npm - @n8n/n8n-nodes-langchain - Versions diffs - 1.122.33 → 1.122.34 - Mend

@n8n/n8n-nodes-langchain 1.122.33 → 1.122.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/nodes/mcp/McpClient/McpClient.node.js CHANGED Viewed

@@ -237,13 +237,15 @@ class McpClient {
     const serverTransport = this.getNodeParameter("serverTransport", 0);
     const endpointUrl = this.getNodeParameter("endpointUrl", 0);
     const node = this.getNode();
-    const { headers } = await (0, import_utils.getAuthHeaders)(this, authentication);
+    const { headers, credentials: credentials2 } = await (0, import_utils.getAuthHeaders)(this, authentication);
+    const allowedDomains = (0, import_utils.assertCredentialAllowsUrl)(node, credentials2, endpointUrl);
     const client = await (0, import_utils.connectMcpClient)({
       serverTransport,
       endpointUrl,
       headers,
       name: node.type,
       version: node.typeVersion,
+      allowedDomains,
       onUnauthorized: async (headers2) => await (0, import_utils.tryRefreshOAuth2Token)(this, authentication, headers2)
     });
     if (!client.ok) {

package/dist/nodes/mcp/McpClient/McpClient.node.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../nodes/mcp/McpClient/McpClient.node.ts"],"sourcesContent":["import type { CallToolResult } from '@modelcontextprotocol/sdk/types.js';\nimport type {\n\tIBinaryKeyData,\n\tIDataObject,\n\tIExecuteFunctions,\n\tINodeExecutionData,\n\tINodeType,\n\tINodeTypeDescription,\n\tNodeExecutionWithMetadata,\n} from 'n8n-workflow';\nimport { jsonParse, NodeConnectionTypes, NodeOperationError } from 'n8n-workflow';\nimport { ZodError } from 'zod';\nimport { prettifyError } from 'zod/v4/core';\n\nimport * as listSearch from './listSearch';\nimport * as resourceMapping from './resourceMapping';\nimport { credentials, transportSelect } from '../shared/descriptions';\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tgetAuthHeaders,\n\ttryRefreshOAuth2Token,\n\tconnectMcpClient,\n\tmapToNodeOperationError,\n} from '../shared/utils';\n\nexport class McpClient implements INodeType {\n\tdescription: INodeTypeDescription = {\n\t\tdisplayName: 'MCP Client',\n\t\tdescription: 'Standalone MCP Client',\n\t\tname: 'mcpClient',\n\t\ticon: {\n\t\t\tlight: 'file:../mcp.svg',\n\t\t\tdark: 'file:../mcp.dark.svg',\n\t\t},\n\t\tgroup: ['transform'],\n\t\tversion: 1,\n\t\tdefaults: {\n\t\t\tname: 'MCP Client',\n\t\t},\n\t\tcredentials,\n\t\tinputs: [NodeConnectionTypes.Main],\n\t\toutputs: [NodeConnectionTypes.Main],\n\t\tproperties: [\n\t\t\ttransportSelect({\n\t\t\t\tdefaultOption: 'httpStreamable',\n\t\t\t}),\n\t\t\t{\n\t\t\t\tdisplayName: 'MCP Endpoint URL',\n\t\t\t\tname: 'endpointUrl',\n\t\t\t\ttype: 'string',\n\t\t\t\tdefault: '',\n\t\t\t\tplaceholder: 'e.g. https://my-mcp-server.ai/mcp',\n\t\t\t\trequired: true,\n\t\t\t\tdescription: 'The URL of the MCP server to connect to',\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Authentication',\n\t\t\t\tname: 'authentication',\n\t\t\t\ttype: 'options',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Bearer Auth',\n\t\t\t\t\t\tvalue: 'bearerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Header Auth',\n\t\t\t\t\t\tvalue: 'headerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'MCP OAuth2',\n\t\t\t\t\t\tvalue: 'mcpOAuth2Api',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Multiple Headers Auth',\n\t\t\t\t\t\tvalue: 'multipleHeadersAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'None',\n\t\t\t\t\t\tvalue: 'none',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tdefault: 'none',\n\t\t\t\tdescription: 'The way to authenticate with your endpoint',\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Credentials',\n\t\t\t\tname: 'credentials',\n\t\t\t\ttype: 'credentials',\n\t\t\t\tdefault: '',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tauthentication: ['headerAuth', 'bearerAuth', 'mcpOAuth2Api', 'multipleHeadersAuth'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tool',\n\t\t\t\tname: 'tool',\n\t\t\t\ttype: 'resourceLocator',\n\t\t\t\tdefault: { mode: 'list', value: '' },\n\t\t\t\trequired: true,\n\t\t\t\tdescription: 'The tool to use',\n\t\t\t\tmodes: [\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'From List',\n\t\t\t\t\t\tname: 'list',\n\t\t\t\t\t\ttype: 'list',\n\t\t\t\t\t\ttypeOptions: {\n\t\t\t\t\t\t\tsearchListMethod: 'getTools',\n\t\t\t\t\t\t\tsearchable: true,\n\t\t\t\t\t\t\tskipCredentialsCheckInRLC: true,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'ID',\n\t\t\t\t\t\tname: 'id',\n\t\t\t\t\t\ttype: 'string',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Input Mode',\n\t\t\t\tname: 'inputMode',\n\t\t\t\ttype: 'options',\n\t\t\t\tdefault: 'manual',\n\t\t\t\tnoDataExpression: true,\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Manual',\n\t\t\t\t\t\tvalue: 'manual',\n\t\t\t\t\t\tdescription: 'Manually specify the input data for each tool parameter',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'JSON',\n\t\t\t\t\t\tvalue: 'json',\n\t\t\t\t\t\tdescription: 'Specify the input data as a JSON object',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Parameters',\n\t\t\t\tname: 'parameters',\n\t\t\t\ttype: 'resourceMapper',\n\t\t\t\tdefault: {\n\t\t\t\t\tmappingMode: 'defineBelow',\n\t\t\t\t\tvalue: null,\n\t\t\t\t},\n\t\t\t\tnoDataExpression: true,\n\t\t\t\trequired: true,\n\t\t\t\ttypeOptions: {\n\t\t\t\t\tloadOptionsDependsOn: ['tool.value'],\n\t\t\t\t\tresourceMapper: {\n\t\t\t\t\t\tresourceMapperMethod: 'getToolParameters',\n\t\t\t\t\t\thideNoDataError: true,\n\t\t\t\t\t\taddAllFields: false,\n\t\t\t\t\t\tsupportAutoMap: false,\n\t\t\t\t\t\tmode: 'add',\n\t\t\t\t\t\tfieldWords: {\n\t\t\t\t\t\t\tsingular: 'parameter',\n\t\t\t\t\t\t\tplural: 'parameters',\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinputMode: ['manual'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'JSON',\n\t\t\t\tname: 'jsonInput',\n\t\t\t\ttype: 'json',\n\t\t\t\ttypeOptions: {\n\t\t\t\t\trows: 5,\n\t\t\t\t},\n\t\t\t\tdefault: '{\\n \"my_field_1\": \"value\",\\n \"my_field_2\": 1\\n}\\n',\n\t\t\t\tvalidateType: 'object',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinputMode: ['json'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Options',\n\t\t\t\tname: 'options',\n\t\t\t\tplaceholder: 'Add Option',\n\t\t\t\tdescription: 'Additional options to add',\n\t\t\t\ttype: 'collection',\n\t\t\t\tdefault: {},\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'Convert to Binary',\n\t\t\t\t\t\tname: 'convertToBinary',\n\t\t\t\t\t\ttype: 'boolean',\n\t\t\t\t\t\tdefault: true,\n\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t'Whether to convert images and audio to binary data. If false, images and audio will be returned as base64 encoded strings.',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'Timeout',\n\t\t\t\t\t\tname: 'timeout',\n\t\t\t\t\t\ttype: 'number',\n\t\t\t\t\t\ttypeOptions: {\n\t\t\t\t\t\t\tminValue: 1,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tdefault: 60000,\n\t\t\t\t\t\tdescription: 'Time in ms to wait for tool calls to finish',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t};\n\n\tmethods = {\n\t\tlistSearch,\n\t\tresourceMapping,\n\t};\n\n\tasync execute(\n\t\tthis: IExecuteFunctions,\n\t): Promise<INodeExecutionData[][] \| NodeExecutionWithMetadata[][] \| null> {\n\t\tconst authentication = this.getNodeParameter('authentication', 0) as McpAuthenticationOption;\n\t\tconst serverTransport = this.getNodeParameter('serverTransport', 0) as McpServerTransport;\n\t\tconst endpointUrl = this.getNodeParameter('endpointUrl', 0) as string;\n\t\tconst node = this.getNode();\n\t\tconst { headers } = await getAuthHeaders(this, authentication);\n\t\tconst client = await connectMcpClient({\n\t\t\tserverTransport,\n\t\t\tendpointUrl,\n\t\t\theaders,\n\t\t\tname: node.type,\n\t\t\tversion: node.typeVersion,\n\t\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t\t});\n\t\tif (!client.ok) {\n\t\t\tthrow mapToNodeOperationError(node, client.error);\n\t\t}\n\n\t\tconst inputMode = this.getNodeParameter('inputMode', 0, 'manual') as 'manual' \| 'json';\n\t\tconst items = this.getInputData();\n\t\tconst returnData: INodeExecutionData[] = [];\n\t\tfor (let itemIndex = 0; itemIndex < items.length; itemIndex++) {\n\t\t\ttry {\n\t\t\t\tconst tool = this.getNodeParameter('tool.value', itemIndex) as string;\n\t\t\t\tconst options = this.getNodeParameter('options', itemIndex);\n\t\t\t\tlet parameters: IDataObject = {};\n\t\t\t\tif (inputMode === 'manual') {\n\t\t\t\t\tparameters = this.getNodeParameter('parameters.value', itemIndex) as IDataObject;\n\t\t\t\t} else {\n\t\t\t\t\tparameters = this.getNodeParameter('jsonInput', itemIndex) as IDataObject;\n\t\t\t\t}\n\n\t\t\t\tconst result = (await client.result.callTool(\n\t\t\t\t\t{\n\t\t\t\t\t\tname: tool,\n\t\t\t\t\t\targuments: parameters,\n\t\t\t\t\t},\n\t\t\t\t\tundefined,\n\t\t\t\t\t{\n\t\t\t\t\t\ttimeout: options.timeout ? Number(options.timeout) : undefined,\n\t\t\t\t\t},\n\t\t\t\t)) as CallToolResult;\n\n\t\t\t\tlet binaryIndex = 0;\n\t\t\t\tconst binary: IBinaryKeyData = {};\n\t\t\t\tconst content: IDataObject[] = [];\n\t\t\t\tconst convertToBinary = options.convertToBinary ?? true;\n\t\t\t\tfor (const contentItem of result.content) {\n\t\t\t\t\tif (contentItem.type === 'text') {\n\t\t\t\t\t\tcontent.push({\n\t\t\t\t\t\t\t...contentItem,\n\t\t\t\t\t\t\ttext: jsonParse(contentItem.text, { fallbackValue: contentItem.text }),\n\t\t\t\t\t\t});\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (convertToBinary && (contentItem.type === 'image' \|\| contentItem.type === 'audio')) {\n\t\t\t\t\t\tbinary[`data_${binaryIndex}`] = await this.helpers.prepareBinaryData(\n\t\t\t\t\t\t\tBuffer.from(contentItem.data, 'base64'),\n\t\t\t\t\t\t\tundefined,\n\t\t\t\t\t\t\tcontentItem.mimeType,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tbinaryIndex++;\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n\n\t\t\t\t\tcontent.push(contentItem as IDataObject);\n\t\t\t\t}\n\n\t\t\t\treturnData.push({\n\t\t\t\t\tjson: {\n\t\t\t\t\t\tcontent: content.length > 0 ? content : undefined,\n\t\t\t\t\t},\n\t\t\t\t\tbinary: Object.keys(binary).length > 0 ? binary : undefined,\n\t\t\t\t\tpairedItem: {\n\t\t\t\t\t\titem: itemIndex,\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t} catch (e) {\n\t\t\t\tconst errorMessage =\n\t\t\t\t\te instanceof ZodError ? prettifyError(e) : e instanceof Error ? e.message : String(e);\n\t\t\t\tif (this.continueOnFail()) {\n\t\t\t\t\treturnData.push({\n\t\t\t\t\t\tjson: {\n\t\t\t\t\t\t\terror: {\n\t\t\t\t\t\t\t\tmessage: errorMessage,\n\t\t\t\t\t\t\t\tissues: e instanceof ZodError ? e.issues : undefined,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpairedItem: {\n\t\t\t\t\t\t\titem: itemIndex,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\n\t\t\t\tthrow new NodeOperationError(node, errorMessage, {\n\t\t\t\t\titemIndex,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\n\t\treturn [returnData];\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAUA,0BAAmE;AACnE,iBAAyB;AACzB,kBAA8B;AAE9B,iBAA4B;AAC5B,sBAAiC;AACjC,0BAA6C;AAE7C,mBAKO;AAEA,MAAM,UAA+B;AAAA,EAArC;AACN,uBAAoC;AAAA,MACnC,aAAa;AAAA,MACb,aAAa;AAAA,MACb,MAAM;AAAA,MACN,MAAM;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MACP;AAAA,MACA,OAAO,CAAC,WAAW;AAAA,MACnB,SAAS;AAAA,MACT,UAAU;AAAA,QACT,MAAM;AAAA,MACP;AAAA,MACA;AAAA,MACA,QAAQ,CAAC,wCAAoB,IAAI;AAAA,MACjC,SAAS,CAAC,wCAAoB,IAAI;AAAA,MAClC,YAAY;AAAA,YACX,qCAAgB;AAAA,UACf,eAAe;AAAA,QAChB,CAAC;AAAA,QACD;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,aAAa;AAAA,UACb,UAAU;AAAA,UACV,aAAa;AAAA,QACd;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,UACD;AAAA,UACA,SAAS;AAAA,UACT,aAAa;AAAA,QACd;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,gBAAgB,CAAC,cAAc,cAAc,gBAAgB,qBAAqB;AAAA,YACnF;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS,EAAE,MAAM,QAAQ,OAAO,GAAG;AAAA,UACnC,UAAU;AAAA,UACV,aAAa;AAAA,UACb,OAAO;AAAA,YACN;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,aAAa;AAAA,gBACZ,kBAAkB;AAAA,gBAClB,YAAY;AAAA,gBACZ,2BAA2B;AAAA,cAC5B;AAAA,YACD;AAAA,YACA;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,YACP;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,kBAAkB;AAAA,UAClB,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR,aAAa;AAAA,YACb,OAAO;AAAA,UACR;AAAA,UACA,kBAAkB;AAAA,UAClB,UAAU;AAAA,UACV,aAAa;AAAA,YACZ,sBAAsB,CAAC,YAAY;AAAA,YACnC,gBAAgB;AAAA,cACf,sBAAsB;AAAA,cACtB,iBAAiB;AAAA,cACjB,cAAc;AAAA,cACd,gBAAgB;AAAA,cAChB,MAAM;AAAA,cACN,YAAY;AAAA,gBACX,UAAU;AAAA,gBACV,QAAQ;AAAA,cACT;AAAA,YACD;AAAA,UACD;AAAA,UACA,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,WAAW,CAAC,QAAQ;AAAA,YACrB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,YACZ,MAAM;AAAA,UACP;AAAA,UACA,SAAS;AAAA,UACT,cAAc;AAAA,UACd,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,WAAW,CAAC,MAAM;AAAA,YACnB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,SAAS;AAAA,YACR;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,SAAS;AAAA,cACT,aACC;AAAA,YACF;AAAA,YACA;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,aAAa;AAAA,gBACZ,UAAU;AAAA,cACX;AAAA,cACA,SAAS;AAAA,cACT,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAEA,mBAAU;AAAA,MACT;AAAA,MACA;AAAA,IACD;AAAA;AAAA,EAEA,MAAM,UAEoE;AACzE,UAAM,iBAAiB,KAAK,iBAAiB,kBAAkB,CAAC;AAChE,UAAM,kBAAkB,KAAK,iBAAiB,mBAAmB,CAAC;AAClE,UAAM,cAAc,KAAK,iBAAiB,eAAe,CAAC;AAC1D,UAAM,OAAO,KAAK,QAAQ;AAC1B,UAAM,EAAE,QAAQ,IAAI,UAAM,6BAAe,MAAM,cAAc;AAC7D,UAAM,SAAS,UAAM,+BAAiB;AAAA,MACrC;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,KAAK;AAAA,MACX,SAAS,KAAK;AAAA,MACd,gBAAgB,OAAOA,aAAY,UAAM,oCAAsB,MAAM,gBAAgBA,QAAO;AAAA,IAC7F,CAAC;AACD,QAAI,CAAC,OAAO,IAAI;AACf,gBAAM,sCAAwB,MAAM,OAAO,KAAK;AAAA,IACjD;AAEA,UAAM,YAAY,KAAK,iBAAiB,aAAa,GAAG,QAAQ;AAChE,UAAM,QAAQ,KAAK,aAAa;AAChC,UAAM,aAAmC,CAAC;AAC1C,aAAS,YAAY,GAAG,YAAY,MAAM,QAAQ,aAAa;AAC9D,UAAI;AACH,cAAM,OAAO,KAAK,iBAAiB,cAAc,SAAS;AAC1D,cAAM,UAAU,KAAK,iBAAiB,WAAW,SAAS;AAC1D,YAAI,aAA0B,CAAC;AAC/B,YAAI,cAAc,UAAU;AAC3B,uBAAa,KAAK,iBAAiB,oBAAoB,SAAS;AAAA,QACjE,OAAO;AACN,uBAAa,KAAK,iBAAiB,aAAa,SAAS;AAAA,QAC1D;AAEA,cAAM,SAAU,MAAM,OAAO,OAAO;AAAA,UACnC;AAAA,YACC,MAAM;AAAA,YACN,WAAW;AAAA,UACZ;AAAA,UACA;AAAA,UACA;AAAA,YACC,SAAS,QAAQ,UAAU,OAAO,QAAQ,OAAO,IAAI;AAAA,UACtD;AAAA,QACD;AAEA,YAAI,cAAc;AAClB,cAAM,SAAyB,CAAC;AAChC,cAAM,UAAyB,CAAC;AAChC,cAAM,kBAAkB,QAAQ,mBAAmB;AACnD,mBAAW,eAAe,OAAO,SAAS;AACzC,cAAI,YAAY,SAAS,QAAQ;AAChC,oBAAQ,KAAK;AAAA,cACZ,GAAG;AAAA,cACH,UAAM,+BAAU,YAAY,MAAM,EAAE,eAAe,YAAY,KAAK,CAAC;AAAA,YACtE,CAAC;AACD;AAAA,UACD;AAEA,cAAI,oBAAoB,YAAY,SAAS,WAAW,YAAY,SAAS,UAAU;AACtF,mBAAO,QAAQ,WAAW,EAAE,IAAI,MAAM,KAAK,QAAQ;AAAA,cAClD,OAAO,KAAK,YAAY,MAAM,QAAQ;AAAA,cACtC;AAAA,cACA,YAAY;AAAA,YACb;AACA;AACA;AAAA,UACD;AAEA,kBAAQ,KAAK,WAA0B;AAAA,QACxC;AAEA,mBAAW,KAAK;AAAA,UACf,MAAM;AAAA,YACL,SAAS,QAAQ,SAAS,IAAI,UAAU;AAAA,UACzC;AAAA,UACA,QAAQ,OAAO,KAAK,MAAM,EAAE,SAAS,IAAI,SAAS;AAAA,UAClD,YAAY;AAAA,YACX,MAAM;AAAA,UACP;AAAA,QACD,CAAC;AAAA,MACF,SAAS,GAAG;AACX,cAAM,eACL,aAAa,0BAAW,2BAAc,CAAC,IAAI,aAAa,QAAQ,EAAE,UAAU,OAAO,CAAC;AACrF,YAAI,KAAK,eAAe,GAAG;AAC1B,qBAAW,KAAK;AAAA,YACf,MAAM;AAAA,cACL,OAAO;AAAA,gBACN,SAAS;AAAA,gBACT,QAAQ,aAAa,sBAAW,EAAE,SAAS;AAAA,cAC5C;AAAA,YACD;AAAA,YACA,YAAY;AAAA,cACX,MAAM;AAAA,YACP;AAAA,UACD,CAAC;AACD;AAAA,QACD;AAEA,cAAM,IAAI,uCAAmB,MAAM,cAAc;AAAA,UAChD;AAAA,QACD,CAAC;AAAA,MACF;AAAA,IACD;AAEA,WAAO,CAAC,UAAU;AAAA,EACnB;AACD;","names":["headers"]}
1	+ {"version":3,"sources":["../../../../nodes/mcp/McpClient/McpClient.node.ts"],"sourcesContent":["import type { CallToolResult } from '@modelcontextprotocol/sdk/types.js';\nimport type {\n\tIBinaryKeyData,\n\tIDataObject,\n\tIExecuteFunctions,\n\tINodeExecutionData,\n\tINodeType,\n\tINodeTypeDescription,\n\tNodeExecutionWithMetadata,\n} from 'n8n-workflow';\nimport { jsonParse, NodeConnectionTypes, NodeOperationError } from 'n8n-workflow';\nimport { ZodError } from 'zod';\nimport { prettifyError } from 'zod/v4/core';\n\nimport * as listSearch from './listSearch';\nimport * as resourceMapping from './resourceMapping';\nimport { credentials, transportSelect } from '../shared/descriptions';\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tassertCredentialAllowsUrl,\n\tgetAuthHeaders,\n\ttryRefreshOAuth2Token,\n\tconnectMcpClient,\n\tmapToNodeOperationError,\n} from '../shared/utils';\n\nexport class McpClient implements INodeType {\n\tdescription: INodeTypeDescription = {\n\t\tdisplayName: 'MCP Client',\n\t\tdescription: 'Standalone MCP Client',\n\t\tname: 'mcpClient',\n\t\ticon: {\n\t\t\tlight: 'file:../mcp.svg',\n\t\t\tdark: 'file:../mcp.dark.svg',\n\t\t},\n\t\tgroup: ['transform'],\n\t\tversion: 1,\n\t\tdefaults: {\n\t\t\tname: 'MCP Client',\n\t\t},\n\t\tcredentials,\n\t\tinputs: [NodeConnectionTypes.Main],\n\t\toutputs: [NodeConnectionTypes.Main],\n\t\tproperties: [\n\t\t\ttransportSelect({\n\t\t\t\tdefaultOption: 'httpStreamable',\n\t\t\t}),\n\t\t\t{\n\t\t\t\tdisplayName: 'MCP Endpoint URL',\n\t\t\t\tname: 'endpointUrl',\n\t\t\t\ttype: 'string',\n\t\t\t\tdefault: '',\n\t\t\t\tplaceholder: 'e.g. https://my-mcp-server.ai/mcp',\n\t\t\t\trequired: true,\n\t\t\t\tdescription: 'The URL of the MCP server to connect to',\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Authentication',\n\t\t\t\tname: 'authentication',\n\t\t\t\ttype: 'options',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Bearer Auth',\n\t\t\t\t\t\tvalue: 'bearerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Header Auth',\n\t\t\t\t\t\tvalue: 'headerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'MCP OAuth2',\n\t\t\t\t\t\tvalue: 'mcpOAuth2Api',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Multiple Headers Auth',\n\t\t\t\t\t\tvalue: 'multipleHeadersAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'None',\n\t\t\t\t\t\tvalue: 'none',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tdefault: 'none',\n\t\t\t\tdescription: 'The way to authenticate with your endpoint',\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Credentials',\n\t\t\t\tname: 'credentials',\n\t\t\t\ttype: 'credentials',\n\t\t\t\tdefault: '',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tauthentication: ['headerAuth', 'bearerAuth', 'mcpOAuth2Api', 'multipleHeadersAuth'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tool',\n\t\t\t\tname: 'tool',\n\t\t\t\ttype: 'resourceLocator',\n\t\t\t\tdefault: { mode: 'list', value: '' },\n\t\t\t\trequired: true,\n\t\t\t\tdescription: 'The tool to use',\n\t\t\t\tmodes: [\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'From List',\n\t\t\t\t\t\tname: 'list',\n\t\t\t\t\t\ttype: 'list',\n\t\t\t\t\t\ttypeOptions: {\n\t\t\t\t\t\t\tsearchListMethod: 'getTools',\n\t\t\t\t\t\t\tsearchable: true,\n\t\t\t\t\t\t\tskipCredentialsCheckInRLC: true,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'ID',\n\t\t\t\t\t\tname: 'id',\n\t\t\t\t\t\ttype: 'string',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Input Mode',\n\t\t\t\tname: 'inputMode',\n\t\t\t\ttype: 'options',\n\t\t\t\tdefault: 'manual',\n\t\t\t\tnoDataExpression: true,\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Manual',\n\t\t\t\t\t\tvalue: 'manual',\n\t\t\t\t\t\tdescription: 'Manually specify the input data for each tool parameter',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'JSON',\n\t\t\t\t\t\tvalue: 'json',\n\t\t\t\t\t\tdescription: 'Specify the input data as a JSON object',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Parameters',\n\t\t\t\tname: 'parameters',\n\t\t\t\ttype: 'resourceMapper',\n\t\t\t\tdefault: {\n\t\t\t\t\tmappingMode: 'defineBelow',\n\t\t\t\t\tvalue: null,\n\t\t\t\t},\n\t\t\t\tnoDataExpression: true,\n\t\t\t\trequired: true,\n\t\t\t\ttypeOptions: {\n\t\t\t\t\tloadOptionsDependsOn: ['tool.value'],\n\t\t\t\t\tresourceMapper: {\n\t\t\t\t\t\tresourceMapperMethod: 'getToolParameters',\n\t\t\t\t\t\thideNoDataError: true,\n\t\t\t\t\t\taddAllFields: false,\n\t\t\t\t\t\tsupportAutoMap: false,\n\t\t\t\t\t\tmode: 'add',\n\t\t\t\t\t\tfieldWords: {\n\t\t\t\t\t\t\tsingular: 'parameter',\n\t\t\t\t\t\t\tplural: 'parameters',\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinputMode: ['manual'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'JSON',\n\t\t\t\tname: 'jsonInput',\n\t\t\t\ttype: 'json',\n\t\t\t\ttypeOptions: {\n\t\t\t\t\trows: 5,\n\t\t\t\t},\n\t\t\t\tdefault: '{\\n \"my_field_1\": \"value\",\\n \"my_field_2\": 1\\n}\\n',\n\t\t\t\tvalidateType: 'object',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinputMode: ['json'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Options',\n\t\t\t\tname: 'options',\n\t\t\t\tplaceholder: 'Add Option',\n\t\t\t\tdescription: 'Additional options to add',\n\t\t\t\ttype: 'collection',\n\t\t\t\tdefault: {},\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'Convert to Binary',\n\t\t\t\t\t\tname: 'convertToBinary',\n\t\t\t\t\t\ttype: 'boolean',\n\t\t\t\t\t\tdefault: true,\n\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t'Whether to convert images and audio to binary data. If false, images and audio will be returned as base64 encoded strings.',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'Timeout',\n\t\t\t\t\t\tname: 'timeout',\n\t\t\t\t\t\ttype: 'number',\n\t\t\t\t\t\ttypeOptions: {\n\t\t\t\t\t\t\tminValue: 1,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tdefault: 60000,\n\t\t\t\t\t\tdescription: 'Time in ms to wait for tool calls to finish',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t};\n\n\tmethods = {\n\t\tlistSearch,\n\t\tresourceMapping,\n\t};\n\n\tasync execute(\n\t\tthis: IExecuteFunctions,\n\t): Promise<INodeExecutionData[][] \| NodeExecutionWithMetadata[][] \| null> {\n\t\tconst authentication = this.getNodeParameter('authentication', 0) as McpAuthenticationOption;\n\t\tconst serverTransport = this.getNodeParameter('serverTransport', 0) as McpServerTransport;\n\t\tconst endpointUrl = this.getNodeParameter('endpointUrl', 0) as string;\n\t\tconst node = this.getNode();\n\t\tconst { headers, credentials } = await getAuthHeaders(this, authentication);\n\t\tconst allowedDomains = assertCredentialAllowsUrl(node, credentials, endpointUrl);\n\t\tconst client = await connectMcpClient({\n\t\t\tserverTransport,\n\t\t\tendpointUrl,\n\t\t\theaders,\n\t\t\tname: node.type,\n\t\t\tversion: node.typeVersion,\n\t\t\tallowedDomains,\n\t\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t\t});\n\t\tif (!client.ok) {\n\t\t\tthrow mapToNodeOperationError(node, client.error);\n\t\t}\n\n\t\tconst inputMode = this.getNodeParameter('inputMode', 0, 'manual') as 'manual' \| 'json';\n\t\tconst items = this.getInputData();\n\t\tconst returnData: INodeExecutionData[] = [];\n\t\tfor (let itemIndex = 0; itemIndex < items.length; itemIndex++) {\n\t\t\ttry {\n\t\t\t\tconst tool = this.getNodeParameter('tool.value', itemIndex) as string;\n\t\t\t\tconst options = this.getNodeParameter('options', itemIndex);\n\t\t\t\tlet parameters: IDataObject = {};\n\t\t\t\tif (inputMode === 'manual') {\n\t\t\t\t\tparameters = this.getNodeParameter('parameters.value', itemIndex) as IDataObject;\n\t\t\t\t} else {\n\t\t\t\t\tparameters = this.getNodeParameter('jsonInput', itemIndex) as IDataObject;\n\t\t\t\t}\n\n\t\t\t\tconst result = (await client.result.callTool(\n\t\t\t\t\t{\n\t\t\t\t\t\tname: tool,\n\t\t\t\t\t\targuments: parameters,\n\t\t\t\t\t},\n\t\t\t\t\tundefined,\n\t\t\t\t\t{\n\t\t\t\t\t\ttimeout: options.timeout ? Number(options.timeout) : undefined,\n\t\t\t\t\t},\n\t\t\t\t)) as CallToolResult;\n\n\t\t\t\tlet binaryIndex = 0;\n\t\t\t\tconst binary: IBinaryKeyData = {};\n\t\t\t\tconst content: IDataObject[] = [];\n\t\t\t\tconst convertToBinary = options.convertToBinary ?? true;\n\t\t\t\tfor (const contentItem of result.content) {\n\t\t\t\t\tif (contentItem.type === 'text') {\n\t\t\t\t\t\tcontent.push({\n\t\t\t\t\t\t\t...contentItem,\n\t\t\t\t\t\t\ttext: jsonParse(contentItem.text, { fallbackValue: contentItem.text }),\n\t\t\t\t\t\t});\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (convertToBinary && (contentItem.type === 'image' \|\| contentItem.type === 'audio')) {\n\t\t\t\t\t\tbinary[`data_${binaryIndex}`] = await this.helpers.prepareBinaryData(\n\t\t\t\t\t\t\tBuffer.from(contentItem.data, 'base64'),\n\t\t\t\t\t\t\tundefined,\n\t\t\t\t\t\t\tcontentItem.mimeType,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tbinaryIndex++;\n\t\t\t\t\t\tcontinue;\n\t\t\t\t\t}\n\n\t\t\t\t\tcontent.push(contentItem as IDataObject);\n\t\t\t\t}\n\n\t\t\t\treturnData.push({\n\t\t\t\t\tjson: {\n\t\t\t\t\t\tcontent: content.length > 0 ? content : undefined,\n\t\t\t\t\t},\n\t\t\t\t\tbinary: Object.keys(binary).length > 0 ? binary : undefined,\n\t\t\t\t\tpairedItem: {\n\t\t\t\t\t\titem: itemIndex,\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t} catch (e) {\n\t\t\t\tconst errorMessage =\n\t\t\t\t\te instanceof ZodError ? prettifyError(e) : e instanceof Error ? e.message : String(e);\n\t\t\t\tif (this.continueOnFail()) {\n\t\t\t\t\treturnData.push({\n\t\t\t\t\t\tjson: {\n\t\t\t\t\t\t\terror: {\n\t\t\t\t\t\t\t\tmessage: errorMessage,\n\t\t\t\t\t\t\t\tissues: e instanceof ZodError ? e.issues : undefined,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpairedItem: {\n\t\t\t\t\t\t\titem: itemIndex,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\n\t\t\t\tthrow new NodeOperationError(node, errorMessage, {\n\t\t\t\t\titemIndex,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\n\t\treturn [returnData];\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAUA,0BAAmE;AACnE,iBAAyB;AACzB,kBAA8B;AAE9B,iBAA4B;AAC5B,sBAAiC;AACjC,0BAA6C;AAE7C,mBAMO;AAEA,MAAM,UAA+B;AAAA,EAArC;AACN,uBAAoC;AAAA,MACnC,aAAa;AAAA,MACb,aAAa;AAAA,MACb,MAAM;AAAA,MACN,MAAM;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MACP;AAAA,MACA,OAAO,CAAC,WAAW;AAAA,MACnB,SAAS;AAAA,MACT,UAAU;AAAA,QACT,MAAM;AAAA,MACP;AAAA,MACA;AAAA,MACA,QAAQ,CAAC,wCAAoB,IAAI;AAAA,MACjC,SAAS,CAAC,wCAAoB,IAAI;AAAA,MAClC,YAAY;AAAA,YACX,qCAAgB;AAAA,UACf,eAAe;AAAA,QAChB,CAAC;AAAA,QACD;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,aAAa;AAAA,UACb,UAAU;AAAA,UACV,aAAa;AAAA,QACd;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,UACD;AAAA,UACA,SAAS;AAAA,UACT,aAAa;AAAA,QACd;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,gBAAgB,CAAC,cAAc,cAAc,gBAAgB,qBAAqB;AAAA,YACnF;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS,EAAE,MAAM,QAAQ,OAAO,GAAG;AAAA,UACnC,UAAU;AAAA,UACV,aAAa;AAAA,UACb,OAAO;AAAA,YACN;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,aAAa;AAAA,gBACZ,kBAAkB;AAAA,gBAClB,YAAY;AAAA,gBACZ,2BAA2B;AAAA,cAC5B;AAAA,YACD;AAAA,YACA;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,YACP;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,kBAAkB;AAAA,UAClB,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR,aAAa;AAAA,YACb,OAAO;AAAA,UACR;AAAA,UACA,kBAAkB;AAAA,UAClB,UAAU;AAAA,UACV,aAAa;AAAA,YACZ,sBAAsB,CAAC,YAAY;AAAA,YACnC,gBAAgB;AAAA,cACf,sBAAsB;AAAA,cACtB,iBAAiB;AAAA,cACjB,cAAc;AAAA,cACd,gBAAgB;AAAA,cAChB,MAAM;AAAA,cACN,YAAY;AAAA,gBACX,UAAU;AAAA,gBACV,QAAQ;AAAA,cACT;AAAA,YACD;AAAA,UACD;AAAA,UACA,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,WAAW,CAAC,QAAQ;AAAA,YACrB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,YACZ,MAAM;AAAA,UACP;AAAA,UACA,SAAS;AAAA,UACT,cAAc;AAAA,UACd,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,WAAW,CAAC,MAAM;AAAA,YACnB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,SAAS;AAAA,YACR;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,SAAS;AAAA,cACT,aACC;AAAA,YACF;AAAA,YACA;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,aAAa;AAAA,gBACZ,UAAU;AAAA,cACX;AAAA,cACA,SAAS;AAAA,cACT,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAEA,mBAAU;AAAA,MACT;AAAA,MACA;AAAA,IACD;AAAA;AAAA,EAEA,MAAM,UAEoE;AACzE,UAAM,iBAAiB,KAAK,iBAAiB,kBAAkB,CAAC;AAChE,UAAM,kBAAkB,KAAK,iBAAiB,mBAAmB,CAAC;AAClE,UAAM,cAAc,KAAK,iBAAiB,eAAe,CAAC;AAC1D,UAAM,OAAO,KAAK,QAAQ;AAC1B,UAAM,EAAE,SAAS,aAAAA,aAAY,IAAI,UAAM,6BAAe,MAAM,cAAc;AAC1E,UAAM,qBAAiB,wCAA0B,MAAMA,cAAa,WAAW;AAC/E,UAAM,SAAS,UAAM,+BAAiB;AAAA,MACrC;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,KAAK;AAAA,MACX,SAAS,KAAK;AAAA,MACd;AAAA,MACA,gBAAgB,OAAOC,aAAY,UAAM,oCAAsB,MAAM,gBAAgBA,QAAO;AAAA,IAC7F,CAAC;AACD,QAAI,CAAC,OAAO,IAAI;AACf,gBAAM,sCAAwB,MAAM,OAAO,KAAK;AAAA,IACjD;AAEA,UAAM,YAAY,KAAK,iBAAiB,aAAa,GAAG,QAAQ;AAChE,UAAM,QAAQ,KAAK,aAAa;AAChC,UAAM,aAAmC,CAAC;AAC1C,aAAS,YAAY,GAAG,YAAY,MAAM,QAAQ,aAAa;AAC9D,UAAI;AACH,cAAM,OAAO,KAAK,iBAAiB,cAAc,SAAS;AAC1D,cAAM,UAAU,KAAK,iBAAiB,WAAW,SAAS;AAC1D,YAAI,aAA0B,CAAC;AAC/B,YAAI,cAAc,UAAU;AAC3B,uBAAa,KAAK,iBAAiB,oBAAoB,SAAS;AAAA,QACjE,OAAO;AACN,uBAAa,KAAK,iBAAiB,aAAa,SAAS;AAAA,QAC1D;AAEA,cAAM,SAAU,MAAM,OAAO,OAAO;AAAA,UACnC;AAAA,YACC,MAAM;AAAA,YACN,WAAW;AAAA,UACZ;AAAA,UACA;AAAA,UACA;AAAA,YACC,SAAS,QAAQ,UAAU,OAAO,QAAQ,OAAO,IAAI;AAAA,UACtD;AAAA,QACD;AAEA,YAAI,cAAc;AAClB,cAAM,SAAyB,CAAC;AAChC,cAAM,UAAyB,CAAC;AAChC,cAAM,kBAAkB,QAAQ,mBAAmB;AACnD,mBAAW,eAAe,OAAO,SAAS;AACzC,cAAI,YAAY,SAAS,QAAQ;AAChC,oBAAQ,KAAK;AAAA,cACZ,GAAG;AAAA,cACH,UAAM,+BAAU,YAAY,MAAM,EAAE,eAAe,YAAY,KAAK,CAAC;AAAA,YACtE,CAAC;AACD;AAAA,UACD;AAEA,cAAI,oBAAoB,YAAY,SAAS,WAAW,YAAY,SAAS,UAAU;AACtF,mBAAO,QAAQ,WAAW,EAAE,IAAI,MAAM,KAAK,QAAQ;AAAA,cAClD,OAAO,KAAK,YAAY,MAAM,QAAQ;AAAA,cACtC;AAAA,cACA,YAAY;AAAA,YACb;AACA;AACA;AAAA,UACD;AAEA,kBAAQ,KAAK,WAA0B;AAAA,QACxC;AAEA,mBAAW,KAAK;AAAA,UACf,MAAM;AAAA,YACL,SAAS,QAAQ,SAAS,IAAI,UAAU;AAAA,UACzC;AAAA,UACA,QAAQ,OAAO,KAAK,MAAM,EAAE,SAAS,IAAI,SAAS;AAAA,UAClD,YAAY;AAAA,YACX,MAAM;AAAA,UACP;AAAA,QACD,CAAC;AAAA,MACF,SAAS,GAAG;AACX,cAAM,eACL,aAAa,0BAAW,2BAAc,CAAC,IAAI,aAAa,QAAQ,EAAE,UAAU,OAAO,CAAC;AACrF,YAAI,KAAK,eAAe,GAAG;AAC1B,qBAAW,KAAK;AAAA,YACf,MAAM;AAAA,cACL,OAAO;AAAA,gBACN,SAAS;AAAA,gBACT,QAAQ,aAAa,sBAAW,EAAE,SAAS;AAAA,cAC5C;AAAA,YACD;AAAA,YACA,YAAY;AAAA,cACX,MAAM;AAAA,YACP;AAAA,UACD,CAAC;AACD;AAAA,QACD;AAEA,cAAM,IAAI,uCAAmB,MAAM,cAAc;AAAA,UAChD;AAAA,QACD,CAAC;AAAA,MACF;AAAA,IACD;AAEA,WAAO,CAAC,UAAU;AAAA,EACnB;AACD;","names":["credentials","headers"]}

package/dist/nodes/mcp/McpClient/listSearch.js CHANGED Viewed

@@ -27,13 +27,15 @@ async function getTools(filter, paginationToken) {
   const serverTransport = this.getNodeParameter("serverTransport");
   const endpointUrl = this.getNodeParameter("endpointUrl");
   const node = this.getNode();
-  const { headers } = await (0, import_utils.getAuthHeaders)(this, authentication);
+  const { headers, credentials } = await (0, import_utils.getAuthHeaders)(this, authentication);
+  const allowedDomains = (0, import_utils.assertCredentialAllowsUrl)(node, credentials, endpointUrl);
   const client = await (0, import_utils.connectMcpClient)({
     serverTransport,
     endpointUrl,
     headers,
     name: node.type,
     version: node.typeVersion,
+    allowedDomains,
     onUnauthorized: async (headers2) => await (0, import_utils.tryRefreshOAuth2Token)(this, authentication, headers2)
   });
   if (!client.ok) {

package/dist/nodes/mcp/McpClient/listSearch.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../nodes/mcp/McpClient/listSearch.ts"],"sourcesContent":["import type { ILoadOptionsFunctions, INodeListSearchResult } from 'n8n-workflow';\n\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tconnectMcpClient,\n\tgetAuthHeaders,\n\tmapToNodeOperationError,\n\ttryRefreshOAuth2Token,\n} from '../shared/utils';\n\nexport async function getTools(\n\tthis: ILoadOptionsFunctions,\n\tfilter?: string,\n\tpaginationToken?: string,\n): Promise<INodeListSearchResult> {\n\tconst authentication = this.getNodeParameter('authentication') as McpAuthenticationOption;\n\tconst serverTransport = this.getNodeParameter('serverTransport') as McpServerTransport;\n\tconst endpointUrl = this.getNodeParameter('endpointUrl') as string;\n\tconst node = this.getNode();\n\tconst { headers } = await getAuthHeaders(this, authentication);\n\tconst client = await connectMcpClient({\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\tthrow mapToNodeOperationError(node, client.error);\n\t}\n\n\tconst result = await client.result.listTools({ cursor: paginationToken });\n\tconst tools = filter\n\t\t? result.tools.filter((tool) => tool.name.toLowerCase().includes(filter.toLowerCase()))\n\t\t: result.tools;\n\n\treturn {\n\t\tresults: tools.map((tool) => ({\n\t\t\tname: tool.name,\n\t\t\tvalue: tool.name,\n\t\t\tdescription: tool.description,\n\t\t\tinputSchema: tool.inputSchema,\n\t\t})),\n\t\tpaginationToken: result.nextCursor,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,~~mBAKO~~;AAEP,eAAsB,SAErB,QACA,iBACiC;AACjC,QAAM,iBAAiB,KAAK,iBAAiB,gBAAgB;AAC7D,QAAM,kBAAkB,KAAK,iBAAiB,iBAAiB;AAC/D,QAAM,cAAc,KAAK,iBAAiB,aAAa;AACvD,QAAM,OAAO,KAAK,QAAQ;AAC1B,QAAM,EAAE,~~QAAQ~~,IAAI,UAAM,6BAAe,MAAM,cAAc;~~AAC7D~~,QAAM,SAAS,UAAM,+BAAiB;AAAA,IACrC;AAAA,IACA;AAAA,IACA;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd,gBAAgB,OAAOA,aAAY,UAAM,oCAAsB,MAAM,gBAAgBA,QAAO;AAAA,EAC7F,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,cAAM,sCAAwB,MAAM,OAAO,KAAK;AAAA,EACjD;AAEA,QAAM,SAAS,MAAM,OAAO,OAAO,UAAU,EAAE,QAAQ,gBAAgB,CAAC;AACxE,QAAM,QAAQ,SACX,OAAO,MAAM,OAAO,CAAC,SAAS,KAAK,KAAK,YAAY,EAAE,SAAS,OAAO,YAAY,CAAC,CAAC,IACpF,OAAO;AAEV,SAAO;AAAA,IACN,SAAS,MAAM,IAAI,CAAC,UAAU;AAAA,MAC7B,MAAM,KAAK;AAAA,MACX,OAAO,KAAK;AAAA,MACZ,aAAa,KAAK;AAAA,MAClB,aAAa,KAAK;AAAA,IACnB,EAAE;AAAA,IACF,iBAAiB,OAAO;AAAA,EACzB;AACD;","names":["headers"]}
1	+ {"version":3,"sources":["../../../../nodes/mcp/McpClient/listSearch.ts"],"sourcesContent":["import type { ILoadOptionsFunctions, INodeListSearchResult } from 'n8n-workflow';\n\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tassertCredentialAllowsUrl,\n\tconnectMcpClient,\n\tgetAuthHeaders,\n\tmapToNodeOperationError,\n\ttryRefreshOAuth2Token,\n} from '../shared/utils';\n\nexport async function getTools(\n\tthis: ILoadOptionsFunctions,\n\tfilter?: string,\n\tpaginationToken?: string,\n): Promise<INodeListSearchResult> {\n\tconst authentication = this.getNodeParameter('authentication') as McpAuthenticationOption;\n\tconst serverTransport = this.getNodeParameter('serverTransport') as McpServerTransport;\n\tconst endpointUrl = this.getNodeParameter('endpointUrl') as string;\n\tconst node = this.getNode();\n\tconst { headers, credentials } = await getAuthHeaders(this, authentication);\n\tconst allowedDomains = assertCredentialAllowsUrl(node, credentials, endpointUrl);\n\tconst client = await connectMcpClient({\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tallowedDomains,\n\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\tthrow mapToNodeOperationError(node, client.error);\n\t}\n\n\tconst result = await client.result.listTools({ cursor: paginationToken });\n\tconst tools = filter\n\t\t? result.tools.filter((tool) => tool.name.toLowerCase().includes(filter.toLowerCase()))\n\t\t: result.tools;\n\n\treturn {\n\t\tresults: tools.map((tool) => ({\n\t\t\tname: tool.name,\n\t\t\tvalue: tool.name,\n\t\t\tdescription: tool.description,\n\t\t\tinputSchema: tool.inputSchema,\n\t\t})),\n\t\tpaginationToken: result.nextCursor,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,mBAMO;AAEP,eAAsB,SAErB,QACA,iBACiC;AACjC,QAAM,iBAAiB,KAAK,iBAAiB,gBAAgB;AAC7D,QAAM,kBAAkB,KAAK,iBAAiB,iBAAiB;AAC/D,QAAM,cAAc,KAAK,iBAAiB,aAAa;AACvD,QAAM,OAAO,KAAK,QAAQ;AAC1B,QAAM,EAAE,SAAS,YAAY,IAAI,UAAM,6BAAe,MAAM,cAAc;AAC1E,QAAM,qBAAiB,wCAA0B,MAAM,aAAa,WAAW;AAC/E,QAAM,SAAS,UAAM,+BAAiB;AAAA,IACrC;AAAA,IACA;AAAA,IACA;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd;AAAA,IACA,gBAAgB,OAAOA,aAAY,UAAM,oCAAsB,MAAM,gBAAgBA,QAAO;AAAA,EAC7F,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,cAAM,sCAAwB,MAAM,OAAO,KAAK;AAAA,EACjD;AAEA,QAAM,SAAS,MAAM,OAAO,OAAO,UAAU,EAAE,QAAQ,gBAAgB,CAAC;AACxE,QAAM,QAAQ,SACX,OAAO,MAAM,OAAO,CAAC,SAAS,KAAK,KAAK,YAAY,EAAE,SAAS,OAAO,YAAY,CAAC,CAAC,IACpF,OAAO;AAEV,SAAO;AAAA,IACN,SAAS,MAAM,IAAI,CAAC,UAAU;AAAA,MAC7B,MAAM,KAAK;AAAA,MACX,OAAO,KAAK;AAAA,MACZ,aAAa,KAAK;AAAA,MAClB,aAAa,KAAK;AAAA,IACnB,EAAE;AAAA,IACF,iBAAiB,OAAO;AAAA,EACzB;AACD;","names":["headers"]}

package/dist/nodes/mcp/McpClient/resourceMapping.js CHANGED Viewed

@@ -32,13 +32,15 @@ async function getToolParameters() {
   const serverTransport = this.getNodeParameter("serverTransport");
   const endpointUrl = this.getNodeParameter("endpointUrl");
   const node = this.getNode();
-  const { headers } = await (0, import_utils2.getAuthHeaders)(this, authentication);
+  const { headers, credentials } = await (0, import_utils2.getAuthHeaders)(this, authentication);
+  const allowedDomains = (0, import_utils2.assertCredentialAllowsUrl)(node, credentials, endpointUrl);
   const client = await (0, import_utils2.connectMcpClient)({
     serverTransport,
     endpointUrl,
     headers,
     name: node.type,
     version: node.typeVersion,
+    allowedDomains,
     onUnauthorized: async (headers2) => await (0, import_utils2.tryRefreshOAuth2Token)(this, authentication, headers2)
   });
   if (!client.ok) {

package/dist/nodes/mcp/McpClient/resourceMapping.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../nodes/mcp/McpClient/resourceMapping.ts"],"sourcesContent":["import type { ILoadOptionsFunctions, ResourceMapperFields } from 'n8n-workflow';\nimport { NodeOperationError } from 'n8n-workflow';\n\nimport { convertJsonSchemaToResourceMapperFields } from './utils';\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tgetAuthHeaders,\n\tconnectMcpClient,\n\tgetAllTools,\n\ttryRefreshOAuth2Token,\n\tmapToNodeOperationError,\n} from '../shared/utils';\n\nexport async function getToolParameters(\n\tthis: ILoadOptionsFunctions,\n): Promise<ResourceMapperFields> {\n\tconst toolId = this.getNodeParameter('tool', 0, {\n\t\textractValue: true,\n\t}) as string;\n\tconst authentication = this.getNodeParameter('authentication') as McpAuthenticationOption;\n\tconst serverTransport = this.getNodeParameter('serverTransport') as McpServerTransport;\n\tconst endpointUrl = this.getNodeParameter('endpointUrl') as string;\n\tconst node = this.getNode();\n\tconst { headers } = await getAuthHeaders(this, authentication);\n\tconst client = await connectMcpClient({\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\tthrow mapToNodeOperationError(node, client.error);\n\t}\n\n\tconst result = await getAllTools(client.result);\n\tconst tool = result.find((tool) => tool.name === toolId);\n\tif (!tool) {\n\t\tthrow new NodeOperationError(this.getNode(), 'Tool not found');\n\t}\n\n\tconst fields = convertJsonSchemaToResourceMapperFields(tool.inputSchema);\n\treturn {\n\t\tfields,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,0BAAmC;AAEnC,mBAAwD;AAExD,IAAAA,~~gBAMO~~;AAEP,eAAsB,oBAEW;AAChC,QAAM,SAAS,KAAK,iBAAiB,QAAQ,GAAG;AAAA,IAC/C,cAAc;AAAA,EACf,CAAC;AACD,QAAM,iBAAiB,KAAK,iBAAiB,gBAAgB;AAC7D,QAAM,kBAAkB,KAAK,iBAAiB,iBAAiB;AAC/D,QAAM,cAAc,KAAK,iBAAiB,aAAa;AACvD,QAAM,OAAO,KAAK,QAAQ;AAC1B,QAAM,EAAE,~~QAAQ~~,IAAI,UAAM,8BAAe,MAAM,cAAc;~~AAC7D~~,QAAM,SAAS,UAAM,gCAAiB;AAAA,IACrC;AAAA,IACA;AAAA,IACA;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd,gBAAgB,OAAOC,aAAY,UAAM,qCAAsB,MAAM,gBAAgBA,QAAO;AAAA,EAC7F,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,cAAM,uCAAwB,MAAM,OAAO,KAAK;AAAA,EACjD;AAEA,QAAM,SAAS,UAAM,2BAAY,OAAO,MAAM;AAC9C,QAAM,OAAO,OAAO,KAAK,CAACC,UAASA,MAAK,SAAS,MAAM;AACvD,MAAI,CAAC,MAAM;AACV,UAAM,IAAI,uCAAmB,KAAK,QAAQ,GAAG,gBAAgB;AAAA,EAC9D;AAEA,QAAM,aAAS,sDAAwC,KAAK,WAAW;AACvE,SAAO;AAAA,IACN;AAAA,EACD;AACD;","names":["import_utils","headers","tool"]}
1	+ {"version":3,"sources":["../../../../nodes/mcp/McpClient/resourceMapping.ts"],"sourcesContent":["import type { ILoadOptionsFunctions, ResourceMapperFields } from 'n8n-workflow';\nimport { NodeOperationError } from 'n8n-workflow';\n\nimport { convertJsonSchemaToResourceMapperFields } from './utils';\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tassertCredentialAllowsUrl,\n\tgetAuthHeaders,\n\tconnectMcpClient,\n\tgetAllTools,\n\ttryRefreshOAuth2Token,\n\tmapToNodeOperationError,\n} from '../shared/utils';\n\nexport async function getToolParameters(\n\tthis: ILoadOptionsFunctions,\n): Promise<ResourceMapperFields> {\n\tconst toolId = this.getNodeParameter('tool', 0, {\n\t\textractValue: true,\n\t}) as string;\n\tconst authentication = this.getNodeParameter('authentication') as McpAuthenticationOption;\n\tconst serverTransport = this.getNodeParameter('serverTransport') as McpServerTransport;\n\tconst endpointUrl = this.getNodeParameter('endpointUrl') as string;\n\tconst node = this.getNode();\n\tconst { headers, credentials } = await getAuthHeaders(this, authentication);\n\tconst allowedDomains = assertCredentialAllowsUrl(node, credentials, endpointUrl);\n\tconst client = await connectMcpClient({\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tallowedDomains,\n\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\tthrow mapToNodeOperationError(node, client.error);\n\t}\n\n\tconst result = await getAllTools(client.result);\n\tconst tool = result.find((tool) => tool.name === toolId);\n\tif (!tool) {\n\t\tthrow new NodeOperationError(this.getNode(), 'Tool not found');\n\t}\n\n\tconst fields = convertJsonSchemaToResourceMapperFields(tool.inputSchema);\n\treturn {\n\t\tfields,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,0BAAmC;AAEnC,mBAAwD;AAExD,IAAAA,gBAOO;AAEP,eAAsB,oBAEW;AAChC,QAAM,SAAS,KAAK,iBAAiB,QAAQ,GAAG;AAAA,IAC/C,cAAc;AAAA,EACf,CAAC;AACD,QAAM,iBAAiB,KAAK,iBAAiB,gBAAgB;AAC7D,QAAM,kBAAkB,KAAK,iBAAiB,iBAAiB;AAC/D,QAAM,cAAc,KAAK,iBAAiB,aAAa;AACvD,QAAM,OAAO,KAAK,QAAQ;AAC1B,QAAM,EAAE,SAAS,YAAY,IAAI,UAAM,8BAAe,MAAM,cAAc;AAC1E,QAAM,qBAAiB,yCAA0B,MAAM,aAAa,WAAW;AAC/E,QAAM,SAAS,UAAM,gCAAiB;AAAA,IACrC;AAAA,IACA;AAAA,IACA;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd;AAAA,IACA,gBAAgB,OAAOC,aAAY,UAAM,qCAAsB,MAAM,gBAAgBA,QAAO;AAAA,EAC7F,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,cAAM,uCAAwB,MAAM,OAAO,KAAK;AAAA,EACjD;AAEA,QAAM,SAAS,UAAM,2BAAY,OAAO,MAAM;AAC9C,QAAM,OAAO,OAAO,KAAK,CAACC,UAASA,MAAK,SAAS,MAAM;AACvD,MAAI,CAAC,MAAM;AACV,UAAM,IAAI,uCAAmB,KAAK,QAAQ,GAAG,gBAAgB;AAAA,EAC9D;AAEA,QAAM,aAAS,sDAAwC,KAAK,WAAW;AACvE,SAAO;AAAA,IACN;AAAA,EACD;AACD;","names":["import_utils","headers","tool"]}

package/dist/nodes/mcp/McpClientTool/McpClientTool.node.js CHANGED Viewed

@@ -71,13 +71,15 @@ function getNodeConfig(ctx, itemIndex) {
 }
 async function connectAndGetTools(ctx, config) {
   const node = ctx.getNode();
-  const { headers } = await (0, import_utils2.getAuthHeaders)(ctx, config.authentication);
+  const { headers, credentials: credentials2 } = await (0, import_utils2.getAuthHeaders)(ctx, config.authentication);
+  const allowedDomains = (0, import_utils2.assertCredentialAllowsUrl)(node, credentials2, config.endpointUrl);
   const client = await (0, import_utils2.connectMcpClient)({
     serverTransport: config.serverTransport,
     endpointUrl: config.endpointUrl,
     headers,
     name: node.type,
     version: node.typeVersion,
+    allowedDomains,
     onUnauthorized: async (headers2) => await (0, import_utils2.tryRefreshOAuth2Token)(ctx, config.authentication, headers2)
   });
   if (!client.ok) {

package/dist/nodes/mcp/McpClientTool/McpClientTool.node.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../nodes/mcp/McpClientTool/McpClientTool.node.ts"],"sourcesContent":["import { CallToolResultSchema } from '@modelcontextprotocol/sdk/types.js';\nimport {\n\ttype IDataObject,\n\ttype IExecuteFunctions,\n\ttype INodeExecutionData,\n\tNodeConnectionTypes,\n\tNodeOperationError,\n\ttype INodeType,\n\ttype INodeTypeDescription,\n\ttype ISupplyDataFunctions,\n\ttype SupplyData,\n} from 'n8n-workflow';\n\nimport { logWrapper } from '@utils/logWrapper';\nimport { getConnectionHintNoticeField } from '@utils/sharedFields';\n\nimport { getTools } from './loadOptions';\nimport type { McpToolIncludeMode } from './types';\nimport { createCallTool, getSelectedTools, McpToolkit, mcpToolToDynamicTool } from './utils';\nimport { credentials, transportSelect } from '../shared/descriptions';\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tconnectMcpClient,\n\tgetAllTools,\n\tgetAuthHeaders,\n\tmapToNodeOperationError,\n\ttryRefreshOAuth2Token,\n} from '../shared/utils';\nimport type { JSONSchema7 } from 'json-schema';\nimport pick from 'lodash/pick';\n\n/*\n Get node parameters for MCP client configuration\n /\nfunction getNodeConfig(\n\tctx: ISupplyDataFunctions \| IExecuteFunctions,\n\titemIndex: number,\n): {\n\tauthentication: McpAuthenticationOption;\n\ttimeout: number;\n\tserverTransport: McpServerTransport;\n\tendpointUrl: string;\n\tmode: McpToolIncludeMode;\n\tincludeTools: string[];\n\texcludeTools: string[];\n} {\n\tconst node = ctx.getNode();\n\tconst authentication = ctx.getNodeParameter(\n\t\t'authentication',\n\t\titemIndex,\n\t) as McpAuthenticationOption;\n\tconst timeout = ctx.getNodeParameter('options.timeout', itemIndex, 60000) as number;\n\n\tlet serverTransport: McpServerTransport;\n\tlet endpointUrl: string;\n\tif (node.typeVersion === 1) {\n\t\tserverTransport = 'sse';\n\t\tendpointUrl = ctx.getNodeParameter('sseEndpoint', itemIndex) as string;\n\t} else {\n\t\tserverTransport = ctx.getNodeParameter('serverTransport', itemIndex) as McpServerTransport;\n\t\tendpointUrl = ctx.getNodeParameter('endpointUrl', itemIndex) as string;\n\t}\n\n\tconst mode = ctx.getNodeParameter('include', itemIndex) as McpToolIncludeMode;\n\tconst includeTools = ctx.getNodeParameter('includeTools', itemIndex, []) as string[];\n\tconst excludeTools = ctx.getNodeParameter('excludeTools', itemIndex, []) as string[];\n\n\treturn {\n\t\tauthentication,\n\t\ttimeout,\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\tmode,\n\t\tincludeTools,\n\t\texcludeTools,\n\t};\n}\n\n/\n Connect to MCP server and get filtered tools\n */\nasync function connectAndGetTools(\n\tctx: ISupplyDataFunctions \| IExecuteFunctions,\n\tconfig: ReturnType<typeof getNodeConfig>,\n) {\n\tconst node = ctx.getNode();\n\tconst { headers } = await getAuthHeaders(ctx, config.authentication);\n\n\tconst client = await connectMcpClient({\n\t\tserverTransport: config.serverTransport,\n\t\tendpointUrl: config.endpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tonUnauthorized: async (headers) =>\n\t\t\tawait tryRefreshOAuth2Token(ctx, config.authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\treturn { client, mcpTools: null, error: client.error };\n\t}\n\n\tconst allTools = await getAllTools(client.result);\n\tconst mcpTools = getSelectedTools({\n\t\ttools: allTools,\n\t\tmode: config.mode,\n\t\tincludeTools: config.includeTools,\n\t\texcludeTools: config.excludeTools,\n\t});\n\n\treturn { client: client.result, mcpTools, error: null };\n}\n\nexport class McpClientTool implements INodeType {\n\tdescription: INodeTypeDescription = {\n\t\tdisplayName: 'MCP Client Tool',\n\t\tname: 'mcpClientTool',\n\t\ticon: {\n\t\t\tlight: 'file:../mcp.svg',\n\t\t\tdark: 'file:../mcp.dark.svg',\n\t\t},\n\t\tgroup: ['output'],\n\t\tversion: [1, 1.1, 1.2],\n\t\tdescription: 'Connect tools from an MCP Server',\n\t\tdefaults: {\n\t\t\tname: 'MCP Client',\n\t\t},\n\t\tcodex: {\n\t\t\tcategories: ['AI'],\n\t\t\tsubcategories: {\n\t\t\t\tAI: ['Model Context Protocol', 'Tools'],\n\t\t\t},\n\t\t\talias: ['Model Context Protocol', 'MCP Client'],\n\t\t\tresources: {\n\t\t\t\tprimaryDocumentation: [\n\t\t\t\t\t{\n\t\t\t\t\t\turl: 'https://docs.n8n.io/integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.toolmcp/',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t},\n\t\tinputs: [],\n\t\toutputs: [{ type: NodeConnectionTypes.AiTool, displayName: 'Tools' }],\n\t\tcredentials,\n\t\tproperties: [\n\t\t\tgetConnectionHintNoticeField([NodeConnectionTypes.AiAgent]),\n\t\t\t{\n\t\t\t\tdisplayName: 'SSE Endpoint',\n\t\t\t\tname: 'sseEndpoint',\n\t\t\t\ttype: 'string',\n\t\t\t\tdescription: 'SSE Endpoint of your MCP server',\n\t\t\t\tplaceholder: 'e.g. https://my-mcp-server.ai/sse',\n\t\t\t\tdefault: '',\n\t\t\t\trequired: true,\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [1],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Endpoint',\n\t\t\t\tname: 'endpointUrl',\n\t\t\t\ttype: 'string',\n\t\t\t\tdescription: 'Endpoint of your MCP server',\n\t\t\t\tplaceholder: 'e.g. https://my-mcp-server.ai/mcp',\n\t\t\t\tdefault: '',\n\t\t\t\trequired: true,\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { gte: 1.1 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\ttransportSelect({\n\t\t\t\tdefaultOption: 'sse',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [1.1],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\ttransportSelect({\n\t\t\t\tdefaultOption: 'httpStreamable',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { gte: 1.2 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\t{\n\t\t\t\tdisplayName: 'Authentication',\n\t\t\t\tname: 'authentication',\n\t\t\t\ttype: 'options',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Bearer Auth',\n\t\t\t\t\t\tvalue: 'bearerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Header Auth',\n\t\t\t\t\t\tvalue: 'headerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'None',\n\t\t\t\t\t\tvalue: 'none',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tdefault: 'none',\n\t\t\t\tdescription: 'The way to authenticate with your endpoint',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { lt: 1.2 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Authentication',\n\t\t\t\tname: 'authentication',\n\t\t\t\ttype: 'options',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Bearer Auth',\n\t\t\t\t\t\tvalue: 'bearerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Header Auth',\n\t\t\t\t\t\tvalue: 'headerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'MCP OAuth2',\n\t\t\t\t\t\tvalue: 'mcpOAuth2Api',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Multiple Headers Auth',\n\t\t\t\t\t\tvalue: 'multipleHeadersAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'None',\n\t\t\t\t\t\tvalue: 'none',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tdefault: 'none',\n\t\t\t\tdescription: 'The way to authenticate with your endpoint',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { gte: 1.2 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Credentials',\n\t\t\t\tname: 'credentials',\n\t\t\t\ttype: 'credentials',\n\t\t\t\tdefault: '',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tauthentication: ['headerAuth', 'bearerAuth', 'mcpOAuth2Api', 'multipleHeadersAuth'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tools to Include',\n\t\t\t\tname: 'include',\n\t\t\t\ttype: 'options',\n\t\t\t\tdescription: 'How to select the tools you want to be exposed to the AI Agent',\n\t\t\t\tdefault: 'all',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'All',\n\t\t\t\t\t\tvalue: 'all',\n\t\t\t\t\t\tdescription: 'Also include all unchanged fields from the input',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Selected',\n\t\t\t\t\t\tvalue: 'selected',\n\t\t\t\t\t\tdescription: 'Also include the tools listed in the parameter \"Tools to Include\"',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'All Except',\n\t\t\t\t\t\tvalue: 'except',\n\t\t\t\t\t\tdescription: 'Exclude the tools listed in the parameter \"Tools to Exclude\"',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tools to Include',\n\t\t\t\tname: 'includeTools',\n\t\t\t\ttype: 'multiOptions',\n\t\t\t\tdefault: [],\n\t\t\t\tdescription:\n\t\t\t\t\t'Choose from the list, or specify IDs using an <a href=\"https://docs.n8n.io/code/expressions/\">expression</a>',\n\t\t\t\ttypeOptions: {\n\t\t\t\t\tloadOptionsMethod: 'getTools',\n\t\t\t\t\tloadOptionsDependsOn: ['sseEndpoint'],\n\t\t\t\t},\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinclude: ['selected'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tools to Exclude',\n\t\t\t\tname: 'excludeTools',\n\t\t\t\ttype: 'multiOptions',\n\t\t\t\tdefault: [],\n\t\t\t\tdescription:\n\t\t\t\t\t'Choose from the list, or specify IDs using an <a href=\"https://docs.n8n.io/code/expressions/\">expression</a>',\n\t\t\t\ttypeOptions: {\n\t\t\t\t\tloadOptionsMethod: 'getTools',\n\t\t\t\t},\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinclude: ['except'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Options',\n\t\t\t\tname: 'options',\n\t\t\t\tplaceholder: 'Add Option',\n\t\t\t\tdescription: 'Additional options to add',\n\t\t\t\ttype: 'collection',\n\t\t\t\tdefault: {},\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'Timeout',\n\t\t\t\t\t\tname: 'timeout',\n\t\t\t\t\t\ttype: 'number',\n\t\t\t\t\t\ttypeOptions: {\n\t\t\t\t\t\t\tminValue: 1,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tdefault: 60000,\n\t\t\t\t\t\tdescription: 'Time in ms to wait for tool calls to finish',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t};\n\n\tmethods = {\n\t\tloadOptions: {\n\t\t\tgetTools,\n\t\t},\n\t};\n\n\tasync supplyData(this: ISupplyDataFunctions, itemIndex: number): Promise<SupplyData> {\n\t\tconst node = this.getNode();\n\t\tconst config = getNodeConfig(this, itemIndex);\n\n\t\tconst setError = (error: NodeOperationError): SupplyData => {\n\t\t\tthis.addOutputData(NodeConnectionTypes.AiTool, itemIndex, error);\n\t\t\tthrow error;\n\t\t};\n\n\t\tconst { client, mcpTools, error } = await connectAndGetTools(this, config);\n\n\t\tif (error) {\n\t\t\tthis.logger.error('McpClientTool: Failed to connect to MCP Server', { error });\n\t\t\treturn setError(mapToNodeOperationError(node, error));\n\t\t}\n\n\t\tthis.logger.debug('McpClientTool: Successfully connected to MCP Server');\n\n\t\tif (!mcpTools?.length) {\n\t\t\treturn setError(\n\t\t\t\tnew NodeOperationError(node, 'MCP Server returned no tools', {\n\t\t\t\t\titemIndex,\n\t\t\t\t\tdescription:\n\t\t\t\t\t\t'Connected successfully to your MCP server but it returned an empty list of tools.',\n\t\t\t\t}),\n\t\t\t);\n\t\t}\n\n\t\tconst tools = mcpTools.map((tool) =>\n\t\t\tlogWrapper(\n\t\t\t\tmcpToolToDynamicTool(\n\t\t\t\t\ttool,\n\t\t\t\t\tcreateCallTool(tool.name, client, config.timeout, (errorMessage) => {\n\t\t\t\t\t\tconst error = new NodeOperationError(node, errorMessage, { itemIndex });\n\t\t\t\t\t\tvoid this.addOutputData(NodeConnectionTypes.AiTool, itemIndex, error);\n\t\t\t\t\t\tthis.logger.error(`McpClientTool: Tool \"${tool.name}\" failed to execute`, { error });\n\t\t\t\t\t}),\n\t\t\t\t),\n\t\t\t\tthis,\n\t\t\t),\n\t\t);\n\n\t\tthis.logger.debug(`McpClientTool: Connected to MCP Server with ${tools.length} tools`);\n\n\t\tconst toolkit = new McpToolkit(tools);\n\n\t\treturn { response: toolkit, closeFunction: async () => await client.close() };\n\t}\n\n\tasync execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {\n\t\tconst node = this.getNode();\n\t\tconst items = this.getInputData();\n\t\tconst returnData: INodeExecutionData[] = [];\n\n\t\tfor (let itemIndex = 0; itemIndex < items.length; itemIndex++) {\n\t\t\tconst item = items[itemIndex];\n\t\t\tconst config = getNodeConfig(this, itemIndex);\n\n\t\t\tconst { client, mcpTools, error } = await connectAndGetTools(this, config);\n\n\t\t\tif (error) {\n\t\t\t\tthrow new NodeOperationError(node, error.error, { itemIndex });\n\t\t\t}\n\n\t\t\tif (!mcpTools?.length) {\n\t\t\t\tthrow new NodeOperationError(node, 'MCP Server returned no tools', { itemIndex });\n\t\t\t}\n\n\t\t\tfor (const tool of mcpTools) {\n\t\t\t\t// Check for tool name in item.json.tool (for toolkit execution from agent)\n\t\t\t\t// or item.tool (for direct execution)\n\t\t\t\tif (!item.json.tool \|\| typeof item.json.tool !== 'string') {\n\t\t\t\t\tthrow new NodeOperationError(node, 'Tool name not found in item.json.tool or item.tool', {\n\t\t\t\t\t\titemIndex,\n\t\t\t\t\t});\n\t\t\t\t}\n\n\t\t\t\tconst toolName = item.json.tool;\n\t\t\t\tif (toolName === tool.name) {\n\t\t\t\t\t// Extract the tool name from arguments before passing to MCP\n\t\t\t\t\tconst { tool: _, ...toolArguments } = item.json;\n\t\t\t\t\tconst schema: JSONSchema7 = tool.inputSchema;\n\t\t\t\t\t// When additionalProperties is not explicitly true, filter to schema-defined properties.\n\t\t\t\t\t// Otherwise, pass all arguments through\n\t\t\t\t\tconst sanitizedToolArguments: IDataObject =\n\t\t\t\t\t\tschema.additionalProperties !== true\n\t\t\t\t\t\t\t? pick(toolArguments, Object.keys(schema.properties ?? {}))\n\t\t\t\t\t\t\t: toolArguments;\n\n\t\t\t\t\tconst params: {\n\t\t\t\t\t\tname: string;\n\t\t\t\t\t\targuments: IDataObject;\n\t\t\t\t\t} = {\n\t\t\t\t\t\tname: tool.name,\n\t\t\t\t\t\targuments: sanitizedToolArguments,\n\t\t\t\t\t};\n\t\t\t\t\tconst result = await client.callTool(params, CallToolResultSchema, {\n\t\t\t\t\t\ttimeout: config.timeout,\n\t\t\t\t\t});\n\t\t\t\t\treturnData.push({\n\t\t\t\t\t\tjson: {\n\t\t\t\t\t\t\tresponse: result.content as IDataObject,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpairedItem: {\n\t\t\t\t\t\t\titem: itemIndex,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\treturn [returnData];\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAqC;AACrC,0BAUO;AAEP,wBAA2B;AAC3B,0BAA6C;AAE7C,yBAAyB;AAEzB,mBAAmF;AACnF,0BAA6C;AAE7C,IAAAA,gBAMO;AAEP,kBAAiB;AAKjB,SAAS,cACR,KACA,WASC;AACD,QAAM,OAAO,IAAI,QAAQ;AACzB,QAAM,iBAAiB,IAAI;AAAA,IAC1B;AAAA,IACA;AAAA,EACD;AACA,QAAM,UAAU,IAAI,iBAAiB,mBAAmB,WAAW,GAAK;AAExE,MAAI;AACJ,MAAI;AACJ,MAAI,KAAK,gBAAgB,GAAG;AAC3B,sBAAkB;AAClB,kBAAc,IAAI,iBAAiB,eAAe,SAAS;AAAA,EAC5D,OAAO;AACN,sBAAkB,IAAI,iBAAiB,mBAAmB,SAAS;AACnE,kBAAc,IAAI,iBAAiB,eAAe,SAAS;AAAA,EAC5D;AAEA,QAAM,OAAO,IAAI,iBAAiB,WAAW,SAAS;AACtD,QAAM,eAAe,IAAI,iBAAiB,gBAAgB,WAAW,CAAC,CAAC;AACvE,QAAM,eAAe,IAAI,iBAAiB,gBAAgB,WAAW,CAAC,CAAC;AAEvE,SAAO;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD;AACD;AAKA,eAAe,mBACd,KACA,QACC;AACD,QAAM,OAAO,IAAI,QAAQ;AACzB,QAAM,EAAE,QAAQ,IAAI,UAAM,8BAAe,KAAK,OAAO,cAAc;AAEnE,QAAM,SAAS,UAAM,gCAAiB;AAAA,IACrC,iBAAiB,OAAO;AAAA,IACxB,aAAa,OAAO;AAAA,IACpB;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd,gBAAgB,OAAOC,aACtB,UAAM,qCAAsB,KAAK,OAAO,gBAAgBA,QAAO;AAAA,EACjE,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,WAAO,EAAE,QAAQ,UAAU,MAAM,OAAO,OAAO,MAAM;AAAA,EACtD;AAEA,QAAM,WAAW,UAAM,2BAAY,OAAO,MAAM;AAChD,QAAM,eAAW,+BAAiB;AAAA,IACjC,OAAO;AAAA,IACP,MAAM,OAAO;AAAA,IACb,cAAc,OAAO;AAAA,IACrB,cAAc,OAAO;AAAA,EACtB,CAAC;AAED,SAAO,EAAE,QAAQ,OAAO,QAAQ,UAAU,OAAO,KAAK;AACvD;AAEO,MAAM,cAAmC;AAAA,EAAzC;AACN,uBAAoC;AAAA,MACnC,aAAa;AAAA,MACb,MAAM;AAAA,MACN,MAAM;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MACP;AAAA,MACA,OAAO,CAAC,QAAQ;AAAA,MAChB,SAAS,CAAC,GAAG,KAAK,GAAG;AAAA,MACrB,aAAa;AAAA,MACb,UAAU;AAAA,QACT,MAAM;AAAA,MACP;AAAA,MACA,OAAO;AAAA,QACN,YAAY,CAAC,IAAI;AAAA,QACjB,eAAe;AAAA,UACd,IAAI,CAAC,0BAA0B,OAAO;AAAA,QACvC;AAAA,QACA,OAAO,CAAC,0BAA0B,YAAY;AAAA,QAC9C,WAAW;AAAA,UACV,sBAAsB;AAAA,YACrB;AAAA,cACC,KAAK;AAAA,YACN;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,MACA,QAAQ,CAAC;AAAA,MACT,SAAS,CAAC,EAAE,MAAM,wCAAoB,QAAQ,aAAa,QAAQ,CAAC;AAAA,MACpE;AAAA,MACA,YAAY;AAAA,YACX,kDAA6B,CAAC,wCAAoB,OAAO,CAAC;AAAA,QAC1D;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,SAAS;AAAA,UACT,UAAU;AAAA,UACV,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,CAAC;AAAA,YACf;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,SAAS;AAAA,UACT,UAAU;AAAA,UACV,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;AAAA,YACpC;AAAA,UACD;AAAA,QACD;AAAA,YACA,qCAAgB;AAAA,UACf,eAAe;AAAA,UACf,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,GAAG;AAAA,YACjB;AAAA,UACD;AAAA,QACD,CAAC;AAAA,YACD,qCAAgB;AAAA,UACf,eAAe;AAAA,UACf,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;AAAA,YACpC;AAAA,UACD;AAAA,QACD,CAAC;AAAA,QACD;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,UACD;AAAA,UACA,SAAS;AAAA,UACT,aAAa;AAAA,UACb,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;AAAA,YACnC;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,UACD;AAAA,UACA,SAAS;AAAA,UACT,aAAa;AAAA,UACb,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;AAAA,YACpC;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,gBAAgB,CAAC,cAAc,cAAc,gBAAgB,qBAAqB;AAAA,YACnF;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,UACT,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,aACC;AAAA,UACD,aAAa;AAAA,YACZ,mBAAmB;AAAA,YACnB,sBAAsB,CAAC,aAAa;AAAA,UACrC;AAAA,UACA,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,SAAS,CAAC,UAAU;AAAA,YACrB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,aACC;AAAA,UACD,aAAa;AAAA,YACZ,mBAAmB;AAAA,UACpB;AAAA,UACA,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,SAAS,CAAC,QAAQ;AAAA,YACnB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,SAAS;AAAA,YACR;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,aAAa;AAAA,gBACZ,UAAU;AAAA,cACX;AAAA,cACA,SAAS;AAAA,cACT,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAEA,mBAAU;AAAA,MACT,aAAa;AAAA,QACZ;AAAA,MACD;AAAA,IACD;AAAA;AAAA,EAEA,MAAM,WAAuC,WAAwC;AACpF,UAAM,OAAO,KAAK,QAAQ;AAC1B,UAAM,SAAS,cAAc,MAAM,SAAS;AAE5C,UAAM,WAAW,CAACC,WAA0C;AAC3D,WAAK,cAAc,wCAAoB,QAAQ,WAAWA,MAAK;AAC/D,YAAMA;AAAA,IACP;AAEA,UAAM,EAAE,QAAQ,UAAU,MAAM,IAAI,MAAM,mBAAmB,MAAM,MAAM;AAEzE,QAAI,OAAO;AACV,WAAK,OAAO,MAAM,kDAAkD,EAAE,MAAM,CAAC;AAC7E,aAAO,aAAS,uCAAwB,MAAM,KAAK,CAAC;AAAA,IACrD;AAEA,SAAK,OAAO,MAAM,qDAAqD;AAEvE,QAAI,CAAC,UAAU,QAAQ;AACtB,aAAO;AAAA,QACN,IAAI,uCAAmB,MAAM,gCAAgC;AAAA,UAC5D;AAAA,UACA,aACC;AAAA,QACF,CAAC;AAAA,MACF;AAAA,IACD;AAEA,UAAM,QAAQ,SAAS;AAAA,MAAI,CAAC,aAC3B;AAAA,YACC;AAAA,UACC;AAAA,cACA,6BAAe,KAAK,MAAM,QAAQ,OAAO,SAAS,CAAC,iBAAiB;AACnE,kBAAMA,SAAQ,IAAI,uCAAmB,MAAM,cAAc,EAAE,UAAU,CAAC;AACtE,iBAAK,KAAK,cAAc,wCAAoB,QAAQ,WAAWA,MAAK;AACpE,iBAAK,OAAO,MAAM,wBAAwB,KAAK,IAAI,uBAAuB,EAAE,OAAAA,OAAM,CAAC;AAAA,UACpF,CAAC;AAAA,QACF;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAEA,SAAK,OAAO,MAAM,+CAA+C,MAAM,MAAM,QAAQ;AAErF,UAAM,UAAU,IAAI,wBAAW,KAAK;AAEpC,WAAO,EAAE,UAAU,SAAS,eAAe,YAAY,MAAM,OAAO,MAAM,EAAE;AAAA,EAC7E;AAAA,EAEA,MAAM,UAAkE;AACvE,UAAM,OAAO,KAAK,QAAQ;AAC1B,UAAM,QAAQ,KAAK,aAAa;AAChC,UAAM,aAAmC,CAAC;AAE1C,aAAS,YAAY,GAAG,YAAY,MAAM,QAAQ,aAAa;AAC9D,YAAM,OAAO,MAAM,SAAS;AAC5B,YAAM,SAAS,cAAc,MAAM,SAAS;AAE5C,YAAM,EAAE,QAAQ,UAAU,MAAM,IAAI,MAAM,mBAAmB,MAAM,MAAM;AAEzE,UAAI,OAAO;AACV,cAAM,IAAI,uCAAmB,MAAM,MAAM,OAAO,EAAE,UAAU,CAAC;AAAA,MAC9D;AAEA,UAAI,CAAC,UAAU,QAAQ;AACtB,cAAM,IAAI,uCAAmB,MAAM,gCAAgC,EAAE,UAAU,CAAC;AAAA,MACjF;AAEA,iBAAW,QAAQ,UAAU;AAG5B,YAAI,CAAC,KAAK,KAAK,QAAQ,OAAO,KAAK,KAAK,SAAS,UAAU;AAC1D,gBAAM,IAAI,uCAAmB,MAAM,sDAAsD;AAAA,YACxF;AAAA,UACD,CAAC;AAAA,QACF;AAEA,cAAM,WAAW,KAAK,KAAK;AAC3B,YAAI,aAAa,KAAK,MAAM;AAE3B,gBAAM,EAAE,MAAM,GAAG,GAAG,cAAc,IAAI,KAAK;AAC3C,gBAAM,SAAsB,KAAK;AAGjC,gBAAM,yBACL,OAAO,yBAAyB,WAC7B,YAAAC,SAAK,eAAe,OAAO,KAAK,OAAO,cAAc,CAAC,CAAC,CAAC,IACxD;AAEJ,gBAAM,SAGF;AAAA,YACH,MAAM,KAAK;AAAA,YACX,WAAW;AAAA,UACZ;AACA,gBAAM,SAAS,MAAM,OAAO,SAAS,QAAQ,mCAAsB;AAAA,YAClE,SAAS,OAAO;AAAA,UACjB,CAAC;AACD,qBAAW,KAAK;AAAA,YACf,MAAM;AAAA,cACL,UAAU,OAAO;AAAA,YAClB;AAAA,YACA,YAAY;AAAA,cACX,MAAM;AAAA,YACP;AAAA,UACD,CAAC;AAAA,QACF;AAAA,MACD;AAAA,IACD;AAEA,WAAO,CAAC,UAAU;AAAA,EACnB;AACD;","names":["import_utils","headers","error","pick"]}
1	+ {"version":3,"sources":["../../../../nodes/mcp/McpClientTool/McpClientTool.node.ts"],"sourcesContent":["import { CallToolResultSchema } from '@modelcontextprotocol/sdk/types.js';\nimport {\n\ttype IDataObject,\n\ttype IExecuteFunctions,\n\ttype INodeExecutionData,\n\tNodeConnectionTypes,\n\tNodeOperationError,\n\ttype INodeType,\n\ttype INodeTypeDescription,\n\ttype ISupplyDataFunctions,\n\ttype SupplyData,\n} from 'n8n-workflow';\n\nimport { logWrapper } from '@utils/logWrapper';\nimport { getConnectionHintNoticeField } from '@utils/sharedFields';\n\nimport { getTools } from './loadOptions';\nimport type { McpToolIncludeMode } from './types';\nimport { createCallTool, getSelectedTools, McpToolkit, mcpToolToDynamicTool } from './utils';\nimport { credentials, transportSelect } from '../shared/descriptions';\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tassertCredentialAllowsUrl,\n\tconnectMcpClient,\n\tgetAllTools,\n\tgetAuthHeaders,\n\tmapToNodeOperationError,\n\ttryRefreshOAuth2Token,\n} from '../shared/utils';\nimport type { JSONSchema7 } from 'json-schema';\nimport pick from 'lodash/pick';\n\n/*\n Get node parameters for MCP client configuration\n /\nfunction getNodeConfig(\n\tctx: ISupplyDataFunctions \| IExecuteFunctions,\n\titemIndex: number,\n): {\n\tauthentication: McpAuthenticationOption;\n\ttimeout: number;\n\tserverTransport: McpServerTransport;\n\tendpointUrl: string;\n\tmode: McpToolIncludeMode;\n\tincludeTools: string[];\n\texcludeTools: string[];\n} {\n\tconst node = ctx.getNode();\n\tconst authentication = ctx.getNodeParameter(\n\t\t'authentication',\n\t\titemIndex,\n\t) as McpAuthenticationOption;\n\tconst timeout = ctx.getNodeParameter('options.timeout', itemIndex, 60000) as number;\n\n\tlet serverTransport: McpServerTransport;\n\tlet endpointUrl: string;\n\tif (node.typeVersion === 1) {\n\t\tserverTransport = 'sse';\n\t\tendpointUrl = ctx.getNodeParameter('sseEndpoint', itemIndex) as string;\n\t} else {\n\t\tserverTransport = ctx.getNodeParameter('serverTransport', itemIndex) as McpServerTransport;\n\t\tendpointUrl = ctx.getNodeParameter('endpointUrl', itemIndex) as string;\n\t}\n\n\tconst mode = ctx.getNodeParameter('include', itemIndex) as McpToolIncludeMode;\n\tconst includeTools = ctx.getNodeParameter('includeTools', itemIndex, []) as string[];\n\tconst excludeTools = ctx.getNodeParameter('excludeTools', itemIndex, []) as string[];\n\n\treturn {\n\t\tauthentication,\n\t\ttimeout,\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\tmode,\n\t\tincludeTools,\n\t\texcludeTools,\n\t};\n}\n\n/\n Connect to MCP server and get filtered tools\n */\nasync function connectAndGetTools(\n\tctx: ISupplyDataFunctions \| IExecuteFunctions,\n\tconfig: ReturnType<typeof getNodeConfig>,\n) {\n\tconst node = ctx.getNode();\n\tconst { headers, credentials } = await getAuthHeaders(ctx, config.authentication);\n\tconst allowedDomains = assertCredentialAllowsUrl(node, credentials, config.endpointUrl);\n\n\tconst client = await connectMcpClient({\n\t\tserverTransport: config.serverTransport,\n\t\tendpointUrl: config.endpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tallowedDomains,\n\t\tonUnauthorized: async (headers) =>\n\t\t\tawait tryRefreshOAuth2Token(ctx, config.authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\treturn { client, mcpTools: null, error: client.error };\n\t}\n\n\tconst allTools = await getAllTools(client.result);\n\tconst mcpTools = getSelectedTools({\n\t\ttools: allTools,\n\t\tmode: config.mode,\n\t\tincludeTools: config.includeTools,\n\t\texcludeTools: config.excludeTools,\n\t});\n\n\treturn { client: client.result, mcpTools, error: null };\n}\n\nexport class McpClientTool implements INodeType {\n\tdescription: INodeTypeDescription = {\n\t\tdisplayName: 'MCP Client Tool',\n\t\tname: 'mcpClientTool',\n\t\ticon: {\n\t\t\tlight: 'file:../mcp.svg',\n\t\t\tdark: 'file:../mcp.dark.svg',\n\t\t},\n\t\tgroup: ['output'],\n\t\tversion: [1, 1.1, 1.2],\n\t\tdescription: 'Connect tools from an MCP Server',\n\t\tdefaults: {\n\t\t\tname: 'MCP Client',\n\t\t},\n\t\tcodex: {\n\t\t\tcategories: ['AI'],\n\t\t\tsubcategories: {\n\t\t\t\tAI: ['Model Context Protocol', 'Tools'],\n\t\t\t},\n\t\t\talias: ['Model Context Protocol', 'MCP Client'],\n\t\t\tresources: {\n\t\t\t\tprimaryDocumentation: [\n\t\t\t\t\t{\n\t\t\t\t\t\turl: 'https://docs.n8n.io/integrations/builtin/cluster-nodes/sub-nodes/n8n-nodes-langchain.toolmcp/',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t},\n\t\tinputs: [],\n\t\toutputs: [{ type: NodeConnectionTypes.AiTool, displayName: 'Tools' }],\n\t\tcredentials,\n\t\tproperties: [\n\t\t\tgetConnectionHintNoticeField([NodeConnectionTypes.AiAgent]),\n\t\t\t{\n\t\t\t\tdisplayName: 'SSE Endpoint',\n\t\t\t\tname: 'sseEndpoint',\n\t\t\t\ttype: 'string',\n\t\t\t\tdescription: 'SSE Endpoint of your MCP server',\n\t\t\t\tplaceholder: 'e.g. https://my-mcp-server.ai/sse',\n\t\t\t\tdefault: '',\n\t\t\t\trequired: true,\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [1],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Endpoint',\n\t\t\t\tname: 'endpointUrl',\n\t\t\t\ttype: 'string',\n\t\t\t\tdescription: 'Endpoint of your MCP server',\n\t\t\t\tplaceholder: 'e.g. https://my-mcp-server.ai/mcp',\n\t\t\t\tdefault: '',\n\t\t\t\trequired: true,\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { gte: 1.1 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\ttransportSelect({\n\t\t\t\tdefaultOption: 'sse',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [1.1],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\ttransportSelect({\n\t\t\t\tdefaultOption: 'httpStreamable',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { gte: 1.2 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t}),\n\t\t\t{\n\t\t\t\tdisplayName: 'Authentication',\n\t\t\t\tname: 'authentication',\n\t\t\t\ttype: 'options',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Bearer Auth',\n\t\t\t\t\t\tvalue: 'bearerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Header Auth',\n\t\t\t\t\t\tvalue: 'headerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'None',\n\t\t\t\t\t\tvalue: 'none',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tdefault: 'none',\n\t\t\t\tdescription: 'The way to authenticate with your endpoint',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { lt: 1.2 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Authentication',\n\t\t\t\tname: 'authentication',\n\t\t\t\ttype: 'options',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Bearer Auth',\n\t\t\t\t\t\tvalue: 'bearerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Header Auth',\n\t\t\t\t\t\tvalue: 'headerAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'MCP OAuth2',\n\t\t\t\t\t\tvalue: 'mcpOAuth2Api',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Multiple Headers Auth',\n\t\t\t\t\t\tvalue: 'multipleHeadersAuth',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'None',\n\t\t\t\t\t\tvalue: 'none',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t\tdefault: 'none',\n\t\t\t\tdescription: 'The way to authenticate with your endpoint',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\t'@version': [{ _cnd: { gte: 1.2 } }],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Credentials',\n\t\t\t\tname: 'credentials',\n\t\t\t\ttype: 'credentials',\n\t\t\t\tdefault: '',\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tauthentication: ['headerAuth', 'bearerAuth', 'mcpOAuth2Api', 'multipleHeadersAuth'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tools to Include',\n\t\t\t\tname: 'include',\n\t\t\t\ttype: 'options',\n\t\t\t\tdescription: 'How to select the tools you want to be exposed to the AI Agent',\n\t\t\t\tdefault: 'all',\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'All',\n\t\t\t\t\t\tvalue: 'all',\n\t\t\t\t\t\tdescription: 'Also include all unchanged fields from the input',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'Selected',\n\t\t\t\t\t\tvalue: 'selected',\n\t\t\t\t\t\tdescription: 'Also include the tools listed in the parameter \"Tools to Include\"',\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\tname: 'All Except',\n\t\t\t\t\t\tvalue: 'except',\n\t\t\t\t\t\tdescription: 'Exclude the tools listed in the parameter \"Tools to Exclude\"',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tools to Include',\n\t\t\t\tname: 'includeTools',\n\t\t\t\ttype: 'multiOptions',\n\t\t\t\tdefault: [],\n\t\t\t\tdescription:\n\t\t\t\t\t'Choose from the list, or specify IDs using an <a href=\"https://docs.n8n.io/code/expressions/\">expression</a>',\n\t\t\t\ttypeOptions: {\n\t\t\t\t\tloadOptionsMethod: 'getTools',\n\t\t\t\t\tloadOptionsDependsOn: ['sseEndpoint'],\n\t\t\t\t},\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinclude: ['selected'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Tools to Exclude',\n\t\t\t\tname: 'excludeTools',\n\t\t\t\ttype: 'multiOptions',\n\t\t\t\tdefault: [],\n\t\t\t\tdescription:\n\t\t\t\t\t'Choose from the list, or specify IDs using an <a href=\"https://docs.n8n.io/code/expressions/\">expression</a>',\n\t\t\t\ttypeOptions: {\n\t\t\t\t\tloadOptionsMethod: 'getTools',\n\t\t\t\t},\n\t\t\t\tdisplayOptions: {\n\t\t\t\t\tshow: {\n\t\t\t\t\t\tinclude: ['except'],\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t{\n\t\t\t\tdisplayName: 'Options',\n\t\t\t\tname: 'options',\n\t\t\t\tplaceholder: 'Add Option',\n\t\t\t\tdescription: 'Additional options to add',\n\t\t\t\ttype: 'collection',\n\t\t\t\tdefault: {},\n\t\t\t\toptions: [\n\t\t\t\t\t{\n\t\t\t\t\t\tdisplayName: 'Timeout',\n\t\t\t\t\t\tname: 'timeout',\n\t\t\t\t\t\ttype: 'number',\n\t\t\t\t\t\ttypeOptions: {\n\t\t\t\t\t\t\tminValue: 1,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tdefault: 60000,\n\t\t\t\t\t\tdescription: 'Time in ms to wait for tool calls to finish',\n\t\t\t\t\t},\n\t\t\t\t],\n\t\t\t},\n\t\t],\n\t};\n\n\tmethods = {\n\t\tloadOptions: {\n\t\t\tgetTools,\n\t\t},\n\t};\n\n\tasync supplyData(this: ISupplyDataFunctions, itemIndex: number): Promise<SupplyData> {\n\t\tconst node = this.getNode();\n\t\tconst config = getNodeConfig(this, itemIndex);\n\n\t\tconst setError = (error: NodeOperationError): SupplyData => {\n\t\t\tthis.addOutputData(NodeConnectionTypes.AiTool, itemIndex, error);\n\t\t\tthrow error;\n\t\t};\n\n\t\tconst { client, mcpTools, error } = await connectAndGetTools(this, config);\n\n\t\tif (error) {\n\t\t\tthis.logger.error('McpClientTool: Failed to connect to MCP Server', { error });\n\t\t\treturn setError(mapToNodeOperationError(node, error));\n\t\t}\n\n\t\tthis.logger.debug('McpClientTool: Successfully connected to MCP Server');\n\n\t\tif (!mcpTools?.length) {\n\t\t\treturn setError(\n\t\t\t\tnew NodeOperationError(node, 'MCP Server returned no tools', {\n\t\t\t\t\titemIndex,\n\t\t\t\t\tdescription:\n\t\t\t\t\t\t'Connected successfully to your MCP server but it returned an empty list of tools.',\n\t\t\t\t}),\n\t\t\t);\n\t\t}\n\n\t\tconst tools = mcpTools.map((tool) =>\n\t\t\tlogWrapper(\n\t\t\t\tmcpToolToDynamicTool(\n\t\t\t\t\ttool,\n\t\t\t\t\tcreateCallTool(tool.name, client, config.timeout, (errorMessage) => {\n\t\t\t\t\t\tconst error = new NodeOperationError(node, errorMessage, { itemIndex });\n\t\t\t\t\t\tvoid this.addOutputData(NodeConnectionTypes.AiTool, itemIndex, error);\n\t\t\t\t\t\tthis.logger.error(`McpClientTool: Tool \"${tool.name}\" failed to execute`, { error });\n\t\t\t\t\t}),\n\t\t\t\t),\n\t\t\t\tthis,\n\t\t\t),\n\t\t);\n\n\t\tthis.logger.debug(`McpClientTool: Connected to MCP Server with ${tools.length} tools`);\n\n\t\tconst toolkit = new McpToolkit(tools);\n\n\t\treturn { response: toolkit, closeFunction: async () => await client.close() };\n\t}\n\n\tasync execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {\n\t\tconst node = this.getNode();\n\t\tconst items = this.getInputData();\n\t\tconst returnData: INodeExecutionData[] = [];\n\n\t\tfor (let itemIndex = 0; itemIndex < items.length; itemIndex++) {\n\t\t\tconst item = items[itemIndex];\n\t\t\tconst config = getNodeConfig(this, itemIndex);\n\n\t\t\tconst { client, mcpTools, error } = await connectAndGetTools(this, config);\n\n\t\t\tif (error) {\n\t\t\t\tthrow new NodeOperationError(node, error.error, { itemIndex });\n\t\t\t}\n\n\t\t\tif (!mcpTools?.length) {\n\t\t\t\tthrow new NodeOperationError(node, 'MCP Server returned no tools', { itemIndex });\n\t\t\t}\n\n\t\t\tfor (const tool of mcpTools) {\n\t\t\t\t// Check for tool name in item.json.tool (for toolkit execution from agent)\n\t\t\t\t// or item.tool (for direct execution)\n\t\t\t\tif (!item.json.tool \|\| typeof item.json.tool !== 'string') {\n\t\t\t\t\tthrow new NodeOperationError(node, 'Tool name not found in item.json.tool or item.tool', {\n\t\t\t\t\t\titemIndex,\n\t\t\t\t\t});\n\t\t\t\t}\n\n\t\t\t\tconst toolName = item.json.tool;\n\t\t\t\tif (toolName === tool.name) {\n\t\t\t\t\t// Extract the tool name from arguments before passing to MCP\n\t\t\t\t\tconst { tool: _, ...toolArguments } = item.json;\n\t\t\t\t\tconst schema: JSONSchema7 = tool.inputSchema;\n\t\t\t\t\t// When additionalProperties is not explicitly true, filter to schema-defined properties.\n\t\t\t\t\t// Otherwise, pass all arguments through\n\t\t\t\t\tconst sanitizedToolArguments: IDataObject =\n\t\t\t\t\t\tschema.additionalProperties !== true\n\t\t\t\t\t\t\t? pick(toolArguments, Object.keys(schema.properties ?? {}))\n\t\t\t\t\t\t\t: toolArguments;\n\n\t\t\t\t\tconst params: {\n\t\t\t\t\t\tname: string;\n\t\t\t\t\t\targuments: IDataObject;\n\t\t\t\t\t} = {\n\t\t\t\t\t\tname: tool.name,\n\t\t\t\t\t\targuments: sanitizedToolArguments,\n\t\t\t\t\t};\n\t\t\t\t\tconst result = await client.callTool(params, CallToolResultSchema, {\n\t\t\t\t\t\ttimeout: config.timeout,\n\t\t\t\t\t});\n\t\t\t\t\treturnData.push({\n\t\t\t\t\t\tjson: {\n\t\t\t\t\t\t\tresponse: result.content as IDataObject,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tpairedItem: {\n\t\t\t\t\t\t\titem: itemIndex,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\treturn [returnData];\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAqC;AACrC,0BAUO;AAEP,wBAA2B;AAC3B,0BAA6C;AAE7C,yBAAyB;AAEzB,mBAAmF;AACnF,0BAA6C;AAE7C,IAAAA,gBAOO;AAEP,kBAAiB;AAKjB,SAAS,cACR,KACA,WASC;AACD,QAAM,OAAO,IAAI,QAAQ;AACzB,QAAM,iBAAiB,IAAI;AAAA,IAC1B;AAAA,IACA;AAAA,EACD;AACA,QAAM,UAAU,IAAI,iBAAiB,mBAAmB,WAAW,GAAK;AAExE,MAAI;AACJ,MAAI;AACJ,MAAI,KAAK,gBAAgB,GAAG;AAC3B,sBAAkB;AAClB,kBAAc,IAAI,iBAAiB,eAAe,SAAS;AAAA,EAC5D,OAAO;AACN,sBAAkB,IAAI,iBAAiB,mBAAmB,SAAS;AACnE,kBAAc,IAAI,iBAAiB,eAAe,SAAS;AAAA,EAC5D;AAEA,QAAM,OAAO,IAAI,iBAAiB,WAAW,SAAS;AACtD,QAAM,eAAe,IAAI,iBAAiB,gBAAgB,WAAW,CAAC,CAAC;AACvE,QAAM,eAAe,IAAI,iBAAiB,gBAAgB,WAAW,CAAC,CAAC;AAEvE,SAAO;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACD;AACD;AAKA,eAAe,mBACd,KACA,QACC;AACD,QAAM,OAAO,IAAI,QAAQ;AACzB,QAAM,EAAE,SAAS,aAAAC,aAAY,IAAI,UAAM,8BAAe,KAAK,OAAO,cAAc;AAChF,QAAM,qBAAiB,yCAA0B,MAAMA,cAAa,OAAO,WAAW;AAEtF,QAAM,SAAS,UAAM,gCAAiB;AAAA,IACrC,iBAAiB,OAAO;AAAA,IACxB,aAAa,OAAO;AAAA,IACpB;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd;AAAA,IACA,gBAAgB,OAAOC,aACtB,UAAM,qCAAsB,KAAK,OAAO,gBAAgBA,QAAO;AAAA,EACjE,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,WAAO,EAAE,QAAQ,UAAU,MAAM,OAAO,OAAO,MAAM;AAAA,EACtD;AAEA,QAAM,WAAW,UAAM,2BAAY,OAAO,MAAM;AAChD,QAAM,eAAW,+BAAiB;AAAA,IACjC,OAAO;AAAA,IACP,MAAM,OAAO;AAAA,IACb,cAAc,OAAO;AAAA,IACrB,cAAc,OAAO;AAAA,EACtB,CAAC;AAED,SAAO,EAAE,QAAQ,OAAO,QAAQ,UAAU,OAAO,KAAK;AACvD;AAEO,MAAM,cAAmC;AAAA,EAAzC;AACN,uBAAoC;AAAA,MACnC,aAAa;AAAA,MACb,MAAM;AAAA,MACN,MAAM;AAAA,QACL,OAAO;AAAA,QACP,MAAM;AAAA,MACP;AAAA,MACA,OAAO,CAAC,QAAQ;AAAA,MAChB,SAAS,CAAC,GAAG,KAAK,GAAG;AAAA,MACrB,aAAa;AAAA,MACb,UAAU;AAAA,QACT,MAAM;AAAA,MACP;AAAA,MACA,OAAO;AAAA,QACN,YAAY,CAAC,IAAI;AAAA,QACjB,eAAe;AAAA,UACd,IAAI,CAAC,0BAA0B,OAAO;AAAA,QACvC;AAAA,QACA,OAAO,CAAC,0BAA0B,YAAY;AAAA,QAC9C,WAAW;AAAA,UACV,sBAAsB;AAAA,YACrB;AAAA,cACC,KAAK;AAAA,YACN;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,MACA,QAAQ,CAAC;AAAA,MACT,SAAS,CAAC,EAAE,MAAM,wCAAoB,QAAQ,aAAa,QAAQ,CAAC;AAAA,MACpE;AAAA,MACA,YAAY;AAAA,YACX,kDAA6B,CAAC,wCAAoB,OAAO,CAAC;AAAA,QAC1D;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,SAAS;AAAA,UACT,UAAU;AAAA,UACV,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,CAAC;AAAA,YACf;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,SAAS;AAAA,UACT,UAAU;AAAA,UACV,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;AAAA,YACpC;AAAA,UACD;AAAA,QACD;AAAA,YACA,qCAAgB;AAAA,UACf,eAAe;AAAA,UACf,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,GAAG;AAAA,YACjB;AAAA,UACD;AAAA,QACD,CAAC;AAAA,YACD,qCAAgB;AAAA,UACf,eAAe;AAAA,UACf,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;AAAA,YACpC;AAAA,UACD;AAAA,QACD,CAAC;AAAA,QACD;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,UACD;AAAA,UACA,SAAS;AAAA,UACT,aAAa;AAAA,UACb,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;AAAA,YACnC;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,YACR;AAAA,UACD;AAAA,UACA,SAAS;AAAA,UACT,aAAa;AAAA,UACb,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,YAAY,CAAC,EAAE,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;AAAA,YACpC;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS;AAAA,UACT,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,gBAAgB,CAAC,cAAc,cAAc,gBAAgB,qBAAqB;AAAA,YACnF;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,UACT,SAAS;AAAA,YACR;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,YACA;AAAA,cACC,MAAM;AAAA,cACN,OAAO;AAAA,cACP,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,aACC;AAAA,UACD,aAAa;AAAA,YACZ,mBAAmB;AAAA,YACnB,sBAAsB,CAAC,aAAa;AAAA,UACrC;AAAA,UACA,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,SAAS,CAAC,UAAU;AAAA,YACrB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,aACC;AAAA,UACD,aAAa;AAAA,YACZ,mBAAmB;AAAA,UACpB;AAAA,UACA,gBAAgB;AAAA,YACf,MAAM;AAAA,cACL,SAAS,CAAC,QAAQ;AAAA,YACnB;AAAA,UACD;AAAA,QACD;AAAA,QACA;AAAA,UACC,aAAa;AAAA,UACb,MAAM;AAAA,UACN,aAAa;AAAA,UACb,aAAa;AAAA,UACb,MAAM;AAAA,UACN,SAAS,CAAC;AAAA,UACV,SAAS;AAAA,YACR;AAAA,cACC,aAAa;AAAA,cACb,MAAM;AAAA,cACN,MAAM;AAAA,cACN,aAAa;AAAA,gBACZ,UAAU;AAAA,cACX;AAAA,cACA,SAAS;AAAA,cACT,aAAa;AAAA,YACd;AAAA,UACD;AAAA,QACD;AAAA,MACD;AAAA,IACD;AAEA,mBAAU;AAAA,MACT,aAAa;AAAA,QACZ;AAAA,MACD;AAAA,IACD;AAAA;AAAA,EAEA,MAAM,WAAuC,WAAwC;AACpF,UAAM,OAAO,KAAK,QAAQ;AAC1B,UAAM,SAAS,cAAc,MAAM,SAAS;AAE5C,UAAM,WAAW,CAACC,WAA0C;AAC3D,WAAK,cAAc,wCAAoB,QAAQ,WAAWA,MAAK;AAC/D,YAAMA;AAAA,IACP;AAEA,UAAM,EAAE,QAAQ,UAAU,MAAM,IAAI,MAAM,mBAAmB,MAAM,MAAM;AAEzE,QAAI,OAAO;AACV,WAAK,OAAO,MAAM,kDAAkD,EAAE,MAAM,CAAC;AAC7E,aAAO,aAAS,uCAAwB,MAAM,KAAK,CAAC;AAAA,IACrD;AAEA,SAAK,OAAO,MAAM,qDAAqD;AAEvE,QAAI,CAAC,UAAU,QAAQ;AACtB,aAAO;AAAA,QACN,IAAI,uCAAmB,MAAM,gCAAgC;AAAA,UAC5D;AAAA,UACA,aACC;AAAA,QACF,CAAC;AAAA,MACF;AAAA,IACD;AAEA,UAAM,QAAQ,SAAS;AAAA,MAAI,CAAC,aAC3B;AAAA,YACC;AAAA,UACC;AAAA,cACA,6BAAe,KAAK,MAAM,QAAQ,OAAO,SAAS,CAAC,iBAAiB;AACnE,kBAAMA,SAAQ,IAAI,uCAAmB,MAAM,cAAc,EAAE,UAAU,CAAC;AACtE,iBAAK,KAAK,cAAc,wCAAoB,QAAQ,WAAWA,MAAK;AACpE,iBAAK,OAAO,MAAM,wBAAwB,KAAK,IAAI,uBAAuB,EAAE,OAAAA,OAAM,CAAC;AAAA,UACpF,CAAC;AAAA,QACF;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAEA,SAAK,OAAO,MAAM,+CAA+C,MAAM,MAAM,QAAQ;AAErF,UAAM,UAAU,IAAI,wBAAW,KAAK;AAEpC,WAAO,EAAE,UAAU,SAAS,eAAe,YAAY,MAAM,OAAO,MAAM,EAAE;AAAA,EAC7E;AAAA,EAEA,MAAM,UAAkE;AACvE,UAAM,OAAO,KAAK,QAAQ;AAC1B,UAAM,QAAQ,KAAK,aAAa;AAChC,UAAM,aAAmC,CAAC;AAE1C,aAAS,YAAY,GAAG,YAAY,MAAM,QAAQ,aAAa;AAC9D,YAAM,OAAO,MAAM,SAAS;AAC5B,YAAM,SAAS,cAAc,MAAM,SAAS;AAE5C,YAAM,EAAE,QAAQ,UAAU,MAAM,IAAI,MAAM,mBAAmB,MAAM,MAAM;AAEzE,UAAI,OAAO;AACV,cAAM,IAAI,uCAAmB,MAAM,MAAM,OAAO,EAAE,UAAU,CAAC;AAAA,MAC9D;AAEA,UAAI,CAAC,UAAU,QAAQ;AACtB,cAAM,IAAI,uCAAmB,MAAM,gCAAgC,EAAE,UAAU,CAAC;AAAA,MACjF;AAEA,iBAAW,QAAQ,UAAU;AAG5B,YAAI,CAAC,KAAK,KAAK,QAAQ,OAAO,KAAK,KAAK,SAAS,UAAU;AAC1D,gBAAM,IAAI,uCAAmB,MAAM,sDAAsD;AAAA,YACxF;AAAA,UACD,CAAC;AAAA,QACF;AAEA,cAAM,WAAW,KAAK,KAAK;AAC3B,YAAI,aAAa,KAAK,MAAM;AAE3B,gBAAM,EAAE,MAAM,GAAG,GAAG,cAAc,IAAI,KAAK;AAC3C,gBAAM,SAAsB,KAAK;AAGjC,gBAAM,yBACL,OAAO,yBAAyB,WAC7B,YAAAC,SAAK,eAAe,OAAO,KAAK,OAAO,cAAc,CAAC,CAAC,CAAC,IACxD;AAEJ,gBAAM,SAGF;AAAA,YACH,MAAM,KAAK;AAAA,YACX,WAAW;AAAA,UACZ;AACA,gBAAM,SAAS,MAAM,OAAO,SAAS,QAAQ,mCAAsB;AAAA,YAClE,SAAS,OAAO;AAAA,UACjB,CAAC;AACD,qBAAW,KAAK;AAAA,YACf,MAAM;AAAA,cACL,UAAU,OAAO;AAAA,YAClB;AAAA,YACA,YAAY;AAAA,cACX,MAAM;AAAA,YACP;AAAA,UACD,CAAC;AAAA,QACF;AAAA,MACD;AAAA,IACD;AAEA,WAAO,CAAC,UAAU;AAAA,EACnB;AACD;","names":["import_utils","credentials","headers","error","pick"]}

package/dist/nodes/mcp/McpClientTool/loadOptions.js CHANGED Viewed

@@ -34,13 +34,15 @@ async function getTools() {
     serverTransport = this.getNodeParameter("serverTransport");
     endpointUrl = this.getNodeParameter("endpointUrl");
   }
-  const { headers } = await (0, import_utils.getAuthHeaders)(this, authentication);
+  const { headers, credentials } = await (0, import_utils.getAuthHeaders)(this, authentication);
+  const allowedDomains = (0, import_utils.assertCredentialAllowsUrl)(node, credentials, endpointUrl);
   const client = await (0, import_utils.connectMcpClient)({
     serverTransport,
     endpointUrl,
     headers,
     name: node.type,
     version: node.typeVersion,
+    allowedDomains,
     onUnauthorized: async (headers2) => await (0, import_utils.tryRefreshOAuth2Token)(this, authentication, headers2)
   });
   if (!client.ok) {

package/dist/nodes/mcp/McpClientTool/loadOptions.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../nodes/mcp/McpClientTool/loadOptions.ts"],"sourcesContent":["import { type ILoadOptionsFunctions, type INodePropertyOptions } from 'n8n-workflow';\n\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tconnectMcpClient,\n\tgetAllTools,\n\tgetAuthHeaders,\n\tmapToNodeOperationError,\n\ttryRefreshOAuth2Token,\n} from '../shared/utils';\n\nexport async function getTools(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {\n\tconst authentication = this.getNodeParameter('authentication') as McpAuthenticationOption;\n\tconst node = this.getNode();\n\tlet serverTransport: McpServerTransport;\n\tlet endpointUrl: string;\n\tif (node.typeVersion === 1) {\n\t\tserverTransport = 'sse';\n\t\tendpointUrl = this.getNodeParameter('sseEndpoint') as string;\n\t} else {\n\t\tserverTransport = this.getNodeParameter('serverTransport') as McpServerTransport;\n\t\tendpointUrl = this.getNodeParameter('endpointUrl') as string;\n\t}\n\tconst { headers } = await getAuthHeaders(this, authentication);\n\tconst client = await connectMcpClient({\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\tthrow mapToNodeOperationError(node, client.error);\n\t}\n\n\tconst tools = await getAllTools(client.result);\n\treturn tools.map((tool) => ({\n\t\tname: tool.name,\n\t\tvalue: tool.name,\n\t\tdescription: tool.description,\n\t\tinputSchema: tool.inputSchema,\n\t}));\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,~~mBAMO~~;AAEP,eAAsB,WAAuE;AAC5F,QAAM,iBAAiB,KAAK,iBAAiB,gBAAgB;AAC7D,QAAM,OAAO,KAAK,QAAQ;AAC1B,MAAI;AACJ,MAAI;AACJ,MAAI,KAAK,gBAAgB,GAAG;AAC3B,sBAAkB;AAClB,kBAAc,KAAK,iBAAiB,aAAa;AAAA,EAClD,OAAO;AACN,sBAAkB,KAAK,iBAAiB,iBAAiB;AACzD,kBAAc,KAAK,iBAAiB,aAAa;AAAA,EAClD;AACA,QAAM,EAAE,~~QAAQ~~,IAAI,UAAM,6BAAe,MAAM,cAAc;~~AAC7D~~,QAAM,SAAS,UAAM,+BAAiB;AAAA,IACrC;AAAA,IACA;AAAA,IACA;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd,gBAAgB,OAAOA,aAAY,UAAM,oCAAsB,MAAM,gBAAgBA,QAAO;AAAA,EAC7F,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,cAAM,sCAAwB,MAAM,OAAO,KAAK;AAAA,EACjD;AAEA,QAAM,QAAQ,UAAM,0BAAY,OAAO,MAAM;AAC7C,SAAO,MAAM,IAAI,CAAC,UAAU;AAAA,IAC3B,MAAM,KAAK;AAAA,IACX,OAAO,KAAK;AAAA,IACZ,aAAa,KAAK;AAAA,IAClB,aAAa,KAAK;AAAA,EACnB,EAAE;AACH;","names":["headers"]}
1	+ {"version":3,"sources":["../../../../nodes/mcp/McpClientTool/loadOptions.ts"],"sourcesContent":["import { type ILoadOptionsFunctions, type INodePropertyOptions } from 'n8n-workflow';\n\nimport type { McpAuthenticationOption, McpServerTransport } from '../shared/types';\nimport {\n\tassertCredentialAllowsUrl,\n\tconnectMcpClient,\n\tgetAllTools,\n\tgetAuthHeaders,\n\tmapToNodeOperationError,\n\ttryRefreshOAuth2Token,\n} from '../shared/utils';\n\nexport async function getTools(this: ILoadOptionsFunctions): Promise<INodePropertyOptions[]> {\n\tconst authentication = this.getNodeParameter('authentication') as McpAuthenticationOption;\n\tconst node = this.getNode();\n\tlet serverTransport: McpServerTransport;\n\tlet endpointUrl: string;\n\tif (node.typeVersion === 1) {\n\t\tserverTransport = 'sse';\n\t\tendpointUrl = this.getNodeParameter('sseEndpoint') as string;\n\t} else {\n\t\tserverTransport = this.getNodeParameter('serverTransport') as McpServerTransport;\n\t\tendpointUrl = this.getNodeParameter('endpointUrl') as string;\n\t}\n\tconst { headers, credentials } = await getAuthHeaders(this, authentication);\n\tconst allowedDomains = assertCredentialAllowsUrl(node, credentials, endpointUrl);\n\tconst client = await connectMcpClient({\n\t\tserverTransport,\n\t\tendpointUrl,\n\t\theaders,\n\t\tname: node.type,\n\t\tversion: node.typeVersion,\n\t\tallowedDomains,\n\t\tonUnauthorized: async (headers) => await tryRefreshOAuth2Token(this, authentication, headers),\n\t});\n\n\tif (!client.ok) {\n\t\tthrow mapToNodeOperationError(node, client.error);\n\t}\n\n\tconst tools = await getAllTools(client.result);\n\treturn tools.map((tool) => ({\n\t\tname: tool.name,\n\t\tvalue: tool.name,\n\t\tdescription: tool.description,\n\t\tinputSchema: tool.inputSchema,\n\t}));\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,mBAOO;AAEP,eAAsB,WAAuE;AAC5F,QAAM,iBAAiB,KAAK,iBAAiB,gBAAgB;AAC7D,QAAM,OAAO,KAAK,QAAQ;AAC1B,MAAI;AACJ,MAAI;AACJ,MAAI,KAAK,gBAAgB,GAAG;AAC3B,sBAAkB;AAClB,kBAAc,KAAK,iBAAiB,aAAa;AAAA,EAClD,OAAO;AACN,sBAAkB,KAAK,iBAAiB,iBAAiB;AACzD,kBAAc,KAAK,iBAAiB,aAAa;AAAA,EAClD;AACA,QAAM,EAAE,SAAS,YAAY,IAAI,UAAM,6BAAe,MAAM,cAAc;AAC1E,QAAM,qBAAiB,wCAA0B,MAAM,aAAa,WAAW;AAC/E,QAAM,SAAS,UAAM,+BAAiB;AAAA,IACrC;AAAA,IACA;AAAA,IACA;AAAA,IACA,MAAM,KAAK;AAAA,IACX,SAAS,KAAK;AAAA,IACd;AAAA,IACA,gBAAgB,OAAOA,aAAY,UAAM,oCAAsB,MAAM,gBAAgBA,QAAO;AAAA,EAC7F,CAAC;AAED,MAAI,CAAC,OAAO,IAAI;AACf,cAAM,sCAAwB,MAAM,OAAO,KAAK;AAAA,EACjD;AAEA,QAAM,QAAQ,UAAM,0BAAY,OAAO,MAAM;AAC7C,SAAO,MAAM,IAAI,CAAC,UAAU;AAAA,IAC3B,MAAM,KAAK;AAAA,IACX,OAAO,KAAK;AAAA,IACZ,aAAa,KAAK;AAAA,IAClB,aAAa,KAAK;AAAA,EACnB,EAAE;AACH;","names":["headers"]}

package/dist/nodes/mcp/shared/utils.js CHANGED Viewed

@@ -18,6 +18,7 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var utils_exports = {};
 __export(utils_exports, {
+  assertCredentialAllowsUrl: () => assertCredentialAllowsUrl,
   connectMcpClient: () => connectMcpClient,
   getAllTools: () => getAllTools,
   getAuthHeaders: () => getAuthHeaders,
@@ -29,6 +30,7 @@ var import_client = require("@modelcontextprotocol/sdk/client/index.js");
 var import_sse = require("@modelcontextprotocol/sdk/client/sse.js");
 var import_streamableHttp = require("@modelcontextprotocol/sdk/client/streamableHttp.js");
 var import_n8n_workflow = require("n8n-workflow");
+var import_follow_redirects = require("../../../utils/follow-redirects");
 var import_httpProxyAgent = require("../../../utils/httpProxyAgent");
 async function getAllTools(client, cursor) {
   const { tools, nextCursor } = await client.listTools({ cursor });
@@ -78,24 +80,40 @@ function mapToNodeOperationError(node, error) {
       });
   }
 }
+function createValidatingFetch(allowedDomains) {
+  return async (input, init) => {
+    const startUrl = input instanceof Request ? input.url : input;
+    return await (0, import_follow_redirects.fetchFollowingRedirects)(import_httpProxyAgent.proxyFetch, startUrl, init, {
+      onBeforeHop: (hopUrl) => {
+        if (allowedDomains && !(0, import_n8n_workflow.isDomainAllowed)(hopUrl, { allowedDomains })) {
+          throw new import_n8n_workflow.ApplicationError(
+            `Domain not allowed: This credential is restricted from accessing ${hopUrl}. Only the following domains are allowed: ${allowedDomains}`
+          );
+        }
+      }
+    });
+  };
+}
 async function connectMcpClient({
   headers,
   serverTransport,
   endpointUrl,
   name,
   version,
-  onUnauthorized
+  onUnauthorized,
+  allowedDomains
 }) {
   const endpoint = normalizeAndValidateUrl(endpointUrl);
   if (!endpoint.ok) {
     return (0, import_n8n_workflow.createResultError)({ type: "invalid_url", error: endpoint.error });
   }
+  const validatingFetch = createValidatingFetch(allowedDomains);
   const client = new import_client.Client({ name, version: version.toString() }, { capabilities: {} });
   if (serverTransport === "httpStreamable") {
     try {
       const transport = new import_streamableHttp.StreamableHTTPClientTransport(endpoint.result, {
         requestInit: { headers },
-        fetch: import_httpProxyAgent.proxyFetch
+        fetch: validatingFetch
       });
       await client.connect(transport);
       return (0, import_n8n_workflow.createResultOk)(client);
@@ -108,7 +126,8 @@ async function connectMcpClient({
             serverTransport,
             endpointUrl,
             name,
-            version
+            version,
+            allowedDomains
           });
         }
       }
@@ -122,7 +141,7 @@ async function connectMcpClient({
   try {
     const sseTransport = new import_sse.SSEClientTransport(endpoint.result, {
       eventSourceInit: {
-        fetch: async (url, init) => await (0, import_httpProxyAgent.proxyFetch)(url, {
+        fetch: async (url, init) => await validatingFetch(url, {
           ...init,
           headers: {
             ...headers,
@@ -130,7 +149,7 @@ async function connectMcpClient({
           }
         })
       },
-      fetch: import_httpProxyAgent.proxyFetch,
+      fetch: validatingFetch,
       requestInit: { headers }
     });
     await client.connect(sseTransport);
@@ -144,7 +163,8 @@ async function connectMcpClient({
           serverTransport,
           endpointUrl,
           name,
-          version
+          version,
+          allowedDomains
         });
       }
     }
@@ -158,33 +178,43 @@ async function connectMcpClient({
 async function getAuthHeaders(ctx, authentication) {
   switch (authentication) {
     case "headerAuth": {
-      const header = await ctx.getCredentials("httpHeaderAuth").catch(() => null);
-      if (!header) return {};
-      return { headers: { [header.name]: header.value } };
+      const credentials = await ctx.getCredentials("httpHeaderAuth").catch(() => null);
+      if (!credentials) return {};
+      return {
+        headers: { [credentials.name]: credentials.value },
+        credentials
+      };
     }
     case "bearerAuth": {
-      const result = await ctx.getCredentials("httpBearerAuth").catch(() => null);
-      if (!result) return {};
-      return { headers: { Authorization: `Bearer ${result.token}` } };
+      const credentials = await ctx.getCredentials("httpBearerAuth").catch(() => null);
+      if (!credentials) return {};
+      return {
+        headers: { Authorization: `Bearer ${credentials.token}` },
+        credentials
+      };
     }
     case "mcpOAuth2Api": {
-      const result = await ctx.getCredentials("mcpOAuth2Api").catch(() => null);
-      if (!result) return {};
-      return { headers: { Authorization: `Bearer ${result.oauthTokenData.access_token}` } };
+      const credentials = await ctx.getCredentials("mcpOAuth2Api").catch(() => null);
+      if (!credentials) return {};
+      return {
+        headers: { Authorization: `Bearer ${credentials.oauthTokenData.access_token}` },
+        credentials
+      };
     }
     case "multipleHeadersAuth": {
-      const result = await ctx.getCredentials(
+      const credentials = await ctx.getCredentials(
         "httpMultipleHeadersAuth"
       ).catch(() => null);
-      if (!result) return {};
+      if (!credentials) return {};
       return {
-        headers: result.headers.values.reduce(
+        headers: credentials.headers.values.reduce(
           (acc, cur) => {
             acc[cur.name] = cur.value;
             return acc;
           },
           {}
-        )
+        ),
+        credentials
       };
     }
     case "none":
@@ -193,6 +223,30 @@ async function getAuthHeaders(ctx, authentication) {
     }
   }
 }
+function assertCredentialAllowsUrl(node, credentials, url) {
+  if (!credentials) return void 0;
+  if (credentials.allowedHttpRequestDomains === "none") {
+    throw new import_n8n_workflow.NodeOperationError(
+      node,
+      "This credential is configured to prevent use within an MCP Client node"
+    );
+  }
+  if (credentials.allowedHttpRequestDomains !== "domains") return void 0;
+  const allowedDomains = typeof credentials.allowedDomains === "string" ? credentials.allowedDomains : "";
+  if (!allowedDomains || allowedDomains.trim() === "") {
+    throw new import_n8n_workflow.NodeOperationError(
+      node,
+      "No allowed domains specified. Configure allowed domains or change restriction setting."
+    );
+  }
+  if (!(0, import_n8n_workflow.isDomainAllowed)(url, { allowedDomains })) {
+    throw new import_n8n_workflow.NodeOperationError(
+      node,
+      `Domain not allowed: This credential is restricted from accessing ${url}. Only the following domains are allowed: ${allowedDomains}`
+    );
+  }
+  return allowedDomains;
+}
 async function tryRefreshOAuth2Token(ctx, authentication, headers) {
   if (authentication !== "mcpOAuth2Api") {
     return null;
@@ -222,6 +276,7 @@ async function tryRefreshOAuth2Token(ctx, authentication, headers) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  assertCredentialAllowsUrl,
   connectMcpClient,
   getAllTools,
   getAuthHeaders,

package/dist/nodes/mcp/shared/utils.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../nodes/mcp/shared/utils.ts"],"sourcesContent":["import { Client } from '@modelcontextprotocol/sdk/client/index.js';\nimport { SSEClientTransport } from '@modelcontextprotocol/sdk/client/sse.js';\nimport { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js';\nimport type { ClientOAuth2TokenData } from '@n8n/client-oauth2';\nimport type {\n\tIExecuteFunctions,\n\tILoadOptionsFunctions,\n\tINode,\n\tISupplyDataFunctions,\n\tResult,\n} from 'n8n-workflow';\nimport { createResultError, createResultOk, NodeOperationError } from 'n8n-workflow';\n\nimport { proxyFetch } from '@utils/httpProxyAgent';\n\nimport type { McpAuthenticationOption, McpServerTransport, McpTool } from './types';\n\nexport async function getAllTools(client: Client, cursor?: string): Promise<McpTool[]> {\n\tconst { tools, nextCursor } = await client.listTools({ cursor });\n\n\tif (nextCursor) {\n\t\treturn (tools as McpTool[]).concat(await getAllTools(client, nextCursor));\n\t}\n\n\treturn tools as McpTool[];\n}\n\nfunction safeCreateUrl(url: string, baseUrl?: string \| URL): Result<URL, Error> {\n\ttry {\n\t\treturn createResultOk(new URL(url, baseUrl));\n\t} catch (error) {\n\t\treturn createResultError(error);\n\t}\n}\n\nfunction normalizeAndValidateUrl(input: string): Result<URL, Error> {\n\tconst withProtocol = !/^https?:\\/\\//i.test(input) ? `https://${input}` : input;\n\tconst parsedUrl = safeCreateUrl(withProtocol);\n\n\tif (!parsedUrl.ok) {\n\t\treturn createResultError(parsedUrl.error);\n\t}\n\n\treturn parsedUrl;\n}\n\nfunction errorHasCode(error: unknown, code: number): boolean {\n\treturn (\n\t\t!!error &&\n\t\ttypeof error === 'object' &&\n\t\t(('code' in error && Number(error.code) === code) \|\|\n\t\t\t('message' in error &&\n\t\t\t\ttypeof error.message === 'string' &&\n\t\t\t\terror.message.includes(code.toString())))\n\t);\n}\n\nfunction isUnauthorizedError(error: unknown): boolean {\n\treturn errorHasCode(error, 401);\n}\n\nfunction isForbiddenError(error: unknown): boolean {\n\treturn errorHasCode(error, 403);\n}\n\ntype OnUnauthorizedHandler = (\n\theaders?: Record<string, string>,\n) => Promise<Record<string, string> \| null>;\n\ntype ConnectMcpClientError =\n\t\| { type: 'invalid_url'; error: Error }\n\t\| { type: 'connection'; error: Error }\n\t\| { type: 'auth'; error: Error };\n\nexport function mapToNodeOperationError(\n\tnode: INode,\n\terror: ConnectMcpClientError,\n): NodeOperationError {\n\tswitch (error.type) {\n\t\tcase 'invalid_url':\n\t\t\treturn new NodeOperationError(node, error.error, {\n\t\t\t\tmessage: 'Could not connect to your MCP server. The provided URL is invalid.',\n\t\t\t});\n\t\tcase 'auth':\n\t\t\treturn new NodeOperationError(node, error.error, {\n\t\t\t\tmessage: 'Could not connect to your MCP server. Authentication failed.',\n\t\t\t});\n\t\tcase 'connection':\n\t\tdefault:\n\t\t\treturn new NodeOperationError(node, error.error, {\n\t\t\t\tmessage: 'Could not connect to your MCP server',\n\t\t\t});\n\t}\n}\n\nexport async function connectMcpClient({\n\theaders,\n\tserverTransport,\n\tendpointUrl,\n\tname,\n\tversion,\n\tonUnauthorized,\n}: {\n\tserverTransport: McpServerTransport;\n\tendpointUrl: string;\n\theaders?: Record<string, string>;\n\tname: string;\n\tversion: number;\n\tonUnauthorized?: OnUnauthorizedHandler;\n}): Promise<Result<Client, ConnectMcpClientError>> {\n\tconst endpoint = normalizeAndValidateUrl(endpointUrl);\n\n\tif (!endpoint.ok) {\n\t\treturn createResultError({ type: 'invalid_url', error: endpoint.error });\n\t}\n\n\tconst client = new Client({ name, version: version.toString() }, { capabilities: {} });\n\n\tif (serverTransport === 'httpStreamable') {\n\t\ttry {\n\t\t\tconst transport = new StreamableHTTPClientTransport(endpoint.result, {\n\t\t\t\trequestInit: { headers },\n\t\t\t\tfetch: proxyFetch,\n\t\t\t});\n\t\t\tawait client.connect(transport);\n\t\t\treturn createResultOk(client);\n\t\t} catch (error) {\n\t\t\tif (onUnauthorized && isUnauthorizedError(error)) {\n\t\t\t\tconst newHeaders = await onUnauthorized(headers);\n\t\t\t\tif (newHeaders) {\n\t\t\t\t\t// Don't pass `onUnauthorized` to avoid possible infinite recursion\n\t\t\t\t\treturn await connectMcpClient({\n\t\t\t\t\t\theaders: newHeaders,\n\t\t\t\t\t\tserverTransport,\n\t\t\t\t\t\tendpointUrl,\n\t\t\t\t\t\tname,\n\t\t\t\t\t\tversion,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (isUnauthorizedError(error) \|\| isForbiddenError(error)) {\n\t\t\t\treturn createResultError({ type: 'auth', error: error as Error });\n\t\t\t} else {\n\t\t\t\treturn createResultError({ type: 'connection', error: error as Error });\n\t\t\t}\n\t\t}\n\t}\n\n\ttry {\n\t\tconst sseTransport = new SSEClientTransport(endpoint.result, {\n\t\t\teventSourceInit: {\n\t\t\t\tfetch: async (url, init) =>\n\t\t\t\t\tawait proxyFetch(url, {\n\t\t\t\t\t\t...init,\n\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\t...headers,\n\t\t\t\t\t\t\tAccept: 'text/event-stream',\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t},\n\t\t\tfetch: proxyFetch,\n\t\t\trequestInit: { headers },\n\t\t});\n\t\tawait client.connect(sseTransport);\n\t\treturn createResultOk(client);\n\t} catch (error) {\n\t\tif (onUnauthorized && isUnauthorizedError(error)) {\n\t\t\tconst newHeaders = await onUnauthorized(headers);\n\t\t\tif (newHeaders) {\n\t\t\t\t// Don't pass `onUnauthorized` to avoid possible infinite recursion\n\t\t\t\treturn await connectMcpClient({\n\t\t\t\t\theaders: newHeaders,\n\t\t\t\t\tserverTransport,\n\t\t\t\t\tendpointUrl,\n\t\t\t\t\tname,\n\t\t\t\t\tversion,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\n\t\tif (isUnauthorizedError(error) \|\| isForbiddenError(error)) {\n\t\t\treturn createResultError({ type: 'auth', error: error as Error });\n\t\t} else {\n\t\t\treturn createResultError({ type: 'connection', error: error as Error });\n\t\t}\n\t}\n}\n\nexport async function getAuthHeaders(\n\tctx: Pick<IExecuteFunctions, 'getCredentials'>,\n\tauthentication: McpAuthenticationOption,\n): Promise<{ headers?: Record<string, string> }> {\n\tswitch (authentication) {\n\t\tcase 'headerAuth': {\n\t\t\tconst header = await ctx\n\t\t\t\t.getCredentials<{ name: string; value: string }>('httpHeaderAuth')\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!header) return {};\n\n\t\t\treturn { headers: { [header.name]: header.value } };\n\t\t}\n\t\tcase 'bearerAuth': {\n\t\t\tconst result = await ctx\n\t\t\t\t.getCredentials<{ token: string }>('httpBearerAuth')\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!result) return {};\n\n\t\t\treturn { headers: { Authorization: `Bearer ${result.token}` } };\n\t\t}\n\t\tcase 'mcpOAuth2Api': {\n\t\t\tconst result = await ctx\n\t\t\t\t.getCredentials<{ oauthTokenData: { access_token: string } }>('mcpOAuth2Api')\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!result) return {};\n\n\t\t\treturn { headers: { Authorization: `Bearer ${result.oauthTokenData.access_token}` } };\n\t\t}\n\t\tcase 'multipleHeadersAuth': {\n\t\t\tconst result = await ctx\n\t\t\t\t.getCredentials<{ headers: { values: Array<{ name: string; value: string }> } }>(\n\t\t\t\t\t'httpMultipleHeadersAuth',\n\t\t\t\t)\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!result) return {};\n\n\t\t\treturn {\n\t\t\t\theaders: result.headers.values.reduce(\n\t\t\t\t\t(acc, cur) => {\n\t\t\t\t\t\tacc[cur.name] = cur.value;\n\t\t\t\t\t\treturn acc;\n\t\t\t\t\t},\n\t\t\t\t\t{} as Record<string, string>,\n\t\t\t\t),\n\t\t\t};\n\t\t}\n\t\tcase 'none':\n\t\tdefault: {\n\t\t\treturn {};\n\t\t}\n\t}\n}\n\n/*\n Tries to refresh the OAuth2 token, storing them in the database if successful\n * @param ctx - The execution context\n * @param authentication - The authentication method\n * @param headers - The headers to refresh\n * @returns The refreshed headers or null if the authentication method is not oAuth2Api or has failed\n */\nexport async function tryRefreshOAuth2Token(\n\tctx: IExecuteFunctions \| ISupplyDataFunctions \| ILoadOptionsFunctions,\n\tauthentication: McpAuthenticationOption,\n\theaders?: Record<string, string>,\n) {\n\tif (authentication !== 'mcpOAuth2Api') {\n\t\treturn null;\n\t}\n\n\tlet access_token: string \| null = null;\n\ttry {\n\t\tconst result = (await ctx.helpers.refreshOAuth2Token.call(\n\t\t\tctx,\n\t\t\t'mcpOAuth2Api',\n\t\t)) as ClientOAuth2TokenData;\n\t\taccess_token = result?.access_token;\n\t} catch (error) {\n\t\treturn null;\n\t}\n\n\tif (!access_token) {\n\t\treturn null;\n\t}\n\n\tif (!headers) {\n\t\treturn {\n\t\t\tAuthorization: `Bearer ${access_token}`,\n\t\t};\n\t}\n\n\treturn {\n\t\t...headers,\n\t\tAuthorization: `Bearer ${access_token}`,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAuB;AACvB,iBAAmC;AACnC,4BAA8C;AAS9C,0BAAsE;AAEtE,4BAA2B;AAI3B,eAAsB,YAAY,QAAgB,QAAqC;AACtF,QAAM,EAAE,OAAO,WAAW,IAAI,MAAM,OAAO,UAAU,EAAE,OAAO,CAAC;AAE/D,MAAI,YAAY;AACf,WAAQ,MAAoB,OAAO,MAAM,YAAY,QAAQ,UAAU,CAAC;AAAA,EACzE;AAEA,SAAO;AACR;AAEA,SAAS,cAAc,KAAa,SAA4C;AAC/E,MAAI;AACH,eAAO,oCAAe,IAAI,IAAI,KAAK,OAAO,CAAC;AAAA,EAC5C,SAAS,OAAO;AACf,eAAO,uCAAkB,KAAK;AAAA,EAC/B;AACD;AAEA,SAAS,wBAAwB,OAAmC;AACnE,QAAM,eAAe,CAAC,gBAAgB,KAAK,KAAK,IAAI,WAAW,KAAK,KAAK;AACzE,QAAM,YAAY,cAAc,YAAY;AAE5C,MAAI,CAAC,UAAU,IAAI;AAClB,eAAO,uCAAkB,UAAU,KAAK;AAAA,EACzC;AAEA,SAAO;AACR;AAEA,SAAS,aAAa,OAAgB,MAAuB;AAC5D,SACC,CAAC,CAAC,SACF,OAAO,UAAU,aACf,UAAU,SAAS,OAAO,MAAM,IAAI,MAAM,QAC1C,aAAa,SACb,OAAO,MAAM,YAAY,YACzB,MAAM,QAAQ,SAAS,KAAK,SAAS,CAAC;AAE1C;AAEA,SAAS,oBAAoB,OAAyB;AACrD,SAAO,aAAa,OAAO,GAAG;AAC/B;AAEA,SAAS,iBAAiB,OAAyB;AAClD,SAAO,aAAa,OAAO,GAAG;AAC/B;AAWO,SAAS,wBACf,MACA,OACqB;AACrB,UAAQ,MAAM,MAAM;AAAA,IACnB,KAAK;AACJ,aAAO,IAAI,uCAAmB,MAAM,MAAM,OAAO;AAAA,QAChD,SAAS;AAAA,MACV,CAAC;AAAA,IACF,KAAK;AACJ,aAAO,IAAI,uCAAmB,MAAM,MAAM,OAAO;AAAA,QAChD,SAAS;AAAA,MACV,CAAC;AAAA,IACF,KAAK;AAAA,IACL;AACC,aAAO,IAAI,uCAAmB,MAAM,MAAM,OAAO;AAAA,QAChD,SAAS;AAAA,MACV,CAAC;AAAA,EACH;AACD;AAEA,eAAsB,iBAAiB;AAAA,EACtC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACD,GAOmD;AAClD,QAAM,WAAW,wBAAwB,WAAW;AAEpD,MAAI,CAAC,SAAS,IAAI;AACjB,eAAO,uCAAkB,EAAE,MAAM,eAAe,OAAO,SAAS,MAAM,CAAC;AAAA,EACxE;AAEA,QAAM,SAAS,IAAI,qBAAO,EAAE,MAAM,SAAS,QAAQ,SAAS,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,CAAC;AAErF,MAAI,oBAAoB,kBAAkB;AACzC,QAAI;AACH,YAAM,YAAY,IAAI,oDAA8B,SAAS,QAAQ;AAAA,QACpE,aAAa,EAAE,QAAQ;AAAA,QACvB,OAAO;AAAA,MACR,CAAC;AACD,YAAM,OAAO,QAAQ,SAAS;AAC9B,iBAAO,oCAAe,MAAM;AAAA,IAC7B,SAAS,OAAO;AACf,UAAI,kBAAkB,oBAAoB,KAAK,GAAG;AACjD,cAAM,aAAa,MAAM,eAAe,OAAO;AAC/C,YAAI,YAAY;AAEf,iBAAO,MAAM,iBAAiB;AAAA,YAC7B,SAAS;AAAA,YACT;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,UACD,CAAC;AAAA,QACF;AAAA,MACD;AAEA,UAAI,oBAAoB,KAAK,KAAK,iBAAiB,KAAK,GAAG;AAC1D,mBAAO,uCAAkB,EAAE,MAAM,QAAQ,MAAsB,CAAC;AAAA,MACjE,OAAO;AACN,mBAAO,uCAAkB,EAAE,MAAM,cAAc,MAAsB,CAAC;AAAA,MACvE;AAAA,IACD;AAAA,EACD;AAEA,MAAI;AACH,UAAM,eAAe,IAAI,8BAAmB,SAAS,QAAQ;AAAA,MAC5D,iBAAiB;AAAA,QAChB,OAAO,OAAO,KAAK,SAClB,UAAM,kCAAW,KAAK;AAAA,UACrB,GAAG;AAAA,UACH,SAAS;AAAA,YACR,GAAG;AAAA,YACH,QAAQ;AAAA,UACT;AAAA,QACD,CAAC;AAAA,MACH;AAAA,MACA,OAAO;AAAA,MACP,aAAa,EAAE,QAAQ;AAAA,IACxB,CAAC;AACD,UAAM,OAAO,QAAQ,YAAY;AACjC,eAAO,oCAAe,MAAM;AAAA,EAC7B,SAAS,OAAO;AACf,QAAI,kBAAkB,oBAAoB,KAAK,GAAG;AACjD,YAAM,aAAa,MAAM,eAAe,OAAO;AAC/C,UAAI,YAAY;AAEf,eAAO,MAAM,iBAAiB;AAAA,UAC7B,SAAS;AAAA,UACT;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACD,CAAC;AAAA,MACF;AAAA,IACD;AAEA,QAAI,oBAAoB,KAAK,KAAK,iBAAiB,KAAK,GAAG;AAC1D,iBAAO,uCAAkB,EAAE,MAAM,QAAQ,MAAsB,CAAC;AAAA,IACjE,OAAO;AACN,iBAAO,uCAAkB,EAAE,MAAM,cAAc,MAAsB,CAAC;AAAA,IACvE;AAAA,EACD;AACD;AAEA,eAAsB,eACrB,KACA,gBACgD;AAChD,UAAQ,gBAAgB;AAAA,IACvB,KAAK,cAAc;AAClB,YAAM,SAAS,MAAM,IACnB,eAAgD,gBAAgB,EAChE,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,OAAQ,QAAO,CAAC;AAErB,aAAO,EAAE,SAAS,EAAE,CAAC,OAAO,IAAI,GAAG,OAAO,MAAM,EAAE;AAAA,IACnD;AAAA,IACA,KAAK,cAAc;AAClB,YAAM,SAAS,MAAM,IACnB,eAAkC,gBAAgB,EAClD,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,OAAQ,QAAO,CAAC;AAErB,aAAO,EAAE,SAAS,EAAE,eAAe,UAAU,OAAO,KAAK,GAAG,EAAE;AAAA,IAC/D;AAAA,IACA,KAAK,gBAAgB;AACpB,YAAM,SAAS,MAAM,IACnB,eAA6D,cAAc,EAC3E,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,OAAQ,QAAO,CAAC;AAErB,aAAO,EAAE,SAAS,EAAE,eAAe,UAAU,OAAO,eAAe,YAAY,GAAG,EAAE;AAAA,IACrF;AAAA,IACA,KAAK,uBAAuB;AAC3B,YAAM,SAAS,MAAM,IACnB;AAAA,QACA;AAAA,MACD,EACC,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,OAAQ,QAAO,CAAC;AAErB,aAAO;AAAA,QACN,SAAS,OAAO,QAAQ,OAAO;AAAA,UAC9B,CAAC,KAAK,QAAQ;AACb,gBAAI,IAAI,IAAI,IAAI,IAAI;AACpB,mBAAO;AAAA,UACR;AAAA,UACA,CAAC;AAAA,QACF;AAAA,MACD;AAAA,IACD;AAAA,IACA,KAAK;AAAA,IACL,SAAS;AACR,aAAO,CAAC;AAAA,IACT;AAAA,EACD;AACD;AASA,eAAsB,sBACrB,KACA,gBACA,SACC;AACD,MAAI,mBAAmB,gBAAgB;AACtC,WAAO;AAAA,EACR;AAEA,MAAI,eAA8B;AAClC,MAAI;AACH,UAAM,SAAU,MAAM,IAAI,QAAQ,mBAAmB;AAAA,MACpD;AAAA,MACA;AAAA,IACD;AACA,mBAAe,QAAQ;AAAA,EACxB,SAAS,OAAO;AACf,WAAO;AAAA,EACR;AAEA,MAAI,CAAC,cAAc;AAClB,WAAO;AAAA,EACR;AAEA,MAAI,CAAC,SAAS;AACb,WAAO;AAAA,MACN,eAAe,UAAU,YAAY;AAAA,IACtC;AAAA,EACD;AAEA,SAAO;AAAA,IACN,GAAG;AAAA,IACH,eAAe,UAAU,YAAY;AAAA,EACtC;AACD;","names":[]}
1	+ {"version":3,"sources":["../../../../nodes/mcp/shared/utils.ts"],"sourcesContent":["import { Client } from '@modelcontextprotocol/sdk/client/index.js';\nimport { SSEClientTransport } from '@modelcontextprotocol/sdk/client/sse.js';\nimport { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js';\nimport type { ClientOAuth2TokenData } from '@n8n/client-oauth2';\nimport type {\n\tICredentialDataDecryptedObject,\n\tIExecuteFunctions,\n\tILoadOptionsFunctions,\n\tINode,\n\tISupplyDataFunctions,\n\tResult,\n} from 'n8n-workflow';\nimport {\n\tApplicationError,\n\tcreateResultError,\n\tcreateResultOk,\n\tisDomainAllowed,\n\tNodeOperationError,\n} from 'n8n-workflow';\n\nimport { fetchFollowingRedirects } from '@utils/follow-redirects';\nimport { proxyFetch } from '@utils/httpProxyAgent';\n\nimport type { McpAuthenticationOption, McpServerTransport, McpTool } from './types';\n\nexport async function getAllTools(client: Client, cursor?: string): Promise<McpTool[]> {\n\tconst { tools, nextCursor } = await client.listTools({ cursor });\n\n\tif (nextCursor) {\n\t\treturn (tools as McpTool[]).concat(await getAllTools(client, nextCursor));\n\t}\n\n\treturn tools as McpTool[];\n}\n\nfunction safeCreateUrl(url: string, baseUrl?: string \| URL): Result<URL, Error> {\n\ttry {\n\t\treturn createResultOk(new URL(url, baseUrl));\n\t} catch (error) {\n\t\treturn createResultError(error);\n\t}\n}\n\nfunction normalizeAndValidateUrl(input: string): Result<URL, Error> {\n\tconst withProtocol = !/^https?:\\/\\//i.test(input) ? `https://${input}` : input;\n\tconst parsedUrl = safeCreateUrl(withProtocol);\n\n\tif (!parsedUrl.ok) {\n\t\treturn createResultError(parsedUrl.error);\n\t}\n\n\treturn parsedUrl;\n}\n\nfunction errorHasCode(error: unknown, code: number): boolean {\n\treturn (\n\t\t!!error &&\n\t\ttypeof error === 'object' &&\n\t\t(('code' in error && Number(error.code) === code) \|\|\n\t\t\t('message' in error &&\n\t\t\t\ttypeof error.message === 'string' &&\n\t\t\t\terror.message.includes(code.toString())))\n\t);\n}\n\nfunction isUnauthorizedError(error: unknown): boolean {\n\treturn errorHasCode(error, 401);\n}\n\nfunction isForbiddenError(error: unknown): boolean {\n\treturn errorHasCode(error, 403);\n}\n\ntype OnUnauthorizedHandler = (\n\theaders?: Record<string, string>,\n) => Promise<Record<string, string> \| null>;\n\ntype ConnectMcpClientError =\n\t\| { type: 'invalid_url'; error: Error }\n\t\| { type: 'connection'; error: Error }\n\t\| { type: 'auth'; error: Error };\n\nexport function mapToNodeOperationError(\n\tnode: INode,\n\terror: ConnectMcpClientError,\n): NodeOperationError {\n\tswitch (error.type) {\n\t\tcase 'invalid_url':\n\t\t\treturn new NodeOperationError(node, error.error, {\n\t\t\t\tmessage: 'Could not connect to your MCP server. The provided URL is invalid.',\n\t\t\t});\n\t\tcase 'auth':\n\t\t\treturn new NodeOperationError(node, error.error, {\n\t\t\t\tmessage: 'Could not connect to your MCP server. Authentication failed.',\n\t\t\t});\n\t\tcase 'connection':\n\t\tdefault:\n\t\t\treturn new NodeOperationError(node, error.error, {\n\t\t\t\tmessage: 'Could not connect to your MCP server',\n\t\t\t});\n\t}\n}\n\n/*\n Wraps `proxyFetch` so each hop is validated against `allowedDomains` before\n * the request is sent. With no allowlist, behaves like `proxyFetch`.\n /\nfunction createValidatingFetch(allowedDomains?: string): typeof fetch {\n\treturn async (input: RequestInfo \| URL, init?: RequestInit): Promise<Response> => {\n\t\tconst startUrl = input instanceof Request ? input.url : input;\n\t\treturn await fetchFollowingRedirects(proxyFetch, startUrl, init, {\n\t\t\tonBeforeHop: (hopUrl) => {\n\t\t\t\tif (allowedDomains && !isDomainAllowed(hopUrl, { allowedDomains })) {\n\t\t\t\t\tthrow new ApplicationError(\n\t\t\t\t\t\t`Domain not allowed: This credential is restricted from accessing ${hopUrl}. Only the following domains are allowed: ${allowedDomains}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t},\n\t\t});\n\t};\n}\n\nexport async function connectMcpClient({\n\theaders,\n\tserverTransport,\n\tendpointUrl,\n\tname,\n\tversion,\n\tonUnauthorized,\n\tallowedDomains,\n}: {\n\tserverTransport: McpServerTransport;\n\tendpointUrl: string;\n\theaders?: Record<string, string>;\n\tname: string;\n\tversion: number;\n\tonUnauthorized?: OnUnauthorizedHandler;\n\t/\n\t Comma-separated allowlist from the credential. When set, every request\n\t * (including redirect hops) is validated against it.\n\t /\n\tallowedDomains?: string;\n}): Promise<Result<Client, ConnectMcpClientError>> {\n\tconst endpoint = normalizeAndValidateUrl(endpointUrl);\n\n\tif (!endpoint.ok) {\n\t\treturn createResultError({ type: 'invalid_url', error: endpoint.error });\n\t}\n\n\tconst validatingFetch = createValidatingFetch(allowedDomains);\n\tconst client = new Client({ name, version: version.toString() }, { capabilities: {} });\n\n\tif (serverTransport === 'httpStreamable') {\n\t\ttry {\n\t\t\tconst transport = new StreamableHTTPClientTransport(endpoint.result, {\n\t\t\t\trequestInit: { headers },\n\t\t\t\tfetch: validatingFetch,\n\t\t\t});\n\t\t\tawait client.connect(transport);\n\t\t\treturn createResultOk(client);\n\t\t} catch (error) {\n\t\t\tif (onUnauthorized && isUnauthorizedError(error)) {\n\t\t\t\tconst newHeaders = await onUnauthorized(headers);\n\t\t\t\tif (newHeaders) {\n\t\t\t\t\t// Don't pass `onUnauthorized` to avoid possible infinite recursion\n\t\t\t\t\treturn await connectMcpClient({\n\t\t\t\t\t\theaders: newHeaders,\n\t\t\t\t\t\tserverTransport,\n\t\t\t\t\t\tendpointUrl,\n\t\t\t\t\t\tname,\n\t\t\t\t\t\tversion,\n\t\t\t\t\t\tallowedDomains,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (isUnauthorizedError(error) \|\| isForbiddenError(error)) {\n\t\t\t\treturn createResultError({ type: 'auth', error: error as Error });\n\t\t\t} else {\n\t\t\t\treturn createResultError({ type: 'connection', error: error as Error });\n\t\t\t}\n\t\t}\n\t}\n\n\ttry {\n\t\tconst sseTransport = new SSEClientTransport(endpoint.result, {\n\t\t\teventSourceInit: {\n\t\t\t\tfetch: async (url, init) =>\n\t\t\t\t\tawait validatingFetch(url, {\n\t\t\t\t\t\t...init,\n\t\t\t\t\t\theaders: {\n\t\t\t\t\t\t\t...headers,\n\t\t\t\t\t\t\tAccept: 'text/event-stream',\n\t\t\t\t\t\t},\n\t\t\t\t\t}),\n\t\t\t},\n\t\t\tfetch: validatingFetch,\n\t\t\trequestInit: { headers },\n\t\t});\n\t\tawait client.connect(sseTransport);\n\t\treturn createResultOk(client);\n\t} catch (error) {\n\t\tif (onUnauthorized && isUnauthorizedError(error)) {\n\t\t\tconst newHeaders = await onUnauthorized(headers);\n\t\t\tif (newHeaders) {\n\t\t\t\t// Don't pass `onUnauthorized` to avoid possible infinite recursion\n\t\t\t\treturn await connectMcpClient({\n\t\t\t\t\theaders: newHeaders,\n\t\t\t\t\tserverTransport,\n\t\t\t\t\tendpointUrl,\n\t\t\t\t\tname,\n\t\t\t\t\tversion,\n\t\t\t\t\tallowedDomains,\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\n\t\tif (isUnauthorizedError(error) \|\| isForbiddenError(error)) {\n\t\t\treturn createResultError({ type: 'auth', error: error as Error });\n\t\t} else {\n\t\t\treturn createResultError({ type: 'connection', error: error as Error });\n\t\t}\n\t}\n}\n\nexport async function getAuthHeaders(\n\tctx: Pick<IExecuteFunctions, 'getCredentials'>,\n\tauthentication: McpAuthenticationOption,\n): Promise<{\n\theaders?: Record<string, string>;\n\tcredentials?: ICredentialDataDecryptedObject;\n}> {\n\tswitch (authentication) {\n\t\tcase 'headerAuth': {\n\t\t\tconst credentials = await ctx\n\t\t\t\t.getCredentials<{ name: string; value: string }>('httpHeaderAuth')\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!credentials) return {};\n\n\t\t\treturn {\n\t\t\t\theaders: { [credentials.name]: credentials.value },\n\t\t\t\tcredentials,\n\t\t\t};\n\t\t}\n\t\tcase 'bearerAuth': {\n\t\t\tconst credentials = await ctx\n\t\t\t\t.getCredentials<{ token: string }>('httpBearerAuth')\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!credentials) return {};\n\n\t\t\treturn {\n\t\t\t\theaders: { Authorization: `Bearer ${credentials.token}` },\n\t\t\t\tcredentials,\n\t\t\t};\n\t\t}\n\t\tcase 'mcpOAuth2Api': {\n\t\t\tconst credentials = await ctx\n\t\t\t\t.getCredentials<{ oauthTokenData: { access_token: string } }>('mcpOAuth2Api')\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!credentials) return {};\n\n\t\t\treturn {\n\t\t\t\theaders: { Authorization: `Bearer ${credentials.oauthTokenData.access_token}` },\n\t\t\t\tcredentials,\n\t\t\t};\n\t\t}\n\t\tcase 'multipleHeadersAuth': {\n\t\t\tconst credentials = await ctx\n\t\t\t\t.getCredentials<{ headers: { values: Array<{ name: string; value: string }> } }>(\n\t\t\t\t\t'httpMultipleHeadersAuth',\n\t\t\t\t)\n\t\t\t\t.catch(() => null);\n\n\t\t\tif (!credentials) return {};\n\n\t\t\treturn {\n\t\t\t\theaders: credentials.headers.values.reduce(\n\t\t\t\t\t(acc: Record<string, string>, cur: { name: string; value: string }) => {\n\t\t\t\t\t\tacc[cur.name] = cur.value;\n\t\t\t\t\t\treturn acc;\n\t\t\t\t\t},\n\t\t\t\t\t{} as Record<string, string>,\n\t\t\t\t),\n\t\t\t\tcredentials,\n\t\t\t};\n\t\t}\n\t\tcase 'none':\n\t\tdefault: {\n\t\t\treturn {};\n\t\t}\n\t}\n}\n\n/\n Enforces the credential's \"Allowed HTTP Request Domains\" setting for the\n * MCP server URL. Mirrors the HTTP Request node's behaviour:\n * - `'none'` blocks any use of the credential\n * - `'domains'` restricts to a comma-separated allowlist (wildcards via `.`)\n - anything else (or missing credential) allows the request\n \n Returns the allowlist string when one applies so callers can pass it down\n * to `connectMcpClient` for per-hop redirect validation; returns `undefined`\n * when the credential allows everything.\n /\nexport function assertCredentialAllowsUrl(\n\tnode: INode,\n\tcredentials: ICredentialDataDecryptedObject \| undefined,\n\turl: string,\n): string \| undefined {\n\tif (!credentials) return undefined;\n\n\tif (credentials.allowedHttpRequestDomains === 'none') {\n\t\tthrow new NodeOperationError(\n\t\t\tnode,\n\t\t\t'This credential is configured to prevent use within an MCP Client node',\n\t\t);\n\t}\n\n\tif (credentials.allowedHttpRequestDomains !== 'domains') return undefined;\n\n\tconst allowedDomains =\n\t\ttypeof credentials.allowedDomains === 'string' ? credentials.allowedDomains : '';\n\tif (!allowedDomains \|\| allowedDomains.trim() === '') {\n\t\tthrow new NodeOperationError(\n\t\t\tnode,\n\t\t\t'No allowed domains specified. Configure allowed domains or change restriction setting.',\n\t\t);\n\t}\n\n\tif (!isDomainAllowed(url, { allowedDomains })) {\n\t\tthrow new NodeOperationError(\n\t\t\tnode,\n\t\t\t`Domain not allowed: This credential is restricted from accessing ${url}. Only the following domains are allowed: ${allowedDomains}`,\n\t\t);\n\t}\n\n\treturn allowedDomains;\n}\n\n/\n Tries to refresh the OAuth2 token, storing them in the database if successful\n * @param ctx - The execution context\n * @param authentication - The authentication method\n * @param headers - The headers to refresh\n * @returns The refreshed headers or null if the authentication method is not oAuth2Api or has failed\n */\nexport async function tryRefreshOAuth2Token(\n\tctx: IExecuteFunctions \| ISupplyDataFunctions \| ILoadOptionsFunctions,\n\tauthentication: McpAuthenticationOption,\n\theaders?: Record<string, string>,\n) {\n\tif (authentication !== 'mcpOAuth2Api') {\n\t\treturn null;\n\t}\n\n\tlet access_token: string \| null = null;\n\ttry {\n\t\tconst result = (await ctx.helpers.refreshOAuth2Token.call(\n\t\t\tctx,\n\t\t\t'mcpOAuth2Api',\n\t\t)) as ClientOAuth2TokenData;\n\t\taccess_token = result?.access_token;\n\t} catch (error) {\n\t\treturn null;\n\t}\n\n\tif (!access_token) {\n\t\treturn null;\n\t}\n\n\tif (!headers) {\n\t\treturn {\n\t\t\tAuthorization: `Bearer ${access_token}`,\n\t\t};\n\t}\n\n\treturn {\n\t\t...headers,\n\t\tAuthorization: `Bearer ${access_token}`,\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAAuB;AACvB,iBAAmC;AACnC,4BAA8C;AAU9C,0BAMO;AAEP,8BAAwC;AACxC,4BAA2B;AAI3B,eAAsB,YAAY,QAAgB,QAAqC;AACtF,QAAM,EAAE,OAAO,WAAW,IAAI,MAAM,OAAO,UAAU,EAAE,OAAO,CAAC;AAE/D,MAAI,YAAY;AACf,WAAQ,MAAoB,OAAO,MAAM,YAAY,QAAQ,UAAU,CAAC;AAAA,EACzE;AAEA,SAAO;AACR;AAEA,SAAS,cAAc,KAAa,SAA4C;AAC/E,MAAI;AACH,eAAO,oCAAe,IAAI,IAAI,KAAK,OAAO,CAAC;AAAA,EAC5C,SAAS,OAAO;AACf,eAAO,uCAAkB,KAAK;AAAA,EAC/B;AACD;AAEA,SAAS,wBAAwB,OAAmC;AACnE,QAAM,eAAe,CAAC,gBAAgB,KAAK,KAAK,IAAI,WAAW,KAAK,KAAK;AACzE,QAAM,YAAY,cAAc,YAAY;AAE5C,MAAI,CAAC,UAAU,IAAI;AAClB,eAAO,uCAAkB,UAAU,KAAK;AAAA,EACzC;AAEA,SAAO;AACR;AAEA,SAAS,aAAa,OAAgB,MAAuB;AAC5D,SACC,CAAC,CAAC,SACF,OAAO,UAAU,aACf,UAAU,SAAS,OAAO,MAAM,IAAI,MAAM,QAC1C,aAAa,SACb,OAAO,MAAM,YAAY,YACzB,MAAM,QAAQ,SAAS,KAAK,SAAS,CAAC;AAE1C;AAEA,SAAS,oBAAoB,OAAyB;AACrD,SAAO,aAAa,OAAO,GAAG;AAC/B;AAEA,SAAS,iBAAiB,OAAyB;AAClD,SAAO,aAAa,OAAO,GAAG;AAC/B;AAWO,SAAS,wBACf,MACA,OACqB;AACrB,UAAQ,MAAM,MAAM;AAAA,IACnB,KAAK;AACJ,aAAO,IAAI,uCAAmB,MAAM,MAAM,OAAO;AAAA,QAChD,SAAS;AAAA,MACV,CAAC;AAAA,IACF,KAAK;AACJ,aAAO,IAAI,uCAAmB,MAAM,MAAM,OAAO;AAAA,QAChD,SAAS;AAAA,MACV,CAAC;AAAA,IACF,KAAK;AAAA,IACL;AACC,aAAO,IAAI,uCAAmB,MAAM,MAAM,OAAO;AAAA,QAChD,SAAS;AAAA,MACV,CAAC;AAAA,EACH;AACD;AAMA,SAAS,sBAAsB,gBAAuC;AACrE,SAAO,OAAO,OAA0B,SAA0C;AACjF,UAAM,WAAW,iBAAiB,UAAU,MAAM,MAAM;AACxD,WAAO,UAAM,iDAAwB,kCAAY,UAAU,MAAM;AAAA,MAChE,aAAa,CAAC,WAAW;AACxB,YAAI,kBAAkB,KAAC,qCAAgB,QAAQ,EAAE,eAAe,CAAC,GAAG;AACnE,gBAAM,IAAI;AAAA,YACT,oEAAoE,MAAM,6CAA6C,cAAc;AAAA,UACtI;AAAA,QACD;AAAA,MACD;AAAA,IACD,CAAC;AAAA,EACF;AACD;AAEA,eAAsB,iBAAiB;AAAA,EACtC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACD,GAYmD;AAClD,QAAM,WAAW,wBAAwB,WAAW;AAEpD,MAAI,CAAC,SAAS,IAAI;AACjB,eAAO,uCAAkB,EAAE,MAAM,eAAe,OAAO,SAAS,MAAM,CAAC;AAAA,EACxE;AAEA,QAAM,kBAAkB,sBAAsB,cAAc;AAC5D,QAAM,SAAS,IAAI,qBAAO,EAAE,MAAM,SAAS,QAAQ,SAAS,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,CAAC;AAErF,MAAI,oBAAoB,kBAAkB;AACzC,QAAI;AACH,YAAM,YAAY,IAAI,oDAA8B,SAAS,QAAQ;AAAA,QACpE,aAAa,EAAE,QAAQ;AAAA,QACvB,OAAO;AAAA,MACR,CAAC;AACD,YAAM,OAAO,QAAQ,SAAS;AAC9B,iBAAO,oCAAe,MAAM;AAAA,IAC7B,SAAS,OAAO;AACf,UAAI,kBAAkB,oBAAoB,KAAK,GAAG;AACjD,cAAM,aAAa,MAAM,eAAe,OAAO;AAC/C,YAAI,YAAY;AAEf,iBAAO,MAAM,iBAAiB;AAAA,YAC7B,SAAS;AAAA,YACT;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,UACD,CAAC;AAAA,QACF;AAAA,MACD;AAEA,UAAI,oBAAoB,KAAK,KAAK,iBAAiB,KAAK,GAAG;AAC1D,mBAAO,uCAAkB,EAAE,MAAM,QAAQ,MAAsB,CAAC;AAAA,MACjE,OAAO;AACN,mBAAO,uCAAkB,EAAE,MAAM,cAAc,MAAsB,CAAC;AAAA,MACvE;AAAA,IACD;AAAA,EACD;AAEA,MAAI;AACH,UAAM,eAAe,IAAI,8BAAmB,SAAS,QAAQ;AAAA,MAC5D,iBAAiB;AAAA,QAChB,OAAO,OAAO,KAAK,SAClB,MAAM,gBAAgB,KAAK;AAAA,UAC1B,GAAG;AAAA,UACH,SAAS;AAAA,YACR,GAAG;AAAA,YACH,QAAQ;AAAA,UACT;AAAA,QACD,CAAC;AAAA,MACH;AAAA,MACA,OAAO;AAAA,MACP,aAAa,EAAE,QAAQ;AAAA,IACxB,CAAC;AACD,UAAM,OAAO,QAAQ,YAAY;AACjC,eAAO,oCAAe,MAAM;AAAA,EAC7B,SAAS,OAAO;AACf,QAAI,kBAAkB,oBAAoB,KAAK,GAAG;AACjD,YAAM,aAAa,MAAM,eAAe,OAAO;AAC/C,UAAI,YAAY;AAEf,eAAO,MAAM,iBAAiB;AAAA,UAC7B,SAAS;AAAA,UACT;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACD,CAAC;AAAA,MACF;AAAA,IACD;AAEA,QAAI,oBAAoB,KAAK,KAAK,iBAAiB,KAAK,GAAG;AAC1D,iBAAO,uCAAkB,EAAE,MAAM,QAAQ,MAAsB,CAAC;AAAA,IACjE,OAAO;AACN,iBAAO,uCAAkB,EAAE,MAAM,cAAc,MAAsB,CAAC;AAAA,IACvE;AAAA,EACD;AACD;AAEA,eAAsB,eACrB,KACA,gBAIE;AACF,UAAQ,gBAAgB;AAAA,IACvB,KAAK,cAAc;AAClB,YAAM,cAAc,MAAM,IACxB,eAAgD,gBAAgB,EAChE,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,YAAa,QAAO,CAAC;AAE1B,aAAO;AAAA,QACN,SAAS,EAAE,CAAC,YAAY,IAAI,GAAG,YAAY,MAAM;AAAA,QACjD;AAAA,MACD;AAAA,IACD;AAAA,IACA,KAAK,cAAc;AAClB,YAAM,cAAc,MAAM,IACxB,eAAkC,gBAAgB,EAClD,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,YAAa,QAAO,CAAC;AAE1B,aAAO;AAAA,QACN,SAAS,EAAE,eAAe,UAAU,YAAY,KAAK,GAAG;AAAA,QACxD;AAAA,MACD;AAAA,IACD;AAAA,IACA,KAAK,gBAAgB;AACpB,YAAM,cAAc,MAAM,IACxB,eAA6D,cAAc,EAC3E,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,YAAa,QAAO,CAAC;AAE1B,aAAO;AAAA,QACN,SAAS,EAAE,eAAe,UAAU,YAAY,eAAe,YAAY,GAAG;AAAA,QAC9E;AAAA,MACD;AAAA,IACD;AAAA,IACA,KAAK,uBAAuB;AAC3B,YAAM,cAAc,MAAM,IACxB;AAAA,QACA;AAAA,MACD,EACC,MAAM,MAAM,IAAI;AAElB,UAAI,CAAC,YAAa,QAAO,CAAC;AAE1B,aAAO;AAAA,QACN,SAAS,YAAY,QAAQ,OAAO;AAAA,UACnC,CAAC,KAA6B,QAAyC;AACtE,gBAAI,IAAI,IAAI,IAAI,IAAI;AACpB,mBAAO;AAAA,UACR;AAAA,UACA,CAAC;AAAA,QACF;AAAA,QACA;AAAA,MACD;AAAA,IACD;AAAA,IACA,KAAK;AAAA,IACL,SAAS;AACR,aAAO,CAAC;AAAA,IACT;AAAA,EACD;AACD;AAaO,SAAS,0BACf,MACA,aACA,KACqB;AACrB,MAAI,CAAC,YAAa,QAAO;AAEzB,MAAI,YAAY,8BAA8B,QAAQ;AACrD,UAAM,IAAI;AAAA,MACT;AAAA,MACA;AAAA,IACD;AAAA,EACD;AAEA,MAAI,YAAY,8BAA8B,UAAW,QAAO;AAEhE,QAAM,iBACL,OAAO,YAAY,mBAAmB,WAAW,YAAY,iBAAiB;AAC/E,MAAI,CAAC,kBAAkB,eAAe,KAAK,MAAM,IAAI;AACpD,UAAM,IAAI;AAAA,MACT;AAAA,MACA;AAAA,IACD;AAAA,EACD;AAEA,MAAI,KAAC,qCAAgB,KAAK,EAAE,eAAe,CAAC,GAAG;AAC9C,UAAM,IAAI;AAAA,MACT;AAAA,MACA,oEAAoE,GAAG,6CAA6C,cAAc;AAAA,IACnI;AAAA,EACD;AAEA,SAAO;AACR;AASA,eAAsB,sBACrB,KACA,gBACA,SACC;AACD,MAAI,mBAAmB,gBAAgB;AACtC,WAAO;AAAA,EACR;AAEA,MAAI,eAA8B;AAClC,MAAI;AACH,UAAM,SAAU,MAAM,IAAI,QAAQ,mBAAmB;AAAA,MACpD;AAAA,MACA;AAAA,IACD;AACA,mBAAe,QAAQ;AAAA,EACxB,SAAS,OAAO;AACf,WAAO;AAAA,EACR;AAEA,MAAI,CAAC,cAAc;AAClB,WAAO;AAAA,EACR;AAEA,MAAI,CAAC,SAAS;AACb,WAAO;AAAA,MACN,eAAe,UAAU,YAAY;AAAA,IACtC;AAAA,EACD;AAEA,SAAO;AAAA,IACN,GAAG;AAAA,IACH,eAAe,UAAU,YAAY;AAAA,EACtC;AACD;","names":[]}

package/dist/utils/follow-redirects.js ADDED Viewed

@@ -0,0 +1,65 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var follow_redirects_exports = {};
+__export(follow_redirects_exports, {
+  fetchFollowingRedirects: () => fetchFollowingRedirects
+});
+module.exports = __toCommonJS(follow_redirects_exports);
+var import_n8n_workflow = require("n8n-workflow");
+const DEFAULT_MAX_REDIRECTS = 20;
+async function fetchFollowingRedirects(fetcher, url, init, options) {
+  const maxRedirects = options?.maxRedirects ?? DEFAULT_MAX_REDIRECTS;
+  let currentInput = url;
+  let currentInit = { ...init };
+  let hops = 0;
+  while (true) {
+    const currentUrlString = currentInput instanceof URL ? currentInput.href : currentInput;
+    if (options?.onBeforeHop) {
+      await options.onBeforeHop(currentUrlString);
+    }
+    const response = await fetcher(currentInput, {
+      ...currentInit,
+      redirect: "manual"
+    });
+    if (response.status < 300 || response.status >= 400) {
+      return response;
+    }
+    const location = response.headers.get("location");
+    if (!location) {
+      return response;
+    }
+    hops += 1;
+    if (hops > maxRedirects) {
+      throw new import_n8n_workflow.ApplicationError(`Too many redirects (max ${maxRedirects})`);
+    }
+    await response.body?.cancel().catch(() => {
+    });
+    currentInput = new URL(location, currentUrlString);
+    const method = (currentInit.method ?? "GET").toUpperCase();
+    const isUnsafe = method !== "GET" && method !== "HEAD";
+    if (response.status === 303 || (response.status === 301 || response.status === 302) && isUnsafe) {
+      currentInit = { ...currentInit, method: "GET", body: void 0 };
+    }
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  fetchFollowingRedirects
+});
+//# sourceMappingURL=follow-redirects.js.map

package/dist/utils/follow-redirects.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../utils/follow-redirects.ts"],"sourcesContent":["import { ApplicationError } from 'n8n-workflow';\n\nconst DEFAULT_MAX_REDIRECTS = 20;\n\nexport interface FollowRedirectsOptions {\n\t/** Called before each hop; throw to reject. */\n\tonBeforeHop?: (url: string) => void | Promise<void>;\n\tmaxRedirects?: number;\n}\n\n/**\n * Manual redirect handling so each hop can be validated before the request is\n * sent. 301/302/303 demote unsafe methods to GET per fetch spec.\n */\nexport async function fetchFollowingRedirects(\n\tfetcher: (input: string | URL, init?: RequestInit) => Promise<Response>,\n\turl: string | URL,\n\tinit?: RequestInit,\n\toptions?: FollowRedirectsOptions,\n): Promise<Response> {\n\tconst maxRedirects = options?.maxRedirects ?? DEFAULT_MAX_REDIRECTS;\n\tlet currentInput: string | URL = url;\n\tlet currentInit: RequestInit = { ...init };\n\tlet hops = 0;\n\n\twhile (true) {\n\t\tconst currentUrlString = currentInput instanceof URL ? currentInput.href : currentInput;\n\t\tif (options?.onBeforeHop) {\n\t\t\tawait options.onBeforeHop(currentUrlString);\n\t\t}\n\n\t\tconst response = await fetcher(currentInput, {\n\t\t\t...currentInit,\n\t\t\tredirect: 'manual',\n\t\t});\n\n\t\tif (response.status < 300 || response.status >= 400) {\n\t\t\treturn response;\n\t\t}\n\n\t\tconst location = response.headers.get('location');\n\t\tif (!location) {\n\t\t\treturn response;\n\t\t}\n\n\t\thops += 1;\n\t\tif (hops > maxRedirects) {\n\t\t\tthrow new ApplicationError(`Too many redirects (max ${maxRedirects})`);\n\t\t}\n\n\t\tawait response.body?.cancel().catch(() => {});\n\n\t\tcurrentInput = new URL(location, currentUrlString);\n\n\t\tconst method = (currentInit.method ?? 'GET').toUpperCase();\n\t\tconst isUnsafe = method !== 'GET' && method !== 'HEAD';\n\t\tif (\n\t\t\tresponse.status === 303 ||\n\t\t\t((response.status === 301 || response.status === 302) && isUnsafe)\n\t\t) {\n\t\t\tcurrentInit = { ...currentInit, method: 'GET', body: undefined };\n\t\t}\n\t}\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0BAAiC;AAEjC,MAAM,wBAAwB;AAY9B,eAAsB,wBACrB,SACA,KACA,MACA,SACoB;AACpB,QAAM,eAAe,SAAS,gBAAgB;AAC9C,MAAI,eAA6B;AACjC,MAAI,cAA2B,EAAE,GAAG,KAAK;AACzC,MAAI,OAAO;AAEX,SAAO,MAAM;AACZ,UAAM,mBAAmB,wBAAwB,MAAM,aAAa,OAAO;AAC3E,QAAI,SAAS,aAAa;AACzB,YAAM,QAAQ,YAAY,gBAAgB;AAAA,IAC3C;AAEA,UAAM,WAAW,MAAM,QAAQ,cAAc;AAAA,MAC5C,GAAG;AAAA,MACH,UAAU;AAAA,IACX,CAAC;AAED,QAAI,SAAS,SAAS,OAAO,SAAS,UAAU,KAAK;AACpD,aAAO;AAAA,IACR;AAEA,UAAM,WAAW,SAAS,QAAQ,IAAI,UAAU;AAChD,QAAI,CAAC,UAAU;AACd,aAAO;AAAA,IACR;AAEA,YAAQ;AACR,QAAI,OAAO,cAAc;AACxB,YAAM,IAAI,qCAAiB,2BAA2B,YAAY,GAAG;AAAA,IACtE;AAEA,UAAM,SAAS,MAAM,OAAO,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAE5C,mBAAe,IAAI,IAAI,UAAU,gBAAgB;AAEjD,UAAM,UAAU,YAAY,UAAU,OAAO,YAAY;AACzD,UAAM,WAAW,WAAW,SAAS,WAAW;AAChD,QACC,SAAS,WAAW,QAClB,SAAS,WAAW,OAAO,SAAS,WAAW,QAAQ,UACxD;AACD,oBAAc,EAAE,GAAG,aAAa,QAAQ,OAAO,MAAM,OAAU;AAAA,IAChE;AAAA,EACD;AACD;","names":[]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@n8n/n8n-nodes-langchain",
-  "version": "1.122.33",
+  "version": "1.122.34",
   "description": "",
   "main": "index.js",
   "files": [
@@ -160,7 +160,7 @@
     "jest-mock-extended": "^3.0.4",
     "tsup": "^8.5.1",
     "@n8n/eslint-plugin-community-nodes": "0.7.0",
-    "n8n-core": "1.122.26"
+    "n8n-core": "1.122.27"
   },
   "dependencies": {
     "@aws-sdk/client-sso-oidc": "3.808.0",
@@ -229,14 +229,14 @@
     "weaviate-client": "3.6.2",
     "zod": "3.25.67",
     "zod-to-json-schema": "3.23.3",
+    "@n8n/json-schema-to-zod": "1.6.0",
     "@n8n/client-oauth2": "0.33.4",
-    "@n8n/config": "1.65.5",
     "@n8n/di": "0.10.0",
     "@n8n/errors": "0.5.0",
-    "@n8n/json-schema-to-zod": "1.6.0",
     "@n8n/typescript-config": "1.3.0",
-    "n8n-nodes-base": "1.121.31",
-    "n8n-workflow": "1.120.13"
+    "n8n-workflow": "1.120.14",
+    "@n8n/config": "1.65.5",
+    "n8n-nodes-base": "1.121.32"
   },
   "license": "SEE LICENSE IN LICENSE.md",
   "homepage": "https://n8n.io",