@olane/o-mcp 0.7.1 → 0.7.2

package/dist/src/oauth/oauth-aware-transport.js

@@ -0,0 +1,120 @@
+/**
+ * OAuth-aware transport wrapper for MCP
+ *
+ * This transport wraps the standard MCP transport and automatically:
+ * - Injects OAuth tokens into requests
+ * - Refreshes expired tokens
+ * - Retries failed requests after token refresh
+ */
+export class OAuthAwareMcpTransport {
+    constructor(innerTransport, storage, serverUrl, refreshCallback) {
+        this.innerTransport = innerTransport;
+        this.storage = storage;
+        this.serverUrl = serverUrl;
+        this.refreshCallback = refreshCallback;
+        // Forward events from inner transport
+        this.innerTransport.onclose = () => {
+            if (this.onclose) {
+                this.onclose();
+            }
+        };
+        this.innerTransport.onerror = (error) => {
+            if (this.onerror) {
+                this.onerror(error);
+            }
+        };
+        this.innerTransport.onmessage = (message) => {
+            if (this.onmessage) {
+                this.onmessage(message);
+            }
+        };
+    }
+    /**
+     * Start the transport and ensure tokens are valid
+     */
+    async start() {
+        await this.ensureValidTokens();
+        return this.innerTransport.start();
+    }
+    /**
+     * Close the transport
+     */
+    async close() {
+        return this.innerTransport.close();
+    }
+    /**
+     * Send a message with OAuth token injection
+     */
+    async send(message) {
+        // Ensure we have valid tokens
+        await this.ensureValidTokens();
+        // Get current tokens
+        const tokens = await this.storage.getTokens(this.serverUrl);
+        // For HTTP/SSE transports, we'd inject the Authorization header
+        // The MCP SDK handles this differently depending on transport type
+        // For now, we rely on the transport configuration having the token
+        try {
+            return await this.innerTransport.send(message);
+        }
+        catch (error) {
+            // Check if it's an authentication error (401)
+            if (this.isAuthError(error)) {
+                // Try to refresh tokens and retry
+                await this.refreshTokens();
+                return await this.innerTransport.send(message);
+            }
+            throw error;
+        }
+    }
+    /**
+     * Ensure tokens are valid before making requests
+     */
+    async ensureValidTokens() {
+        const tokens = await this.storage.getTokens(this.serverUrl);
+        if (!tokens) {
+            throw new Error(`No OAuth tokens available for ${this.serverUrl}. Please authenticate first.`);
+        }
+        // Check if token is expired
+        const isExpired = await this.storage.areTokensExpired(this.serverUrl);
+        if (isExpired && tokens.refresh_token) {
+            await this.refreshTokens();
+        }
+        else if (isExpired) {
+            throw new Error(`OAuth token expired and no refresh token available for ${this.serverUrl}. Please re-authenticate.`);
+        }
+    }
+    /**
+     * Refresh OAuth tokens
+     */
+    async refreshTokens() {
+        try {
+            await this.refreshCallback(this.serverUrl);
+        }
+        catch (error) {
+            throw new Error(`Failed to refresh OAuth tokens for ${this.serverUrl}: ${error.message}`);
+        }
+    }
+    /**
+     * Check if an error is an authentication error
+     */
+    isAuthError(error) {
+        // Check for common authentication error patterns
+        if (error.status === 401 || error.statusCode === 401) {
+            return true;
+        }
+        if (error.code === 'UNAUTHORIZED' || error.code === 'UNAUTHENTICATED') {
+            return true;
+        }
+        const errorMessage = error.message?.toLowerCase() || '';
+        return (errorMessage.includes('unauthorized') ||
+            errorMessage.includes('authentication') ||
+            errorMessage.includes('token expired'));
+    }
+    /**
+     * Get the current access token (for HTTP transport configuration)
+     */
+    async getAccessToken() {
+        const tokens = await this.storage.getTokens(this.serverUrl);
+        return tokens?.access_token || null;
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@olane/o-mcp",
-  "version": "0.7.1",
+  "version": "0.7.2",
   "type": "module",
   "main": "dist/src/index.js",
   "types": "dist/src/index.d.ts",
@@ -35,10 +35,29 @@
   "author": "oLane Inc.",
   "license": "ISC",
   "description": "oLane Core",
+  "peerDependencies": {
+    "@modelcontextprotocol/sdk": "^1.18.1",
+    "@olane/o-config": "^0.7.1",
+    "@olane/o-core": "^0.7.1",
+    "@olane/o-intelligence": "^0.7.1",
+    "@olane/o-lane": "^0.7.1",
+    "@olane/o-leader": "^0.7.1",
+    "@olane/o-node": "^0.7.1",
+    "@olane/o-protocol": "^0.7.1",
+    "@olane/o-storage": "^0.7.1",
+    "@olane/o-tool": "^0.7.1"
+  },
+  "dependencies": {
+    "debug": "^4.4.1",
+    "dotenv": "^16.5.0",
+    "express": "^4.18.2",
+    "open": "^10.0.0"
+  },
   "devDependencies": {
     "@eslint/eslintrc": "^3.3.1",
     "@eslint/js": "^9.29.0",
     "@tsconfig/node20": "^20.1.6",
+    "@types/express": "^4.17.21",
     "@types/jest": "^30.0.0",
     "@typescript-eslint/eslint-plugin": "^8.34.1",
     "@typescript-eslint/parser": "^8.34.1",
@@ -54,19 +73,5 @@
     "tsconfig-paths": "^4.2.0",
     "tsx": "^4.20.3",
     "typescript": "5.4.5"
-  },
-  "peerDependencies": {
-    "@modelcontextprotocol/sdk": "^1.18.1",
-    "@olane/o-config": "^0.7.0",
-    "@olane/o-core": "^0.7.0",
-    "@olane/o-intelligence": "^0.7.0",
-    "@olane/o-leader": "^0.7.0",
-    "@olane/o-protocol": "^0.7.0",
-    "@olane/o-tool": "^0.7.0",
-    "@olane/o-lane": "^0.7.0"
-  },
-  "dependencies": {
-    "debug": "^4.4.1",
-    "dotenv": "^16.5.0"
   }
 }