACpB,aAAa,EAAE,IAAI;SACpB,CAAC,CAAC;QAEH,MAAM,KAAK,GAAsC,EAAE,CAAC;QACpD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,SAAS,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE,CAAC;YAC5D,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5B,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,KAAK,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACrB,CAAC;iBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC;YAC/B,MAAM;YACN,QAAQ,EAAE,SAAS,CAAC,QAAQ;YAC5B,IAAI,EAAE,SAAS,CAAC,QAAQ;YACxB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,KAA0C;YACjD,OAAO,EAAE,cAAc;YACvB,IAAI;SACL,CAAC,CAAC;QAEH,MAAM,GAAG,GAAkB,EAAE,CAAC;QAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1D,IAAI,KAAK,IAAI,IAAI,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,sBAAsB,EAAE,CAAC;gBAClE,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QACD,2EAA2E;QAC3E,IAAI,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QAC9C,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@loxtep/customer-mcp-server",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.6",
|
|
4
4
|
"description": "Customer MCP proxy: login via app UI, stdio server that forwards tool calls to Loxtep API",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -19,7 +19,10 @@
|
|
|
19
19
|
"author": "Loxtep Team",
|
|
20
20
|
"license": "MIT",
|
|
21
21
|
"dependencies": {
|
|
22
|
+
"@aws-crypto/sha256-js": "^5.2.0",
|
|
23
|
+
"@aws-sdk/credential-provider-node": "^3.700.0",
|
|
22
24
|
"@modelcontextprotocol/sdk": "^1.15.1",
|
|
25
|
+
"@smithy/signature-v4": "^5.3.5",
|
|
23
26
|
"express": "^4.21.0",
|
|
24
27
|
"jsonwebtoken": "^9.0.2",
|
|
25
28
|
"open": "^10.0.0"
|