@sassoftware/sas-score-mcp-serverjs 1.0.1-23 → 1.0.1-25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/processHeaders.js +10 -4
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sassoftware/sas-score-mcp-serverjs",
3
- "version": "1.0.1-23",
3
+ "version": "1.0.1-25",
4
4
  "description": "A mcp server for SAS Viya",
5
5
  "author": "Deva Kumar <deva.kumar@sas.com>",
6
6
  "license": "Apache-2.0",
package/src/processHeaders.js CHANGED
@@ -34,18 +34,24 @@ function processHeaders(req, res, next, cache, appContext) {
34
34
  let token = (hdr != null) ? hdr.slice(7) : null;
35
35
  //console.error("[Note] Authorization token", token);
36
36
  debugger;
37
- console.error('>>>',appContext.AUTHFLOW);
37
+ console.error('[Note} AUTHFLOW=', appContext.AUTHFLOW);
38
+ console.error("[Note] External authorization :", appContext.AUTHEXTERNAL);
38
39
  if (appContext.AUTHFLOW === 'bearer') {
39
40
  debugger;
40
41
  let startAuth = false;
41
- console.error("[Note] appContext.AUTHEXTERNAL:", appContext.AUTHEXTERNAL);
42
+
42
43
  if (appContext.AUTHEXTERNAL === true) {
43
44
  console.error("[Note] Expecting external authorization");
44
45
  if (token != null) {
45
46
  console.error("[Note] Using user supplied token for authorization");
46
47
  headerCache.bearerToken = token;
47
48
  } else {
48
- startAuth = true;
49
+ console.error("[Note] No Authorization token provided in header for external authorization.");
50
+ console.error("[Note] Returning 404 since we are configured for external token and no token provided in header.");
51
+ return res.status(404).json({
52
+ error: "unauthorized",
53
+ error_description: "[Error] Missing token for external authorization."
54
+ });
49
55
  }
50
56
  } else if (token == null) {
51
57
  console.error("[Note] No Authorization token provided in header.");
@@ -55,7 +61,7 @@ function processHeaders(req, res, next, cache, appContext) {
55
61
  let tokenlist = cache.get("tokenlist");
56
62
  let tokenData = tokenlist[token];
57
63
  if (tokenData == null) {
58
- return res.status(403).json({
64
+ return res.status(401).json({
59
65
  error: "unauthorized",
60
66
  error_description: "[Error] Expired token. Clear token and try again."
61
67
  });