@netpad/mcp-server-remote 1.2.0 → 1.4.2

package/api/lib/oauth.ts

@@ -0,0 +1,411 @@
+/**
+ * OAuth 2.0 + PKCE utilities for NetPad MCP Remote Server
+ *
+ * This implements the OAuth 2.0 Authorization Code flow with PKCE
+ * for Claude.ai's Remote MCP connector integration.
+ */
+
+import crypto from 'crypto';
+
+// ============================================================================
+// CONFIGURATION
+// ============================================================================
+
+export const OAUTH_CONFIG = {
+  // Issuer URL (the MCP server itself)
+  issuer: process.env.OAUTH_ISSUER || 'https://mcp.netpad.io',
+
+  // NetPad API URL for user authentication
+  // Note: Using www.netpad.io because netpad.io redirects to www with 307
+  netpadApiUrl: process.env.NETPAD_API_URL || 'https://www.netpad.io',
+
+  // Token settings
+  accessTokenTtlSeconds: 3600, // 1 hour
+  refreshTokenTtlSeconds: 86400 * 30, // 30 days
+  authCodeTtlSeconds: 600, // 10 minutes
+
+  // Allowed OAuth clients
+  allowedClients: {
+    'netpad': {
+      name: 'NetPad MCP Connector',
+      redirectUris: [
+        'https://claude.ai/api/mcp/auth_callback',
+        'https://www.claude.ai/api/mcp/auth_callback',
+        // Add localhost for testing
+        'http://localhost:3000/api/mcp/auth_callback',
+      ],
+      scopes: ['claudeai', 'mcp', 'read', 'write'],
+      pkceRequired: true,
+    },
+  },
+
+  // Supported scopes
+  scopes: {
+    'claudeai': 'Access NetPad via Claude.ai',
+    'mcp': 'Use MCP tools',
+    'read': 'Read forms, workflows, and data',
+    'write': 'Create and modify forms, workflows, and data',
+  },
+};
+
+// ============================================================================
+// TYPES
+// ============================================================================
+
+export interface AuthorizationCode {
+  code: string;
+  clientId: string;
+  redirectUri: string;
+  scope: string;
+  codeChallenge: string;
+  codeChallengeMethod: string;
+  userId: string;
+  organizationId: string;
+  expiresAt: number;
+}
+
+export interface OAuthToken {
+  accessToken: string;
+  refreshToken: string;
+  tokenType: 'Bearer';
+  expiresIn: number;
+  scope: string;
+}
+
+export interface TokenPayload {
+  sub: string; // User ID
+  org: string; // Organization ID
+  scope: string;
+  iat: number;
+  exp: number;
+  iss: string;
+  aud: string;
+}
+
+// ============================================================================
+// IN-MEMORY STORES (Replace with database in production)
+// ============================================================================
+
+// Store authorization codes (short-lived, should use Redis in production)
+const authorizationCodes = new Map<string, AuthorizationCode>();
+
+// Store refresh tokens (should use database in production)
+const refreshTokens = new Map<string, { userId: string; organizationId: string; scope: string; expiresAt: number }>();
+
+// Cleanup expired codes periodically
+setInterval(() => {
+  const now = Date.now();
+  for (const [code, data] of authorizationCodes) {
+    if (data.expiresAt < now) {
+      authorizationCodes.delete(code);
+    }
+  }
+  for (const [token, data] of refreshTokens) {
+    if (data.expiresAt < now) {
+      refreshTokens.delete(token);
+    }
+  }
+}, 60000); // Every minute
+
+// ============================================================================
+// PKCE UTILITIES
+// ============================================================================
+
+/**
+ * Verify PKCE code_verifier against code_challenge
+ *
+ * For S256: code_challenge = BASE64URL(SHA256(code_verifier))
+ */
+export function verifyPkceChallenge(
+  codeVerifier: string,
+  codeChallenge: string,
+  method: string
+): boolean {
+  if (method === 'S256') {
+    const hash = crypto.createHash('sha256').update(codeVerifier).digest();
+    const computed = base64UrlEncode(hash);
+    return computed === codeChallenge;
+  } else if (method === 'plain') {
+    return codeVerifier === codeChallenge;
+  }
+  return false;
+}
+
+/**
+ * Base64 URL encode (RFC 4648)
+ */
+function base64UrlEncode(buffer: Buffer): string {
+  return buffer
+    .toString('base64')
+    .replace(/\+/g, '-')
+    .replace(/\//g, '_')
+    .replace(/=+$/, '');
+}
+
+// ============================================================================
+// AUTHORIZATION CODE MANAGEMENT
+// ============================================================================
+
+/**
+ * Generate a self-contained authorization code (stateless)
+ *
+ * Since Vercel serverless functions don't share memory between invocations,
+ * we encode all the authorization data directly into the code itself.
+ * The code is signed with HMAC to prevent tampering.
+ */
+export function generateAuthorizationCode(params: {
+  clientId: string;
+  redirectUri: string;
+  scope: string;
+  codeChallenge: string;
+  codeChallengeMethod: string;
+  userId: string;
+  organizationId: string;
+}): string {
+  const payload = {
+    cid: params.clientId,
+    ruri: params.redirectUri,
+    scope: params.scope,
+    cc: params.codeChallenge,
+    ccm: params.codeChallengeMethod,
+    uid: params.userId,
+    oid: params.organizationId,
+    exp: Date.now() + OAUTH_CONFIG.authCodeTtlSeconds * 1000,
+    nonce: crypto.randomBytes(8).toString('hex'), // Prevent replay
+  };
+
+  const payloadStr = JSON.stringify(payload);
+  const payloadB64 = Buffer.from(payloadStr).toString('base64url');
+
+  // Sign the payload
+  const secret = process.env.OAUTH_SECRET || 'netpad-mcp-oauth-secret-change-in-production';
+  const signature = crypto
+    .createHmac('sha256', secret)
+    .update(payloadB64)
+    .digest('base64url');
+
+  return `${payloadB64}.${signature}`;
+}
+
+/**
+ * Consume an authorization code (stateless verification)
+ */
+export function consumeAuthorizationCode(code: string): AuthorizationCode | null {
+  try {
+    const parts = code.split('.');
+    if (parts.length !== 2) {
+      return null;
+    }
+
+    const [payloadB64, signature] = parts;
+
+    // Verify signature
+    const secret = process.env.OAUTH_SECRET || 'netpad-mcp-oauth-secret-change-in-production';
+    const expectedSig = crypto
+      .createHmac('sha256', secret)
+      .update(payloadB64)
+      .digest('base64url');
+
+    if (signature !== expectedSig) {
+      console.log('[OAuth] Authorization code signature mismatch');
+      return null;
+    }
+
+    // Decode payload
+    const payloadStr = Buffer.from(payloadB64, 'base64url').toString();
+    const payload = JSON.parse(payloadStr);
+
+    // Check expiration
+    if (payload.exp < Date.now()) {
+      console.log('[OAuth] Authorization code expired');
+      return null;
+    }
+
+    // Note: In a stateless system, we can't truly enforce one-time use
+    // without external storage. The short expiration (10 min) mitigates this.
+
+    return {
+      code,
+      clientId: payload.cid,
+      redirectUri: payload.ruri,
+      scope: payload.scope,
+      codeChallenge: payload.cc,
+      codeChallengeMethod: payload.ccm,
+      userId: payload.uid,
+      organizationId: payload.oid,
+      expiresAt: payload.exp,
+    };
+  } catch (error) {
+    console.error('[OAuth] Failed to decode authorization code:', error);
+    return null;
+  }
+}
+
+// ============================================================================
+// TOKEN GENERATION
+// ============================================================================
+
+/**
+ * Generate access token (JWT-like but simpler for now)
+ *
+ * In production, use proper JWT with RS256 signing
+ */
+export function generateAccessToken(params: {
+  userId: string;
+  organizationId: string;
+  scope: string;
+}): string {
+  const payload: TokenPayload = {
+    sub: params.userId,
+    org: params.organizationId,
+    scope: params.scope,
+    iat: Math.floor(Date.now() / 1000),
+    exp: Math.floor(Date.now() / 1000) + OAUTH_CONFIG.accessTokenTtlSeconds,
+    iss: OAUTH_CONFIG.issuer,
+    aud: 'mcp.netpad.io',
+  };
+
+  // Simple encoding (in production, use proper JWT signing)
+  const header = base64UrlEncode(Buffer.from(JSON.stringify({ alg: 'HS256', typ: 'JWT' })));
+  const body = base64UrlEncode(Buffer.from(JSON.stringify(payload)));
+  const secret = process.env.OAUTH_SECRET || 'netpad-mcp-oauth-secret-change-in-production';
+  const signature = crypto
+    .createHmac('sha256', secret)
+    .update(`${header}.${body}`)
+    .digest();
+  const sig = base64UrlEncode(signature);
+
+  return `${header}.${body}.${sig}`;
+}
+
+/**
+ * Generate refresh token
+ */
+export function generateRefreshToken(params: {
+  userId: string;
+  organizationId: string;
+  scope: string;
+}): string {
+  const token = crypto.randomBytes(32).toString('hex');
+
+  refreshTokens.set(token, {
+    userId: params.userId,
+    organizationId: params.organizationId,
+    scope: params.scope,
+    expiresAt: Date.now() + OAUTH_CONFIG.refreshTokenTtlSeconds * 1000,
+  });
+
+  return token;
+}
+
+/**
+ * Validate and decode an access token
+ */
+export function validateAccessToken(token: string): TokenPayload | null {
+  try {
+    const parts = token.split('.');
+    if (parts.length !== 3) {
+      return null;
+    }
+
+    const [header, body, sig] = parts;
+
+    // Verify signature
+    const secret = process.env.OAUTH_SECRET || 'netpad-mcp-oauth-secret-change-in-production';
+    const expectedSig = base64UrlEncode(
+      crypto.createHmac('sha256', secret).update(`${header}.${body}`).digest()
+    );
+
+    if (sig !== expectedSig) {
+      return null;
+    }
+
+    // Decode payload
+    const payload = JSON.parse(Buffer.from(body, 'base64').toString()) as TokenPayload;
+
+    // Check expiration
+    if (payload.exp < Math.floor(Date.now() / 1000)) {
+      return null;
+    }
+
+    return payload;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Exchange refresh token for new access token
+ */
+export function exchangeRefreshToken(refreshToken: string): {
+  accessToken: string;
+  refreshToken: string;
+  expiresIn: number;
+  scope: string;
+} | null {
+  const data = refreshTokens.get(refreshToken);
+
+  if (!data || data.expiresAt < Date.now()) {
+    return null;
+  }
+
+  // Generate new tokens
+  const newAccessToken = generateAccessToken({
+    userId: data.userId,
+    organizationId: data.organizationId,
+    scope: data.scope,
+  });
+
+  // Optionally rotate refresh token
+  refreshTokens.delete(refreshToken);
+  const newRefreshToken = generateRefreshToken({
+    userId: data.userId,
+    organizationId: data.organizationId,
+    scope: data.scope,
+  });
+
+  return {
+    accessToken: newAccessToken,
+    refreshToken: newRefreshToken,
+    expiresIn: OAUTH_CONFIG.accessTokenTtlSeconds,
+    scope: data.scope,
+  };
+}
+
+// ============================================================================
+// CLIENT VALIDATION
+// ============================================================================
+
+/**
+ * Validate OAuth client and redirect URI
+ */
+export function validateClient(
+  clientId: string,
+  redirectUri: string
+): { valid: boolean; error?: string } {
+  const client = OAUTH_CONFIG.allowedClients[clientId as keyof typeof OAUTH_CONFIG.allowedClients];
+
+  if (!client) {
+    return { valid: false, error: 'invalid_client' };
+  }
+
+  if (!client.redirectUris.includes(redirectUri)) {
+    return { valid: false, error: 'invalid_redirect_uri' };
+  }
+
+  return { valid: true };
+}
+
+/**
+ * Validate requested scopes
+ */
+export function validateScopes(requestedScopes: string, clientId: string): string[] {
+  const client = OAUTH_CONFIG.allowedClients[clientId as keyof typeof OAUTH_CONFIG.allowedClients];
+  if (!client) return [];
+
+  const requested = requestedScopes.split(' ').filter(Boolean);
+  const allowed = requested.filter(scope => client.scopes.includes(scope));
+
+  // Default to 'mcp' if no valid scopes
+  return allowed.length > 0 ? allowed : ['mcp'];
+}

package/api/mcp.ts

@@ -2,12 +2,13 @@ import type { VercelRequest, VercelResponse } from '@vercel/node';
 import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
 import { IncomingMessage, ServerResponse } from 'node:http';
 import { createNetPadMcpServer } from '@netpad/mcp-server';
+import { validateAccessToken } from './lib/oauth.js';
 
 // Store transports by session ID for reconnection
 const transports = new Map<string, StreamableHTTPServerTransport>();
 
 // ============================================================================
-// API KEY AUTHENTICATION
+// AUTHENTICATION (Supports both OAuth tokens and API keys)
 // ============================================================================
 
 // Cache validated API keys for 5 minutes to reduce API calls
@@ -16,28 +17,46 @@ const CACHE_TTL_MS = 5 * 60 * 1000; // 5 minutes
 
 /**
  * Get the NetPad API base URL from environment or default
+ * Note: Using www.netpad.io because netpad.io redirects to www with 307
  */
 function getNetPadApiUrl(): string {
-  return process.env.NETPAD_API_URL || 'https://netpad.io';
+  return process.env.NETPAD_API_URL || 'https://www.netpad.io';
 }
 
 /**
- * Validate the API key by calling the NetPad API.
- * Uses the existing NetPad API key validation system.
- *
- * API keys should be in the format: np_live_xxx or np_test_xxx
+ * Authentication result
+ */
+interface AuthResult {
+  valid: boolean;
+  userId?: string;
+  organizationId?: string;
+  scope?: string;
+  error?: {
+    status: number;
+    error: string;
+    code: string;
+  };
+}
+
+/**
+ * Validate the request using either OAuth token or API key
  *
- * @returns null if valid, or an error response object if invalid
+ * Supports:
+ * 1. OAuth access tokens (JWT-like tokens from /token endpoint)
+ * 2. NetPad API keys (np_live_xxx or np_test_xxx)
  */
-async function validateApiKey(req: VercelRequest): Promise<{ status: number; error: string; code: string } | null> {
+async function validateRequest(req: VercelRequest): Promise<AuthResult> {
   const authHeader = req.headers['authorization'];
 
   // Check if Authorization header is present
   if (!authHeader) {
     return {
-      status: 401,
-      error: 'Missing Authorization header. Use: Authorization: Bearer np_live_xxx',
-      code: 'MISSING_API_KEY',
+      valid: false,
+      error: {
+        status: 401,
+        error: 'Missing Authorization header. Use: Authorization: Bearer <token>',
+        code: 'MISSING_AUTH',
+      },
     };
   }
 
@@ -45,41 +64,94 @@ async function validateApiKey(req: VercelRequest): Promise<{ status: number; err
   const parts = authHeader.split(' ');
   if (parts.length !== 2 || parts[0].toLowerCase() !== 'bearer') {
     return {
-      status: 401,
-      error: 'Invalid Authorization header format. Use: Authorization: Bearer np_live_xxx',
-      code: 'INVALID_AUTH_FORMAT',
+      valid: false,
+      error: {
+        status: 401,
+        error: 'Invalid Authorization header format. Use: Authorization: Bearer <token>',
+        code: 'INVALID_AUTH_FORMAT',
+      },
     };
   }
 
-  const apiKey = parts[1].trim();
+  const token = parts[1].trim();
 
-  if (!apiKey) {
+  if (!token) {
     return {
-      status: 401,
-      error: 'API key is empty',
-      code: 'EMPTY_API_KEY',
+      valid: false,
+      error: {
+        status: 401,
+        error: 'Token is empty',
+        code: 'EMPTY_TOKEN',
+      },
     };
   }
 
-  // Validate key format (must start with np_live_ or np_test_)
-  if (!apiKey.startsWith('np_live_') && !apiKey.startsWith('np_test_')) {
+  // ============================================================================
+  // Try OAuth token first (JWT-like format with dots)
+  // ============================================================================
+  if (token.includes('.')) {
+    console.log('[MCP] Attempting OAuth token validation...');
+    const payload = validateAccessToken(token);
+    if (payload) {
+      console.log('[MCP] OAuth token valid:', { userId: payload.sub, org: payload.org });
+      return {
+        valid: true,
+        userId: payload.sub,
+        organizationId: payload.org,
+        scope: payload.scope,
+      };
+    }
+    // If it looks like a JWT but failed validation, return error
+    // (don't fall through to API key validation)
+    console.log('[MCP] OAuth token validation failed');
     return {
-      status: 401,
-      error: 'Invalid API key format. Keys should start with np_live_ or np_test_. Generate one at netpad.io/settings',
-      code: 'INVALID_API_KEY_FORMAT',
+      valid: false,
+      error: {
+        status: 401,
+        error: 'Invalid or expired OAuth token',
+        code: 'INVALID_OAUTH_TOKEN',
+      },
     };
   }
 
+  // ============================================================================
+  // Try API key (np_live_xxx or np_test_xxx format)
+  // ============================================================================
+  if (token.startsWith('np_live_') || token.startsWith('np_test_')) {
+    return validateApiKey(token);
+  }
+
+  // Unknown token format
+  return {
+    valid: false,
+    error: {
+      status: 401,
+      error: 'Invalid token format. Use an OAuth token or NetPad API key (np_live_xxx)',
+      code: 'INVALID_TOKEN_FORMAT',
+    },
+  };
+}
+
+/**
+ * Validate a NetPad API key
+ */
+async function validateApiKey(apiKey: string): Promise<AuthResult> {
   // Check cache first
   const cached = apiKeyCache.get(apiKey);
   if (cached && cached.expiresAt > Date.now()) {
     if (cached.valid) {
-      return null; // Valid key from cache
+      return {
+        valid: true,
+        organizationId: cached.organizationId,
+      };
     }
     return {
-      status: 401,
-      error: 'Invalid or expired API key',
-      code: 'INVALID_API_KEY',
+      valid: false,
+      error: {
+        status: 401,
+        error: 'Invalid or expired API key',
+        code: 'INVALID_API_KEY',
+      },
     };
   }
 
@@ -103,7 +175,11 @@ async function validateApiKey(req: VercelRequest): Promise<{ status: number; err
         organizationId: data.organizationId,
         expiresAt: Date.now() + CACHE_TTL_MS,
       });
-      return null; // Valid key
+      return {
+        valid: true,
+        userId: data.userId,
+        organizationId: data.organizationId,
+      };
     }
 
     // Key is invalid - cache the negative result too (shorter TTL)
@@ -115,9 +191,12 @@ async function validateApiKey(req: VercelRequest): Promise<{ status: number; err
     // Parse error response
     const errorData = await response.json().catch(() => ({}));
     return {
-      status: response.status,
-      error: errorData.error?.message || 'Invalid or expired API key',
-      code: errorData.error?.code || 'INVALID_API_KEY',
+      valid: false,
+      error: {
+        status: response.status,
+        error: errorData.error?.message || 'Invalid or expired API key',
+        code: errorData.error?.code || 'INVALID_API_KEY',
+      },
     };
   } catch (error) {
     console.error('Error validating API key against NetPad:', error);
@@ -126,7 +205,7 @@ async function validateApiKey(req: VercelRequest): Promise<{ status: number; err
     // This allows the MCP server to work even if NetPad API is temporarily unavailable
     // but only accepts properly formatted keys
     console.warn('NetPad API unavailable, accepting key based on format validation only');
-    return null;
+    return { valid: true };
   }
 }
 
@@ -141,12 +220,12 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
   // ============================================================================
   // AUTHENTICATE REQUEST
   // ============================================================================
-  const authError = await validateApiKey(req);
-  if (authError) {
-    res.status(authError.status).json({
-      error: authError.error,
-      code: authError.code,
-      hint: 'Generate an API key at netpad.io/settings and add it to Claude\'s connector settings under "Advanced settings".',
+  const authResult = await validateRequest(req);
+  if (!authResult.valid) {
+    res.status(authResult.error?.status || 401).json({
+      error: authResult.error?.error || 'Authentication failed',
+      code: authResult.error?.code || 'AUTH_FAILED',
+      hint: 'Connect via Claude.ai Settings > Connectors, or use an API key from netpad.io/settings',
     });
     return;
   }
@@ -164,7 +243,7 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
     // Create the full NetPad MCP server with all 80+ tools
     const server = createNetPadMcpServer({
       name: '@netpad/mcp-server-remote',
-      version: '1.1.0',
+      version: '1.2.0',
     });
     await server.connect(transport);
 
@@ -194,7 +273,7 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
       // Create the full NetPad MCP server with all 80+ tools
       const server = createNetPadMcpServer({
         name: '@netpad/mcp-server-remote',
-        version: '1.1.0',
+        version: '1.2.0',
       });
       await server.connect(transport);