@prmichaelsen/mcp-auth 7.0.3 → 7.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +208 -0
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -1
- package/dist/index.js.map +2 -2
- package/dist/types.d.ts +36 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/wrapper/index.d.ts +6 -30
- package/dist/wrapper/index.d.ts.map +1 -1
- package/dist/wrapper/index.js +4 -5
- package/dist/wrapper/index.js.map +3 -3
- package/dist/wrapper/progress-manager.d.ts +101 -0
- package/dist/wrapper/progress-manager.d.ts.map +1 -0
- package/dist/wrapper/progress-manager.js +241 -0
- package/dist/wrapper/progress-manager.js.map +7 -0
- package/dist/wrapper/server-wrapper.d.ts +35 -0
- package/dist/wrapper/server-wrapper.d.ts.map +1 -1
- package/dist/wrapper/server-wrapper.js +150 -4
- package/dist/wrapper/server-wrapper.js.map +2 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -150,6 +150,47 @@ const tokenResolver = new JWTTokenResolver({ authProvider });
|
|
|
150
150
|
- ❌ Larger JWT size
|
|
151
151
|
- ❌ Tokens exposed in JWT payload
|
|
152
152
|
|
|
153
|
+
### JWTAuthProvider (Static Servers) ⭐ NEW
|
|
154
|
+
|
|
155
|
+
For servers that manage their own data and only need user identification:
|
|
156
|
+
|
|
157
|
+
```typescript
|
|
158
|
+
import { wrapServer, JWTAuthProvider } from '@prmichaelsen/mcp-auth';
|
|
159
|
+
|
|
160
|
+
const wrapped = wrapServer({
|
|
161
|
+
serverFactory: (accessToken, userId) => {
|
|
162
|
+
// accessToken will be empty string - use userId only
|
|
163
|
+
return createMyStaticServer(userId);
|
|
164
|
+
},
|
|
165
|
+
|
|
166
|
+
authProvider: new JWTAuthProvider({
|
|
167
|
+
jwtSecret: process.env.JWT_SECRET
|
|
168
|
+
}),
|
|
169
|
+
|
|
170
|
+
// No tokenResolver needed! ✨
|
|
171
|
+
|
|
172
|
+
resourceType: 'my-service',
|
|
173
|
+
transport: {
|
|
174
|
+
type: 'sse',
|
|
175
|
+
port: 3000,
|
|
176
|
+
cors: true,
|
|
177
|
+
corsOrigin: process.env.CORS_ORIGIN
|
|
178
|
+
}
|
|
179
|
+
});
|
|
180
|
+
```
|
|
181
|
+
|
|
182
|
+
**Perfect for:**
|
|
183
|
+
- ✅ Multi-tenant SaaS with own database
|
|
184
|
+
- ✅ User-scoped services
|
|
185
|
+
- ✅ Internal tools without external APIs
|
|
186
|
+
- ✅ Static data management servers
|
|
187
|
+
|
|
188
|
+
**Benefits:**
|
|
189
|
+
- ✅ Simplest configuration
|
|
190
|
+
- ✅ No external credential management
|
|
191
|
+
- ✅ JWT validation only (userId extraction)
|
|
192
|
+
- ✅ Complete user isolation via ephemeral instances
|
|
193
|
+
|
|
153
194
|
### APITokenResolver (API-Based)
|
|
154
195
|
|
|
155
196
|
For resolving tokens via tenant manager API:
|
|
@@ -285,6 +326,155 @@ transport: {
|
|
|
285
326
|
}
|
|
286
327
|
```
|
|
287
328
|
|
|
329
|
+
## Progress Streaming
|
|
330
|
+
|
|
331
|
+
mcp-auth supports MCP progress notifications, allowing wrapped servers to stream progress updates to clients during long-running operations.
|
|
332
|
+
|
|
333
|
+
### How It Works
|
|
334
|
+
|
|
335
|
+
When a client provides a `progressToken` in the request, mcp-auth automatically:
|
|
336
|
+
1. Extracts the progress token from the request
|
|
337
|
+
2. Passes it through to the wrapped MCP server
|
|
338
|
+
3. The wrapped server can send progress notifications back to the client
|
|
339
|
+
4. Progress is isolated per user (multi-tenant safe)
|
|
340
|
+
|
|
341
|
+
### Client-Side Usage
|
|
342
|
+
|
|
343
|
+
```typescript
|
|
344
|
+
import { Client } from '@modelcontextprotocol/sdk/client/index.js';
|
|
345
|
+
|
|
346
|
+
const client = new Client({
|
|
347
|
+
name: 'my-client',
|
|
348
|
+
version: '1.0.0'
|
|
349
|
+
});
|
|
350
|
+
|
|
351
|
+
// Call tool with progress support
|
|
352
|
+
const result = await client.request({
|
|
353
|
+
method: 'tools/call',
|
|
354
|
+
params: {
|
|
355
|
+
name: 'long_running_operation',
|
|
356
|
+
arguments: { /* ... */ }
|
|
357
|
+
}
|
|
358
|
+
}, {
|
|
359
|
+
progressToken: 'operation-123',
|
|
360
|
+
onprogress: (progress) => {
|
|
361
|
+
console.log(`Progress: ${progress.progress}/${progress.total}`);
|
|
362
|
+
console.log(`Message: ${progress.message}`);
|
|
363
|
+
}
|
|
364
|
+
});
|
|
365
|
+
```
|
|
366
|
+
|
|
367
|
+
### Server-Side Implementation
|
|
368
|
+
|
|
369
|
+
Wrapped MCP servers can send progress notifications:
|
|
370
|
+
|
|
371
|
+
```typescript
|
|
372
|
+
// In your MCP server tool handler
|
|
373
|
+
export async function handleLongOperation(
|
|
374
|
+
args: any,
|
|
375
|
+
extra?: { progressToken?: string | number }
|
|
376
|
+
): Promise<any> {
|
|
377
|
+
const progressToken = extra?.progressToken;
|
|
378
|
+
|
|
379
|
+
if (progressToken) {
|
|
380
|
+
// Send progress notifications
|
|
381
|
+
server.notification({
|
|
382
|
+
method: 'notifications/progress',
|
|
383
|
+
params: {
|
|
384
|
+
progressToken,
|
|
385
|
+
progress: 50,
|
|
386
|
+
total: 100,
|
|
387
|
+
message: 'Processing...'
|
|
388
|
+
}
|
|
389
|
+
});
|
|
390
|
+
}
|
|
391
|
+
|
|
392
|
+
// ... perform operation
|
|
393
|
+
}
|
|
394
|
+
```
|
|
395
|
+
|
|
396
|
+
### Features
|
|
397
|
+
|
|
398
|
+
- ✅ **Automatic Pass-Through**: Progress tokens automatically forwarded to wrapped servers
|
|
399
|
+
- ✅ **Multi-Tenant Safe**: Progress notifications isolated per user
|
|
400
|
+
- ✅ **Backward Compatible**: Works with or without progress token (graceful degradation)
|
|
401
|
+
- ✅ **Zero Configuration**: No additional setup required
|
|
402
|
+
|
|
403
|
+
### Monitoring
|
|
404
|
+
|
|
405
|
+
Monitor active progress streams via authenticated endpoints:
|
|
406
|
+
|
|
407
|
+
**User Stats** (shows your own progress streams):
|
|
408
|
+
```bash
|
|
409
|
+
GET /mcp/progress/stats
|
|
410
|
+
Authorization: Bearer <jwt>
|
|
411
|
+
```
|
|
412
|
+
|
|
413
|
+
**Response**:
|
|
414
|
+
```json
|
|
415
|
+
{
|
|
416
|
+
"user": {
|
|
417
|
+
"userId": "user123",
|
|
418
|
+
"activeStreams": 2,
|
|
419
|
+
"totalMessages": 1543,
|
|
420
|
+
"totalBytes": 45231,
|
|
421
|
+
"oldestStreamAge": 120000
|
|
422
|
+
},
|
|
423
|
+
"global": {
|
|
424
|
+
"activeStreams": 15,
|
|
425
|
+
"totalMessages": 8234,
|
|
426
|
+
"userCount": 8
|
|
427
|
+
},
|
|
428
|
+
"timestamp": "2026-02-23T21:00:00.000Z"
|
|
429
|
+
}
|
|
430
|
+
```
|
|
431
|
+
|
|
432
|
+
**All Metrics** (detailed stream information):
|
|
433
|
+
```bash
|
|
434
|
+
GET /mcp/progress/metrics
|
|
435
|
+
Authorization: Bearer <jwt>
|
|
436
|
+
```
|
|
437
|
+
|
|
438
|
+
**Response**:
|
|
439
|
+
```json
|
|
440
|
+
{
|
|
441
|
+
"metrics": [
|
|
442
|
+
{
|
|
443
|
+
"userId": "user123",
|
|
444
|
+
"progressToken": "op-456",
|
|
445
|
+
"startTime": 1708725600000,
|
|
446
|
+
"lastUpdate": 1708725650000,
|
|
447
|
+
"duration": 50000,
|
|
448
|
+
"messageCount": 125,
|
|
449
|
+
"bytesTransferred": 45231,
|
|
450
|
+
"averageMessageSize": 361.8,
|
|
451
|
+
"messagesPerSecond": 2.5
|
|
452
|
+
}
|
|
453
|
+
],
|
|
454
|
+
"health": {
|
|
455
|
+
"healthy": true,
|
|
456
|
+
"issues": [],
|
|
457
|
+
"warnings": []
|
|
458
|
+
},
|
|
459
|
+
"timestamp": "2026-02-23T21:00:00.000Z"
|
|
460
|
+
}
|
|
461
|
+
```
|
|
462
|
+
|
|
463
|
+
### Performance
|
|
464
|
+
|
|
465
|
+
- **Memory**: ~1KB per active stream
|
|
466
|
+
- **Network**: ~100-500 bytes per progress notification
|
|
467
|
+
- **CPU**: <1% overhead for typical workloads
|
|
468
|
+
- **Cleanup**: Stale streams (>5 minutes idle) automatically removed every minute
|
|
469
|
+
|
|
470
|
+
### Notes
|
|
471
|
+
|
|
472
|
+
- Progress streaming requires SSE or HTTP transport (not available with stdio)
|
|
473
|
+
- Progress tokens are automatically cleaned up after request completion
|
|
474
|
+
- Wrapped servers must implement progress notification support to send updates
|
|
475
|
+
- Health checks detect stale streams and high message rates
|
|
476
|
+
- Monitoring endpoints require authentication
|
|
477
|
+
|
|
288
478
|
## MCP Server Contract
|
|
289
479
|
|
|
290
480
|
To make your MCP server compatible with `wrapServer()`, export a factory function:
|
|
@@ -376,6 +566,24 @@ Working examples coming soon in [`examples/`](./examples/):
|
|
|
376
566
|
- `withTimeout()` - Request timeout
|
|
377
567
|
- `withRetry()` - Automatic retry on failure
|
|
378
568
|
|
|
569
|
+
## Example Projects
|
|
570
|
+
|
|
571
|
+
Real-world projects using `@prmichaelsen/mcp-auth`:
|
|
572
|
+
|
|
573
|
+
### [@prmichaelsen/agentbase-mcp-server](https://github.com/prmichaelsen/agentbase-mcp-server)
|
|
574
|
+
Multi-tenant Instagram MCP server with JWT authentication
|
|
575
|
+
- **Pattern**: Server Wrapping (Dynamic Mode)
|
|
576
|
+
- **Auth**: JWT + API-based token resolution
|
|
577
|
+
- **Use Case**: External API credentials (Instagram)
|
|
578
|
+
- **Transport**: SSE over HTTP
|
|
579
|
+
|
|
580
|
+
### [@prmichaelsen/remember-mcp-server](https://github.com/prmichaelsen/remember-mcp-server)
|
|
581
|
+
Multi-tenant MCP server for remember-mcp with Platform JWT authentication
|
|
582
|
+
- **Pattern**: Server Wrapping (Static Mode)
|
|
583
|
+
- **Auth**: JWT only (no tokenResolver)
|
|
584
|
+
- **Use Case**: User-scoped data in own database
|
|
585
|
+
- **Transport**: SSE over HTTP
|
|
586
|
+
|
|
379
587
|
## License
|
|
380
588
|
|
|
381
589
|
MIT
|
package/dist/index.d.ts
CHANGED
|
@@ -9,9 +9,9 @@
|
|
|
9
9
|
*
|
|
10
10
|
* @packageDocumentation
|
|
11
11
|
*/
|
|
12
|
-
export { wrapServer, AuthenticatedServerWrapper, type ServerWrapperConfig, type MCPServerFactory, type NormalizedServerWrapperConfig } from './wrapper/index.js';
|
|
12
|
+
export { wrapServer, AuthenticatedServerWrapper, type ServerWrapperConfig, type MCPServerFactory, type NormalizedServerWrapperConfig, ProgressManager, type ProgressCallback, type ProgressStreamMetrics } from './wrapper/index.js';
|
|
13
13
|
export { AuthenticatedMCPServer, type ServerConfig, type NormalizedServerConfig, withAuth, compose, withLogging, withRateLimit, withTimeout, withRetry, type Tool, AuthenticatedTool, createAuthenticatedTool, type AuthenticatedToolHandler } from './server/index.js';
|
|
14
|
-
export type { TransportType, RequestContext, AuthResult, TransportConfig, RateLimitConfig, LoggingConfig, MiddlewareConfig, PoolingConfig, Result, AsyncFunction, ToolHandler, Middleware } from './types.js';
|
|
14
|
+
export type { TransportType, RequestContext, AuthResult, TransportConfig, RateLimitConfig, LoggingConfig, MiddlewareConfig, PoolingConfig, Result, AsyncFunction, ToolHandler, Middleware, ProgressNotification, RequestExtra } from './types.js';
|
|
15
15
|
export type { AuthProvider, ResourceTokenResolver, AuthenticatedContext, AuthProviderConfig, TokenResolverConfig } from './auth/types.js';
|
|
16
16
|
export { BaseAuthProvider } from './auth/base-provider.js';
|
|
17
17
|
export { EnvAuthProvider, type EnvAuthProviderConfig, SimpleTokenResolver, type SimpleTokenResolverConfig, JWTAuthProvider, type JWTAuthProviderConfig, type JWTPayload, JWTTokenResolver, type JWTTokenResolverConfig, APITokenResolver, type APITokenResolverConfig } from './auth/providers/index.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAQH,OAAO,EACL,UAAU,EACV,0BAA0B,EAC1B,KAAK,mBAAmB,EACxB,KAAK,gBAAgB,EACrB,KAAK,6BAA6B,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAQH,OAAO,EACL,UAAU,EACV,0BAA0B,EAC1B,KAAK,mBAAmB,EACxB,KAAK,gBAAgB,EACrB,KAAK,6BAA6B,EAClC,eAAe,EACf,KAAK,gBAAgB,EACrB,KAAK,qBAAqB,EAC3B,MAAM,oBAAoB,CAAC;AAQ5B,OAAO,EACL,sBAAsB,EACtB,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,QAAQ,EACR,OAAO,EACP,WAAW,EACX,aAAa,EACb,WAAW,EACX,SAAS,EACT,KAAK,IAAI,EACT,iBAAiB,EACjB,uBAAuB,EACvB,KAAK,wBAAwB,EAC9B,MAAM,mBAAmB,CAAC;AAM3B,YAAY,EACV,aAAa,EACb,cAAc,EACd,UAAU,EACV,eAAe,EACf,eAAe,EACf,aAAa,EACb,gBAAgB,EAChB,aAAa,EACb,MAAM,EACN,aAAa,EACb,WAAW,EACX,UAAU,EACV,oBAAoB,EACpB,YAAY,EACb,MAAM,YAAY,CAAC;AAMpB,YAAY,EACV,YAAY,EACZ,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,mBAAmB,EACpB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D,OAAO,EACL,eAAe,EACf,KAAK,qBAAqB,EAC1B,mBAAmB,EACnB,KAAK,yBAAyB,EAC9B,eAAe,EACf,KAAK,qBAAqB,EAC1B,KAAK,UAAU,EACf,gBAAgB,EAChB,KAAK,sBAAsB,EAC3B,gBAAgB,EAChB,KAAK,sBAAsB,EAC5B,MAAM,2BAA2B,CAAC;AAQnC,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,sBAAsB,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,EACrB,mBAAmB,EACnB,kBAAkB,EAClB,oBAAoB,EACpB,eAAe,EAChB,MAAM,mBAAmB,CAAC;AAM3B,OAAO,EAEL,YAAY,EACZ,mBAAmB,EACnB,oBAAoB,EACpB,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,cAAc,EACd,eAAe,EACf,cAAc,EACd,eAAe,EACf,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACtB,gBAAgB,EAChB,oBAAoB,EAGpB,MAAM,EACN,QAAQ,EACR,aAAa,EACb,YAAY,EACZ,kBAAkB,EAGlB,sBAAsB,EACtB,WAAW,EACX,sBAAsB,EACtB,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,gBAAgB,EAChB,sBAAsB,EACtB,uBAAuB,EACvB,uBAAuB,EACvB,qBAAqB,EACrB,qBAAqB,EACrB,cAAc,EACd,cAAc,EACd,oBAAoB,EACpB,mBAAmB,EACpB,MAAM,kBAAkB,CAAC;AAG1B,YAAY,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAMlD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG"}
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import {
|
|
2
2
|
wrapServer,
|
|
3
|
-
AuthenticatedServerWrapper
|
|
3
|
+
AuthenticatedServerWrapper,
|
|
4
|
+
ProgressManager
|
|
4
5
|
} from "./wrapper/index.js";
|
|
5
6
|
import {
|
|
6
7
|
AuthenticatedMCPServer,
|
|
@@ -81,6 +82,7 @@ export {
|
|
|
81
82
|
Logger,
|
|
82
83
|
MCPAuthError,
|
|
83
84
|
MissingCredentialsError,
|
|
85
|
+
ProgressManager,
|
|
84
86
|
RateLimitError,
|
|
85
87
|
ServerPoolError,
|
|
86
88
|
SimpleTokenResolver,
|
package/dist/index.js.map
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../src/index.ts"],
|
|
4
|
-
"sourcesContent": ["/**\n * @prmichaelsen/mcp-auth\n *\n * Authentication and multi-tenancy framework for MCP (Model Context Protocol) servers.\n *\n * Supports two complementary patterns:\n * 1. **Server Wrapping** - Wrap existing MCP servers without modification (MCP-level auth)\n * 2. **Tool-Level Auth** - Build new MCP servers with integrated auth\n *\n * @packageDocumentation\n */\n\n// ============================================================================\n// PATTERN 1: SERVER WRAPPING (MCP-Level Auth)\n// ============================================================================\n// Use this to wrap existing MCP servers without modifying them\n// Ideal for multi-tenant services that host multiple MCP servers\n\nexport {\n wrapServer,\n AuthenticatedServerWrapper,\n type ServerWrapperConfig,\n type MCPServerFactory,\n type NormalizedServerWrapperConfig\n} from './wrapper/index.js';\n\n// ============================================================================\n// PATTERN 2: TOOL-LEVEL AUTH\n// ============================================================================\n// Use this to build new MCP servers with integrated authentication\n// Provides fine-grained control over auth per tool\n\nexport {\n AuthenticatedMCPServer,\n type ServerConfig,\n type NormalizedServerConfig,\n withAuth,\n compose,\n withLogging,\n withRateLimit,\n withTimeout,\n withRetry,\n type Tool,\n AuthenticatedTool,\n createAuthenticatedTool,\n type AuthenticatedToolHandler\n} from './server/index.js';\n\n// ============================================================================\n// SHARED: CORE TYPES\n// ============================================================================\n\nexport type {\n TransportType,\n RequestContext,\n AuthResult,\n TransportConfig,\n RateLimitConfig,\n LoggingConfig,\n MiddlewareConfig,\n PoolingConfig,\n Result,\n AsyncFunction,\n ToolHandler,\n Middleware\n} from './types.js';\n\n// ============================================================================\n// SHARED: AUTHENTICATION\n// ============================================================================\n\nexport type {\n AuthProvider,\n ResourceTokenResolver,\n AuthenticatedContext,\n AuthProviderConfig,\n TokenResolverConfig\n} from './auth/types.js';\n\nexport { BaseAuthProvider } from './auth/base-provider.js';\n\n// Providers\nexport {\n EnvAuthProvider,\n type EnvAuthProviderConfig,\n SimpleTokenResolver,\n type SimpleTokenResolverConfig,\n JWTAuthProvider,\n type JWTAuthProviderConfig,\n type JWTPayload,\n JWTTokenResolver,\n type JWTTokenResolverConfig,\n APITokenResolver,\n type APITokenResolverConfig\n} from './auth/providers/index.js';\n\n// ============================================================================\n// TENANT MANAGER INTEGRATION\n// ============================================================================\n// Standard interfaces for tenant manager APIs\n// Helps tenant platforms provide consistent APIs for MCP servers\n\nexport {\n type TenantAPIErrorResponse,\n type CredentialsAPIResponse,\n type CredentialsAPIHeaders,\n type TenantManagerAPI,\n TenantAPIStatusCode,\n TenantAPIErrorCode,\n createTenantAPIError,\n TenantAPIErrors\n} from './tenant/index.js';\n\n// ============================================================================\n// SHARED: UTILITIES\n// ============================================================================\n\nexport {\n // Errors\n MCPAuthError,\n AuthenticationError,\n TokenResolutionError,\n InvalidTokenError,\n MissingCredentialsError,\n ConfigurationError,\n RateLimitError,\n ServerPoolError,\n TransportError,\n ValidationError,\n isMCPAuthError,\n isAuthenticationError,\n isTokenResolutionError,\n isRateLimitError,\n formatErrorForClient,\n \n // Logger\n Logger,\n LogLevel,\n defaultLogger,\n createLogger,\n sanitizeForLogging,\n \n // Validation\n validateNonEmptyString,\n validateUrl,\n validatePositiveNumber,\n validatePort,\n validateEnum,\n validateObject,\n validateFunction,\n validateRequiredFields,\n validateTransportConfig,\n validateRateLimitConfig,\n validateLoggingConfig,\n validatePoolingConfig,\n sanitizeString,\n validateUserId,\n validateResourceType,\n validateAccessToken\n} from './utils/index.js';\n\n// Re-export types for convenience\nexport type { LogEntry } from './utils/logger.js';\n\n// ============================================================================\n// USAGE EXAMPLES\n// ============================================================================\n\n/**\n * @example Server Wrapping Pattern (MCP-Level Auth)\n * ```typescript\n * import { wrapServer, JWTAuthProvider, DatabaseTokenResolver } from '@prmichaelsen/mcp-auth';\n * import { createServer as createInstagramServer } from '@prmichaelsen/instagram-mcp';\n *\n * const wrapped = wrapServer({\n * serverFactory: (accessToken, userId) => createInstagramServer(accessToken, userId),\n * authProvider: new JWTAuthProvider({ jwtSecret: process.env.JWT_SECRET }),\n * tokenResolver: new DatabaseTokenResolver({ database: {...} }),\n * resourceType: 'instagram',\n * transport: { type: 'sse', port: 3000 }\n * });\n *\n * await wrapped.start();\n * ```\n *\n * @example Tool-Level Auth Pattern\n * ```typescript\n * import { AuthenticatedMCPServer, withAuth, EnvAuthProvider } from '@prmichaelsen/mcp-auth';\n *\n * const server = new AuthenticatedMCPServer({\n * name: 'my-server',\n * authProvider: new EnvAuthProvider(),\n * tokenResolver: new SimpleTokenResolver({ tokenEnvVar: 'API_TOKEN' }),\n * resourceType: 'myapi',\n * transport: { type: 'stdio' }\n * });\n *\n * server.registerTool('get_data', withAuth(async (args, accessToken, userId) => {\n * const client = new MyAPIClient(accessToken);\n * return client.getData(args);\n * }));\n *\n * await server.start();\n * ```\n */\n"],
|
|
5
|
-
"mappings": "AAkBA;AAAA,EACE;AAAA,EACA;AAAA,
|
|
4
|
+
"sourcesContent": ["/**\n * @prmichaelsen/mcp-auth\n *\n * Authentication and multi-tenancy framework for MCP (Model Context Protocol) servers.\n *\n * Supports two complementary patterns:\n * 1. **Server Wrapping** - Wrap existing MCP servers without modification (MCP-level auth)\n * 2. **Tool-Level Auth** - Build new MCP servers with integrated auth\n *\n * @packageDocumentation\n */\n\n// ============================================================================\n// PATTERN 1: SERVER WRAPPING (MCP-Level Auth)\n// ============================================================================\n// Use this to wrap existing MCP servers without modifying them\n// Ideal for multi-tenant services that host multiple MCP servers\n\nexport {\n wrapServer,\n AuthenticatedServerWrapper,\n type ServerWrapperConfig,\n type MCPServerFactory,\n type NormalizedServerWrapperConfig,\n ProgressManager,\n type ProgressCallback,\n type ProgressStreamMetrics\n} from './wrapper/index.js';\n\n// ============================================================================\n// PATTERN 2: TOOL-LEVEL AUTH\n// ============================================================================\n// Use this to build new MCP servers with integrated authentication\n// Provides fine-grained control over auth per tool\n\nexport {\n AuthenticatedMCPServer,\n type ServerConfig,\n type NormalizedServerConfig,\n withAuth,\n compose,\n withLogging,\n withRateLimit,\n withTimeout,\n withRetry,\n type Tool,\n AuthenticatedTool,\n createAuthenticatedTool,\n type AuthenticatedToolHandler\n} from './server/index.js';\n\n// ============================================================================\n// SHARED: CORE TYPES\n// ============================================================================\n\nexport type {\n TransportType,\n RequestContext,\n AuthResult,\n TransportConfig,\n RateLimitConfig,\n LoggingConfig,\n MiddlewareConfig,\n PoolingConfig,\n Result,\n AsyncFunction,\n ToolHandler,\n Middleware,\n ProgressNotification,\n RequestExtra\n} from './types.js';\n\n// ============================================================================\n// SHARED: AUTHENTICATION\n// ============================================================================\n\nexport type {\n AuthProvider,\n ResourceTokenResolver,\n AuthenticatedContext,\n AuthProviderConfig,\n TokenResolverConfig\n} from './auth/types.js';\n\nexport { BaseAuthProvider } from './auth/base-provider.js';\n\n// Providers\nexport {\n EnvAuthProvider,\n type EnvAuthProviderConfig,\n SimpleTokenResolver,\n type SimpleTokenResolverConfig,\n JWTAuthProvider,\n type JWTAuthProviderConfig,\n type JWTPayload,\n JWTTokenResolver,\n type JWTTokenResolverConfig,\n APITokenResolver,\n type APITokenResolverConfig\n} from './auth/providers/index.js';\n\n// ============================================================================\n// TENANT MANAGER INTEGRATION\n// ============================================================================\n// Standard interfaces for tenant manager APIs\n// Helps tenant platforms provide consistent APIs for MCP servers\n\nexport {\n type TenantAPIErrorResponse,\n type CredentialsAPIResponse,\n type CredentialsAPIHeaders,\n type TenantManagerAPI,\n TenantAPIStatusCode,\n TenantAPIErrorCode,\n createTenantAPIError,\n TenantAPIErrors\n} from './tenant/index.js';\n\n// ============================================================================\n// SHARED: UTILITIES\n// ============================================================================\n\nexport {\n // Errors\n MCPAuthError,\n AuthenticationError,\n TokenResolutionError,\n InvalidTokenError,\n MissingCredentialsError,\n ConfigurationError,\n RateLimitError,\n ServerPoolError,\n TransportError,\n ValidationError,\n isMCPAuthError,\n isAuthenticationError,\n isTokenResolutionError,\n isRateLimitError,\n formatErrorForClient,\n \n // Logger\n Logger,\n LogLevel,\n defaultLogger,\n createLogger,\n sanitizeForLogging,\n \n // Validation\n validateNonEmptyString,\n validateUrl,\n validatePositiveNumber,\n validatePort,\n validateEnum,\n validateObject,\n validateFunction,\n validateRequiredFields,\n validateTransportConfig,\n validateRateLimitConfig,\n validateLoggingConfig,\n validatePoolingConfig,\n sanitizeString,\n validateUserId,\n validateResourceType,\n validateAccessToken\n} from './utils/index.js';\n\n// Re-export types for convenience\nexport type { LogEntry } from './utils/logger.js';\n\n// ============================================================================\n// USAGE EXAMPLES\n// ============================================================================\n\n/**\n * @example Server Wrapping Pattern (MCP-Level Auth)\n * ```typescript\n * import { wrapServer, JWTAuthProvider, DatabaseTokenResolver } from '@prmichaelsen/mcp-auth';\n * import { createServer as createInstagramServer } from '@prmichaelsen/instagram-mcp';\n *\n * const wrapped = wrapServer({\n * serverFactory: (accessToken, userId) => createInstagramServer(accessToken, userId),\n * authProvider: new JWTAuthProvider({ jwtSecret: process.env.JWT_SECRET }),\n * tokenResolver: new DatabaseTokenResolver({ database: {...} }),\n * resourceType: 'instagram',\n * transport: { type: 'sse', port: 3000 }\n * });\n *\n * await wrapped.start();\n * ```\n *\n * @example Tool-Level Auth Pattern\n * ```typescript\n * import { AuthenticatedMCPServer, withAuth, EnvAuthProvider } from '@prmichaelsen/mcp-auth';\n *\n * const server = new AuthenticatedMCPServer({\n * name: 'my-server',\n * authProvider: new EnvAuthProvider(),\n * tokenResolver: new SimpleTokenResolver({ tokenEnvVar: 'API_TOKEN' }),\n * resourceType: 'myapi',\n * transport: { type: 'stdio' }\n * });\n *\n * server.registerTool('get_data', withAuth(async (args, accessToken, userId) => {\n * const client = new MyAPIClient(accessToken);\n * return client.getData(args);\n * }));\n *\n * await server.start();\n * ```\n */\n"],
|
|
5
|
+
"mappings": "AAkBA;AAAA,EACE;AAAA,EACA;AAAA,EAIA;AAAA,OAGK;AAQP;AAAA,EACE;AAAA,EAGA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,OAEK;AAmCP,SAAS,wBAAwB;AAGjC;AAAA,EACE;AAAA,EAEA;AAAA,EAEA;AAAA,EAGA;AAAA,EAEA;AAAA,OAEK;AAQP;AAAA,EAKE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAMP;AAAA,EAEE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAGA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAGA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;",
|
|
6
6
|
"names": []
|
|
7
7
|
}
|
package/dist/types.d.ts
CHANGED
|
@@ -8,6 +8,42 @@
|
|
|
8
8
|
* Transport types supported by the framework
|
|
9
9
|
*/
|
|
10
10
|
export type TransportType = 'stdio' | 'sse' | 'http';
|
|
11
|
+
/**
|
|
12
|
+
* Progress notification parameters
|
|
13
|
+
* Used for streaming progress updates during long-running operations
|
|
14
|
+
*/
|
|
15
|
+
export interface ProgressNotification {
|
|
16
|
+
/**
|
|
17
|
+
* Unique token identifying this progress stream
|
|
18
|
+
*/
|
|
19
|
+
progressToken: string | number;
|
|
20
|
+
/**
|
|
21
|
+
* Current progress value (optional)
|
|
22
|
+
*/
|
|
23
|
+
progress?: number;
|
|
24
|
+
/**
|
|
25
|
+
* Total expected value (optional)
|
|
26
|
+
*/
|
|
27
|
+
total?: number;
|
|
28
|
+
/**
|
|
29
|
+
* Progress message/description (optional)
|
|
30
|
+
*/
|
|
31
|
+
message?: string;
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Request extra parameters (from MCP SDK)
|
|
35
|
+
* Contains optional metadata passed with requests
|
|
36
|
+
*/
|
|
37
|
+
export interface RequestExtra {
|
|
38
|
+
/**
|
|
39
|
+
* Progress token for streaming progress notifications
|
|
40
|
+
*/
|
|
41
|
+
progressToken?: string | number;
|
|
42
|
+
/**
|
|
43
|
+
* Additional custom parameters
|
|
44
|
+
*/
|
|
45
|
+
[key: string]: any;
|
|
46
|
+
}
|
|
11
47
|
/**
|
|
12
48
|
* Request context passed to authentication providers
|
|
13
49
|
* Contains information about the incoming request
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,KAAK,GAAG,MAAM,CAAC;AAErD;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAC;IAExD;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC;;OAEG;IACH,SAAS,EAAE,aAAa,CAAC;IAEzB;;OAEG;IACH,SAAS,EAAE,IAAI,CAAC;IAEhB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,aAAa,EAAE,OAAO,CAAC;IAEvB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,IAAI,EAAE,aAAa,CAAC;IAEpB;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;;;OAOG;IACH,IAAI,CAAC,EAAE,OAAO,CAAC;IAEf;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,KAAK,MAAM,CAAC;IAEnE;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAE3C;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAEzB;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,SAAS,CAAC,EAAE,eAAe,CAAC;IAE5B;;OAEG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;;OAGG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,MAAM,MAAM,CAAC,CAAC,EAAE,CAAC,GAAG,KAAK,IAC3B;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,CAAC,CAAA;CAAE,GAC1B;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,CAAC;AAEjC;;GAEG;AACH,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,GAAG,EAAE,GAAG,GAAG,EAAE,EAAE,OAAO,GAAG,GAAG,IAClE,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEvC;;GAEG;AACH,MAAM,MAAM,WAAW,CAAC,KAAK,GAAG,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,CACpD,IAAI,EAAE,KAAK,EACX,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,KACX,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB;;GAEG;AACH,MAAM,MAAM,UAAU,CAAC,KAAK,GAAG,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,CACnD,OAAO,EAAE,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,KACjC,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,KAAK,GAAG,MAAM,CAAC;AAErD;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;IAE/B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAEhC;;OAEG;IACH,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAC;IAExD;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC;;OAEG;IACH,SAAS,EAAE,aAAa,CAAC;IAEzB;;OAEG;IACH,SAAS,EAAE,IAAI,CAAC;IAEhB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,aAAa,EAAE,OAAO,CAAC;IAEvB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,IAAI,EAAE,aAAa,CAAC;IAEpB;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;;;OAOG;IACH,IAAI,CAAC,EAAE,OAAO,CAAC;IAEf;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,KAAK,MAAM,CAAC;IAEnE;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAE3C;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAEzB;;;OAGG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,SAAS,CAAC,EAAE,eAAe,CAAC;IAE5B;;OAEG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;;OAGG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,MAAM,MAAM,CAAC,CAAC,EAAE,CAAC,GAAG,KAAK,IAC3B;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,CAAC,CAAA;CAAE,GAC1B;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,CAAC;AAEjC;;GAEG;AACH,MAAM,MAAM,aAAa,CAAC,KAAK,SAAS,GAAG,EAAE,GAAG,GAAG,EAAE,EAAE,OAAO,GAAG,GAAG,IAClE,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEvC;;GAEG;AACH,MAAM,MAAM,WAAW,CAAC,KAAK,GAAG,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,CACpD,IAAI,EAAE,KAAK,EACX,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,KACX,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB;;GAEG;AACH,MAAM,MAAM,UAAU,CAAC,KAAK,GAAG,GAAG,EAAE,OAAO,GAAG,GAAG,IAAI,CACnD,OAAO,EAAE,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,KACjC,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC"}
|
package/dist/wrapper/index.d.ts
CHANGED
|
@@ -1,36 +1,12 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Server wrapper
|
|
3
|
-
*
|
|
4
|
-
* Provides the main wrapServer() function for wrapping MCP servers with authentication.
|
|
2
|
+
* Server wrapper exports
|
|
5
3
|
*/
|
|
6
|
-
|
|
7
|
-
import type { ServerWrapperConfig } from './config.js';
|
|
8
|
-
export type { ServerWrapperConfig, MCPServerFactory, NormalizedServerWrapperConfig } from './config.js';
|
|
4
|
+
export { wrapServer } from './server-wrapper.js';
|
|
9
5
|
export { AuthenticatedServerWrapper } from './server-wrapper.js';
|
|
6
|
+
export type { ServerWrapperConfig, NormalizedServerWrapperConfig, MCPServerFactory } from './config.js';
|
|
10
7
|
/**
|
|
11
|
-
*
|
|
12
|
-
*
|
|
13
|
-
* This is the main entry point for the server wrapping pattern.
|
|
14
|
-
* It creates an authenticated wrapper around your MCP server factory function.
|
|
15
|
-
*
|
|
16
|
-
* @param config - Server wrapper configuration
|
|
17
|
-
* @returns Authenticated server wrapper instance
|
|
18
|
-
*
|
|
19
|
-
* @example
|
|
20
|
-
* ```typescript
|
|
21
|
-
* import { wrapServer } from '@prmichaelsen/mcp-auth';
|
|
22
|
-
* import { createServer } from '@myorg/my-mcp-server';
|
|
23
|
-
*
|
|
24
|
-
* const wrapped = wrapServer({
|
|
25
|
-
* serverFactory: (accessToken, userId) => createServer(accessToken, userId),
|
|
26
|
-
* authProvider: new JWTAuthProvider({ ... }),
|
|
27
|
-
* tokenResolver: new DatabaseTokenResolver({ ... }),
|
|
28
|
-
* resourceType: 'myapi',
|
|
29
|
-
* transport: { type: 'sse', port: 3000 }
|
|
30
|
-
* });
|
|
31
|
-
*
|
|
32
|
-
* await wrapped.start();
|
|
33
|
-
* ```
|
|
8
|
+
* Progress manager exports
|
|
34
9
|
*/
|
|
35
|
-
export
|
|
10
|
+
export { ProgressManager, type ProgressStreamMetrics } from './progress-manager.js';
|
|
11
|
+
export type { ProgressCallback } from './progress-manager.js';
|
|
36
12
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/wrapper/index.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/wrapper/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACjE,YAAY,EAAE,mBAAmB,EAAE,6BAA6B,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAExG;;GAEG;AACH,OAAO,EAAE,eAAe,EAAE,KAAK,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACpF,YAAY,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC"}
|
package/dist/wrapper/index.js
CHANGED
|
@@ -1,10 +1,9 @@
|
|
|
1
|
+
import { wrapServer } from "./server-wrapper.js";
|
|
1
2
|
import { AuthenticatedServerWrapper } from "./server-wrapper.js";
|
|
2
|
-
import {
|
|
3
|
-
function wrapServer(config) {
|
|
4
|
-
return new AuthenticatedServerWrapper(config);
|
|
5
|
-
}
|
|
3
|
+
import { ProgressManager } from "./progress-manager.js";
|
|
6
4
|
export {
|
|
7
|
-
|
|
5
|
+
AuthenticatedServerWrapper,
|
|
6
|
+
ProgressManager,
|
|
8
7
|
wrapServer
|
|
9
8
|
};
|
|
10
9
|
//# sourceMappingURL=index.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../src/wrapper/index.ts"],
|
|
4
|
-
"sourcesContent": ["/**\n * Server wrapper
|
|
5
|
-
"mappings": "
|
|
6
|
-
"names": [
|
|
4
|
+
"sourcesContent": ["/**\n * Server wrapper exports\n */\n\nexport { wrapServer } from './server-wrapper.js';\nexport { AuthenticatedServerWrapper } from './server-wrapper.js';\nexport type { ServerWrapperConfig, NormalizedServerWrapperConfig, MCPServerFactory } from './config.js';\n\n/**\n * Progress manager exports\n */\nexport { ProgressManager, type ProgressStreamMetrics } from './progress-manager.js';\nexport type { ProgressCallback } from './progress-manager.js';\n"],
|
|
5
|
+
"mappings": "AAIA,SAAS,kBAAkB;AAC3B,SAAS,kCAAkC;AAM3C,SAAS,uBAAmD;",
|
|
6
|
+
"names": []
|
|
7
7
|
}
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Progress notification manager for multi-tenant progress streaming
|
|
3
|
+
*
|
|
4
|
+
* Manages routing of progress notifications from wrapped MCP servers
|
|
5
|
+
* to the correct clients in multi-tenant deployments.
|
|
6
|
+
*/
|
|
7
|
+
import { Logger } from '../utils/logger.js';
|
|
8
|
+
import type { ProgressNotification } from '../types.js';
|
|
9
|
+
/**
|
|
10
|
+
* Progress stream metadata
|
|
11
|
+
*/
|
|
12
|
+
interface ProgressStream {
|
|
13
|
+
userId: string;
|
|
14
|
+
progressToken: string | number;
|
|
15
|
+
startTime: number;
|
|
16
|
+
lastUpdate: number;
|
|
17
|
+
messageCount: number;
|
|
18
|
+
bytesTransferred?: number;
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Progress notification callback
|
|
22
|
+
*/
|
|
23
|
+
export type ProgressCallback = (notification: ProgressNotification) => void;
|
|
24
|
+
/**
|
|
25
|
+
* Manages progress notification routing for multi-tenant deployments
|
|
26
|
+
*/
|
|
27
|
+
export declare class ProgressManager {
|
|
28
|
+
private streams;
|
|
29
|
+
private callbacks;
|
|
30
|
+
private logger;
|
|
31
|
+
constructor(logger: Logger);
|
|
32
|
+
/**
|
|
33
|
+
* Register a progress stream for a user
|
|
34
|
+
*/
|
|
35
|
+
registerStream(userId: string, progressToken: string | number, callback: ProgressCallback): void;
|
|
36
|
+
/**
|
|
37
|
+
* Forward a progress notification to the correct client
|
|
38
|
+
*/
|
|
39
|
+
forwardNotification(notification: ProgressNotification): boolean;
|
|
40
|
+
/**
|
|
41
|
+
* Unregister a progress stream
|
|
42
|
+
*/
|
|
43
|
+
unregisterStream(progressToken: string | number): void;
|
|
44
|
+
/**
|
|
45
|
+
* Get active streams for a user
|
|
46
|
+
*/
|
|
47
|
+
getUserStreams(userId: string): ProgressStream[];
|
|
48
|
+
/**
|
|
49
|
+
* Clean up stale streams (no updates for 5 minutes)
|
|
50
|
+
*/
|
|
51
|
+
cleanupStaleStreams(): void;
|
|
52
|
+
/**
|
|
53
|
+
* Get statistics about active streams
|
|
54
|
+
*/
|
|
55
|
+
getStats(): {
|
|
56
|
+
activeStreams: number;
|
|
57
|
+
totalMessages: number;
|
|
58
|
+
userCount: number;
|
|
59
|
+
};
|
|
60
|
+
/**
|
|
61
|
+
* Get detailed metrics for a specific stream
|
|
62
|
+
*/
|
|
63
|
+
getStreamMetrics(progressToken: string | number): ProgressStreamMetrics | null;
|
|
64
|
+
/**
|
|
65
|
+
* Get metrics for all active streams
|
|
66
|
+
*/
|
|
67
|
+
getAllMetrics(): ProgressStreamMetrics[];
|
|
68
|
+
/**
|
|
69
|
+
* Get aggregated metrics by user
|
|
70
|
+
*/
|
|
71
|
+
getUserMetrics(userId: string): {
|
|
72
|
+
activeStreams: number;
|
|
73
|
+
totalMessages: number;
|
|
74
|
+
totalBytes: number;
|
|
75
|
+
oldestStreamAge: number;
|
|
76
|
+
};
|
|
77
|
+
/**
|
|
78
|
+
* Check health of all active streams
|
|
79
|
+
*/
|
|
80
|
+
checkHealth(): {
|
|
81
|
+
healthy: boolean;
|
|
82
|
+
issues: string[];
|
|
83
|
+
warnings: string[];
|
|
84
|
+
};
|
|
85
|
+
}
|
|
86
|
+
/**
|
|
87
|
+
* Detailed progress stream metrics
|
|
88
|
+
*/
|
|
89
|
+
export interface ProgressStreamMetrics {
|
|
90
|
+
userId: string;
|
|
91
|
+
progressToken: string | number;
|
|
92
|
+
startTime: number;
|
|
93
|
+
lastUpdate: number;
|
|
94
|
+
duration: number;
|
|
95
|
+
messageCount: number;
|
|
96
|
+
bytesTransferred: number;
|
|
97
|
+
averageMessageSize: number;
|
|
98
|
+
messagesPerSecond: number;
|
|
99
|
+
}
|
|
100
|
+
export {};
|
|
101
|
+
//# sourceMappingURL=progress-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"progress-manager.d.ts","sourceRoot":"","sources":["../../src/wrapper/progress-manager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD;;GAEG;AACH,UAAU,cAAc;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,YAAY,EAAE,oBAAoB,KAAK,IAAI,CAAC;AAE5E;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,OAAO,CAAuC;IACtD,OAAO,CAAC,SAAS,CAAyC;IAC1D,OAAO,CAAC,MAAM,CAAS;gBAEX,MAAM,EAAE,MAAM;IAM1B;;OAEG;IACH,cAAc,CACZ,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,GAAG,MAAM,EAC9B,QAAQ,EAAE,gBAAgB,GACzB,IAAI;IAkBP;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,oBAAoB,GAAG,OAAO;IAkEhE;;OAEG;IACH,gBAAgB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAkBtD;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,cAAc,EAAE;IAYhD;;OAEG;IACH,mBAAmB,IAAI,IAAI;IAiB3B;;OAEG;IACH,QAAQ,IAAI;QACV,aAAa,EAAE,MAAM,CAAC;QACtB,aAAa,EAAE,MAAM,CAAC;QACtB,SAAS,EAAE,MAAM,CAAC;KACnB;IAgBD;;OAEG;IACH,gBAAgB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,GAAG,qBAAqB,GAAG,IAAI;IAuB9E;;OAEG;IACH,aAAa,IAAI,qBAAqB,EAAE;IAaxC;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG;QAC9B,aAAa,EAAE,MAAM,CAAC;QACtB,aAAa,EAAE,MAAM,CAAC;QACtB,UAAU,EAAE,MAAM,CAAC;QACnB,eAAe,EAAE,MAAM,CAAC;KACzB;IAyBD;;OAEG;IACH,WAAW,IAAI;QACb,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;KACpB;CAyCF;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;CAC3B"}
|