npm - @sassoftware/sas-score-mcp-serverjs - Versions diffs - 0.3.2 → 0.3.3 - Mend

@sassoftware/sas-score-mcp-serverjs 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json +1 -1
package/src/expressMcpServer.js +251 -247
package/src/hapiMcpServer.js +3 -2
package/src/openAPIJson.js +117 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sassoftware/sas-score-mcp-serverjs",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "A mcp server for SAS Viya",
   "author": "Deva Kumar <deva.kumar@sas.com>",
   "license": "Apache-2.0",

package/src/expressMcpServer.js CHANGED Viewed

@@ -11,7 +11,7 @@ import cors from "cors";
 import bodyParser from "body-parser";
 import selfsigned from "selfsigned";
-import getOpts from "./toolHelpers/getOpts.js";
+import openAPIJson from "./openAPIJson.js";
 import fs from "fs";
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
@@ -21,7 +21,7 @@ import { isInitializeRequest } from "@modelcontextprotocol/sdk/types.js";
 // setup express server
-async function expressMcpServer(mcpServer, cache, currentAppEnvContext) {
+async function expressMcpServer(mcpServer, cache, baseAppEnvContext) {
   // setup for change to persistence session
   let headerCache = {};
@@ -49,289 +49,293 @@ async function expressMcpServer(mcpServer, cache, currentAppEnvContext) {
   // setup routes
   app.get("/health", (req, res) => {
     console.error("Received request for health endpoint");
-    res.json({
+    let health = {
       name: "@sassoftware/mcp-server",
-      version: "1.0.0",
+      version: baseAppEnvContext.version,
       description: "SAS Viya Sample MCP Server",
       endpoints: {
         mcp: "/mcp",
         health: "/health",
+        apiMeta: "/apiMeta"
       },
       usage:
         "Use with MCP Inspector or compatible MCP clients like vscode or your own MCP client",
-    });
+    };
+    res.json(health);
   });
-  // Root endpoint info
-  app.get("/", (req, res) => {
-    res.json({
-      name: "SAS Viya Sample MCP Server",
-      version: "1.0.0",
-      description: "SAS Viya Sample MCP Server",
-      endpoints: {
-        mcp: "/mcp",
-        health: "/health",
-      },
-      usage: "Use with MCP Inspector or compatible MCP clients",
-    });
+// Root endpoint info
+app.get("/", (req, res) => {
+  res.json({
+    name: "SAS Viya Sample MCP Server",
+    version: "1.0.0",
+    description: "SAS Viya Sample MCP Server",
+    endpoints: {
+      mcp: "/mcp",
+      health: "/health",
+      apiMeta: "/apiMeta"
+    },
+    usage: "Use with MCP Inspector or compatible MCP clients",
   });
+});
-  // api metadata endpoint
-  app.get("/apiMeta", (req, res) => {
-    let spec = fs.readFileSync("./openApi.json", "utf8");
-    let specJson = JSON.parse(spec);
-    res.json(specJson);
-  });
+// api metadata endpoint
+app.get("/apiMeta", (req, res) => {
+  let spec = openAPIJson();
+  res.json(spec);
+});
-  // handle processing of information in header.
-  function requireBearer(req, res, next) {
+// handle processing of information in header.
+function requireBearer(req, res, next) {
-    // process any new header information
-    // Allow different VIYA server per sessionid(user)
-    let headerCache = {};
-    if (req.header("X-VIYA-SERVER") != null) {
-      console.error("[Note] Using user supplied VIYA server");
-      headerCache.VIYA_SERVER = req.header("X-VIYA-SERVER");
-    }
+  // process any new header information
-    // used when doing autorization via mcp client
-    // ideal for production use
-    const hdr = req.header("Authorization");
-    if (hdr != null) {
-      headerCache.bearerToken = hdr.slice(7);
-      headerCache.AUTHFLOW = "bearer";
-    }
+  // Allow different VIYA server per sessionid(user)
+  let headerCache = {};
+  if (req.header("X-VIYA-SERVER") != null) {
+    console.error("[Note] Using user supplied VIYA server");
+    headerCache.VIYA_SERVER = req.header("X-VIYA-SERVER");
+  }
-    // faking out api key since Viya does not support
-    // not ideal for production
-    const hdr2 = req.header("X-REFRESH-TOKEN");
-    if (hdr2 != null) {
-      headerCache.refreshToken = hdr2;
-      headerCache.AUTHFLOW = "refresh";
-    }
-    next();
+  // used when doing autorization via mcp client
+  // ideal for production use
+  const hdr = req.header("Authorization");
+  if (hdr != null) {
+    headerCache.bearerToken = hdr.slice(7);
+    headerCache.AUTHFLOW = "bearer";
   }
-  // process mcp endpoint requests
-  const handleRequest = async (req, res) => {
-    let transport;
-    let transports = cache.get("transports");
-    try {
-      let sessionId = req.headers["mcp-session-id"];
-      // we have session id, get existing transport
-      if (sessionId != null) {
-        /* existing transport */
-        transport = transports[sessionId];
-        if (transport == null) {
-          throw new Error(`No transport found for session ID: ${sessionId}`);
-        }
+  // faking out api key since Viya does not support
+  // not ideal for production
+  const hdr2 = req.header("X-REFRESH-TOKEN");
+  if (hdr2 != null) {
+    headerCache.refreshToken = hdr2;
+    headerCache.AUTHFLOW = "refresh";
+  }
-        // post the curren session - used to pass _appContext to tools
-        cache.set("currentId", sessionId);
+  next();
+}
-        // get app context for session
-        let _appContext = cache.get(sessionId);
+// process mcp endpoint requests
+const handleRequest = async (req, res) => {
+  let transport;
+  let transports = cache.get("transports");
+  try {
-        //if first prompt on a sessionid, create app context
-        if (_appContext == null) {
-          let appEnvTemplate = cache.get("appEnvTemplate");
-          _appContext = Object.assign({}, appEnvTemplate, headerCache);
-          cache.set(sessionId, _appContext);
-        }
-        console.error("[Note] Using existing transport for session ID:", sessionId);
-        await transport.handleRequest(req, res, req.body);
-      }
+    let sessionId = req.headers["mcp-session-id"];
-        // initialize request
-      else if (!sessionId && isInitializeRequest(req.body)) {
-          // create transport
-          transport = new StreamableHTTPServerTransport({
-            sessionIdGenerator: () => randomUUID(),
-            enableJsonResponse: true,
-            onsessioninitialized: (sessionId) => {
-              // Store the transport by session ID
-              transports[sessionId] = transport;
-            },
-          });
-          // Clean up transport when closed
-          transport.onclose = () => {
-            if (transport.sessionId) {
-              delete transports[transport.sessionId];
-            }
-          };
-          console.error("[Note] Connecting mcpServer to new transport...");
-          await mcpServer.connect(transport);
-          // Save transport data and app context for use in tools
-          await transport.handleRequest(req, res, req.body);
-          // cache transport
-          cache.set("transports", transports);
-        }
+    // we have session id, get existing transport
+    if (sessionId != null) {
+      /* existing transport */
+      transport = transports[sessionId];
+      if (transport == null) {
+        throw new Error(`No transport found for session ID: ${sessionId}`);
       }
-    catch (error) {
-      console.error("Error handling MCP request:", error);
-      if (!res.headersSent) {
-        res.status(500).json({
-          jsonrpc: "2.0",
-          error: {
-            code: -32603,
-            message: JSON.stringify(error),
-          },
-          id: null,
-        });
+      // post the curren session - used to pass _appContext to tools
+      cache.set("currentId", sessionId);
+      // get app context for session
+      let _appContext = cache.get(sessionId);
+      //if first prompt on a sessionid, create app context
+      if (_appContext == null) {
+        let appEnvTemplate = cache.get("appEnvTemplate");
+        _appContext = Object.assign({}, appEnvTemplate, headerCache);
+        cache.set(sessionId, _appContext);
       }
-      return;
+      console.error("[Note] Using existing transport for session ID:", sessionId);
+      await transport.handleRequest(req, res, req.body);
     }
-  };
-  const handleGetDelete = async (req, res) => {
-    console.error(req.method, "/mcp called");
-    const sessionId = req.headers["mcp-session-id"];
-    console.error("Handling GET/DELETE for session ID:", sessionId);
-    let transports = cache.get("transports");
-    let transport = transports[sessionId];
-    if (!sessionId || transport == null) {
-      res.status(400).send(`[Error] In ${req.method}: Invalid or missing session ID ${sessionId}`);
-      return;
+    // initialize request
+    else if (!sessionId && isInitializeRequest(req.body)) {
+      // create transport
+      transport = new StreamableHTTPServerTransport({
+        sessionIdGenerator: () => randomUUID(),
+        enableJsonResponse: true,
+        onsessioninitialized: (sessionId) => {
+          // Store the transport by session ID
+          transports[sessionId] = transport;
+        },
+      });
+      // Clean up transport when closed
+      transport.onclose = () => {
+        if (transport.sessionId) {
+          delete transports[transport.sessionId];
+        }
+      };
+      console.error("[Note] Connecting mcpServer to new transport...");
+      await mcpServer.connect(transport);
+      // Save transport data and app context for use in tools
+      await transport.handleRequest(req, res, req.body);
+      // cache transport
+      cache.set("transports", transports);
     }
-    await transport.handleRequest(req, res);
-    if (req.method === "DELETE") {
-      console.error("Deleting transport and cache for session ID:", sessionId);
-      delete transports[sessionId];
-      cache.del(sessionId);
+  }
+  catch (error) {
+    console.error("Error handling MCP request:", error);
+    if (!res.headersSent) {
+      res.status(500).json({
+        jsonrpc: "2.0",
+        error: {
+          code: -32603,
+          message: JSON.stringify(error),
+        },
+        id: null,
+      });
     }
+    return;
+  }
+};
+const handleGetDelete = async (req, res) => {
+  console.error(req.method, "/mcp called");
+  const sessionId = req.headers["mcp-session-id"];
+  console.error("Handling GET/DELETE for session ID:", sessionId);
+  let transports = cache.get("transports");
+  let transport = transports[sessionId];
+  if (!sessionId || transport == null) {
+    res.status(400).send(`[Error] In ${req.method}: Invalid or missing session ID ${sessionId}`);
+    return;
+  }
+  await transport.handleRequest(req, res);
+  if (req.method === "DELETE") {
+    console.error("Deleting transport and cache for session ID:", sessionId);
+    delete transports[sessionId];
+    cache.del(sessionId);
   }
+}
-  app.options("/mcp", (_, res) => res.sendStatus(204));
-  app.post("/mcp", requireBearer, handleRequest);
-  app.get("/mcp", handleGetDelete);
-  app.delete("/mcp", handleGetDelete);
-  // Start the server
-  let appEnvBase = cache.get("appEnvBase");
-  const PORT = appEnvBase.PORT;
-  // get user specified TLS options
-  let appServer;
-  // get TLS options
-  if (appEnvBase.HTTPS === 'TRUE') {
-    //appEnvBase.tlsOpts = getOpts(appEnvBase);
-    if (appEnvBase.tlsOpts == null) {
-      appEnvBase.tlsOpts = await getTls(appEnvBase);
-      console.error(Object.keys(appEnvBase.tlsOpts));
-      appEnvBase.tlsOpts.requestCert = false;
-      appEnvBase.tlsOpts.rejectUnauthorized = false;
-    }
-    cache.set("appEnvBase", appEnvBase);
-    console.error(`[Note] MCP Server listening on port ${PORT}`);
-    console.error(
-      "[Note] Visit https://localhost:8080/health for health check"
-    );
-    console.error(
-      "[Note] Configure your mcp host to use https://localhost:8080/mcp to interact with the MCP server"
-    );
-    console.error("[Note] Press Ctrl+C to stop the server");
-    appServer = https.createServer(appEnvBase.tlsOpts, app);
-    appServer.listen(PORT, "0.0.0.0", () => {});
-  } else {
-    console.error(`[Note] MCP Server listening on port ${PORT}`);
-    console.error("[Note] Visit http://localhost:8080/health for health check");
-    console.error(
-      "[Note] Configure your mcp host to use http://localhost:8080/mcp to interact with the MCP server"
-    );
-    console.error("[Note] Press Ctrl+C to stop the server");
+app.options("/mcp", (_, res) => res.sendStatus(204));
+app.post("/mcp", requireBearer, handleRequest);
+app.get("/mcp", handleGetDelete);
+app.delete("/mcp", handleGetDelete);
+// Start the server
+let appEnvBase = cache.get("appEnvBase");
+const PORT = appEnvBase.PORT;
+// get user specified TLS options
+let appServer;
+// get TLS options
+if (appEnvBase.HTTPS === 'TRUE') {
+  //appEnvBase.tlsOpts = getOpts(appEnvBase);
+  if (appEnvBase.tlsOpts == null) {
+    appEnvBase.tlsOpts = await getTls(appEnvBase);
+    console.error(Object.keys(appEnvBase.tlsOpts));
+    appEnvBase.tlsOpts.requestCert = false;
+    appEnvBase.tlsOpts.rejectUnauthorized = false;
+  }
+  cache.set("appEnvBase", appEnvBase);
+  console.error(`[Note] MCP Server listening on port ${PORT}`);
+  console.error(
+    "[Note] Visit https://localhost:8080/health for health check"
+  );
+  console.error(
+    "[Note] Configure your mcp host to use https://localhost:8080/mcp to interact with the MCP server"
+  );
+  console.error("[Note] Press Ctrl+C to stop the server");
+  appServer = https.createServer(appEnvBase.tlsOpts, app);
+  appServer.listen(PORT, "0.0.0.0", () => { });
+} else {
+  console.error(`[Note] MCP Server listening on port ${PORT}`);
+  console.error("[Note] Visit http://localhost:8080/health for health check");
+  console.error(
+    "[Note] Configure your mcp host to use http://localhost:8080/mcp to interact with the MCP server"
+  );
+  console.error("[Note] Press Ctrl+C to stop the server");
+  try {
     appServer = app.listen(PORT, "0.0.0.0", () => {
       console.error(
         `[Note] Express server successfully bound to 0.0.0.0:${PORT}`
       );
     });
+  } catch (error) {
+    console.error("Error starting server:", error);
   }
-  process.on("SIGTERM", () => {
-    console.error("Server closed");
-    if (appServer != null) {
-      appServer.close(() => {});
-    }
-    process.exit(0);
-  });
-  process.on("SIGINT", () => {
-    console.error("Server closed");
-    if (appServer != null) {
-      appServer.close(() => {});
-    }
-    process.exit(0);
+}
+process.on("SIGTERM", () => {
+  console.error("Server closed");
+  if (appServer != null) {
+    appServer.close(() => { });
+  }
+  process.exit(0);
+});
+process.on("SIGINT", () => {
+  console.error("Server closed");
+  if (appServer != null) {
+    appServer.close(() => { });
+  }
+  process.exit(0);
+});
+// create unsigned TLS cert
+async function getTls(appEnv) {
+  let tlscreate =
+    appEnv.TLS_CREATE == null
+      ? "TLS_CREATE=C:US,ST:NC,L:Cary,O:SAS Institute,OU:STO,CN:localhost,ALT:na.sas.com"
+      : appEnv.TLS_CREATE;
+  let subjt = tlscreate.replaceAll('"', "").trim();
+  let subj = subjt.split(",");
+  let d = {};
+  subj.map((c) => {
+    let r = c.split(":");
+    d[r[0]] = r[1];
+    return { value: r[1] };
   });
-  // create unsigned TLS cert
-  async function getTls(appEnv) {
-    let tlscreate =
-      appEnv.TLS_CREATE == null
-        ? "TLS_CREATE=C:US,ST:NC,L:Cary,O:SAS Institute,OU:STO,CN:localhost,ALT:na.sas.com"
-        : appEnv.TLS_CREATE;
-    let subjt = tlscreate.replaceAll('"', "").trim();
-    let subj = subjt.split(",");
-    let d = {};
-    subj.map((c) => {
-      let r = c.split(":");
-      d[r[0]] = r[1];
-      return { value: r[1] };
-    });
-    let attr = [
-      {
-        name: "commonName",
-        value: d.CN,
-      },
-      {
-        name: "countryName",
-        value: d.C,
-      },
-      {
-        shortName: "ST",
-        value: d.ST,
-      },
-      {
-        name: "localityName",
-        value: d.L,
-      },
-      {
-        name: "organizationName",
-        value: d.O,
-      },
-      {
-        shortName: "OU",
-        value: d.OU,
-      },
-    ];
-    let pems = selfsigned.generate(attr);
-    // selfsigned generates a new keypair
-    let tls = {
-      cert: pems.cert,
-      key: pems.private,
-    };
-    console.error("Generated self-signed TLS certificate");
-    return tls;
-  }
+  let attr = [
+    {
+      name: "commonName",
+      value: d.CN,
+    },
+    {
+      name: "countryName",
+      value: d.C,
+    },
+    {
+      shortName: "ST",
+      value: d.ST,
+    },
+    {
+      name: "localityName",
+      value: d.L,
+    },
+    {
+      name: "organizationName",
+      value: d.O,
+    },
+    {
+      shortName: "OU",
+      value: d.OU,
+    },
+  ];
+  let pems = selfsigned.generate(attr);
+  // selfsigned generates a new keypair
+  let tls = {
+    cert: pems.cert,
+    key: pems.private,
+  };
+  console.error("Generated self-signed TLS certificate");
+  return tls;
+}
 }
 export default expressMcpServer;

package/src/hapiMcpServer.js CHANGED Viewed

@@ -112,6 +112,7 @@ async function hapiMcpServer(mcpServer, cache, baseAppEnvContext) {
               endpoints: {
                 mcp: "/mcp",
                 health: "/health",
+                apiMeta: "/apiMeta"
               },
               usage:
                 "Use with MCP Inspector or compatible MCP clients like vscode or your own MCP client",
@@ -165,8 +166,8 @@ async function hapiMcpServer(mcpServer, cache, baseAppEnvContext) {
           },
           auth: {
-            strategy: "session",
-            mode: 'try'
+            strategy: "sas",
+            mode: 'required'
           },
           description: "The main route for MCP requests",
           notes: "Requires a valid session",

package/src/openAPIJson.js ADDED Viewed

@@ -0,0 +1,117 @@
+/*
+ * Copyright © 2025, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+function openAPIJson() {
+let spec =
+  {
+  "swagger": "2.0",
+  "info": {
+    "title": "SAS Viya Sample MCP Server",
+    "version": "1.0.0",
+    "description": "OpenAPI 2.0 spec for the SAS Viya Sample MCP Server"
+  },
+  "host": "localhost:8080",
+  "schemes": ["http", "https"],
+  "basePath": "/",
+  "paths": {
+    "/health": {
+      "get": {
+        "summary": "Health check endpoint",
+        "description": "Returns server health and metadata",
+        "produces": ["application/json"],
+        "responses": {
+          "200": {
+            "description": "Health info",
+            "schema": { "type": "object" }
+          }
+        }
+      }
+    },
+    "/": {
+      "get": {
+        "summary": "Root endpoint",
+        "description": "Returns server info and usage",
+        "produces": ["application/json"],
+        "responses": {
+          "200": {
+            "description": "Server info",
+            "schema": { "type": "object" }
+          }
+        }
+      }
+    },
+    "/mcp": {
+      "get": {
+        "summary": "MCP endpoint (GET)",
+        "description": "Handles MCP protocol requests (GET)",
+        "produces": ["application/json"],
+        "parameters": [
+          {
+            "name": "Authorization",
+            "in": "header",
+            "type": "string",
+            "required": false
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "MCP response",
+            "schema": { "type": "object" }
+          }
+        }
+      },
+      "post": {
+        "summary": "MCP endpoint (POST)",
+        "description": "Handles MCP protocol requests (POST)",
+        "consumes": ["application/json"],
+        "produces": ["application/json"],
+        "parameters": [
+          {
+            "name": "Authorization",
+            "in": "header",
+            "type": "string",
+            "required": false
+          },
+          {
+            "name": "X-VIYA-SERVER",
+            "in": "header",
+            "type": "string",
+            "required": false
+          },
+          {
+            "name": "X-REFRESH-TOKEN",
+            "in": "header",
+            "type": "string",
+            "required": false
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "schema": { "type": "object" }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "MCP response",
+            "schema": { "type": "object" }
+          }
+        }
+      },
+      "options": {
+        "summary": "CORS preflight",
+        "description": "CORS preflight for MCP endpoint",
+        "responses": {
+          "204": {
+            "description": "No Content"
+          }
+        }
+      }
+    }
+  }
+};
+return spec;
+}
+export default openAPIJson;