@sassoftware/sas-score-mcp-serverjs 1.0.1-3 → 1.0.1-31

package/cli.js

@@ -9,15 +9,11 @@
 
 import coreSSE from './src/coreSSE.js';
 import expressMcpServer from './src/expressMcpServer.js';
-import hapiMcpServer from './src/hapiMcpServer.js';
-
 import createMcpServer from './src/createMcpServer.js';
 // import dotenvExpand from 'dotenv-expand';
 import fs from 'fs';
 import { randomUUID } from 'node:crypto';
 
-//import refreshToken from './src/toolHelpers/refreshToken.js';
-//import getOptsViya from './src/toolHelpers/getOptsViya.js';
 import readCerts from './src/toolHelpers/readCerts.js';
 
 import { fileURLToPath } from 'url';
@@ -27,7 +23,8 @@ import setupSkills from './src/setupSkills.js';
 import { parseArgs } from "node:util";
 
 import NodeCache from 'node-cache';
-import { be } from 'zod/locales';
+//import { be } from 'zod/locales';
+//import { auth } from '@modelcontextprotocol/sdk/client/auth';
 //import getOpts from './src/toolHelpers/getOpts.js';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
@@ -72,11 +69,6 @@ const args = parseArgs({
       short: 'c',
       description: 'Client ID for authentication'
     },
-    clientsecret: {
-      type: 'string',
-      short: 's',
-      description: 'Client Secret for authentication'
-    },
     profile: {
       type: 'string',
       description: 'SAS CLI profile name'
@@ -107,6 +99,17 @@ const args = parseArgs({
       alias: 'mcpclient',
       description: 'MCP client name (github, claude...). Defaults to \'github\''
     },
+    folder: {
+      type: 'string',
+      short: 'f',
+      description: 'Subfolder under the client folder to copy the skills to, used to have different set of skills for different agents under the same client'
+
+    },
+    skills: {
+      type: 'string',
+      short: 's',
+      description: 'Copies the skills for .github and .claude to the user home directory under .clientname (e.g. .github) or current directory if client name starts with dot (e.g. ./.github), used to have different set of skills for different clients'
+    },
     help: {
       type: 'boolean',
       short: 'h',
@@ -125,28 +128,28 @@ const args = parseArgs({
 // Handle help flag
 if (args.values.help) {
   console.error(`
-                SAS Viya Scoring Expert Agent - Version: ${JSON.parse(pkg).version}
+                sas-score-mcp-serverjs - Version: ${JSON.parse(pkg).version}
 
 Usage: npx @sassoftware/sas-score-mcp-serverjs@dev [options]
 
 Options:
   Minimal options:
     -v, --viya <url>               Viya server URL
-    -c, --clientid <id>            Client ID for oauth authentication(pkce preferred. default: vscodemcp)
   
   MCP server options:
     -t, --mcptype <type>           MCP server type: http or stdio (default: http)
     -m, --mcphost <host>           MCP server host - can be remote URL - (default: http://localhost:8080)
   
-  Agent options:
-    --agent                        Enable agent mode with a pre-configured set of skills based on the client specified (default: false)
-    --client <name>                MCP client name (github, claude...). Defaults to 'github'.Use to install skills
   Authentication options:
+    -c, --clientid <id>            Client ID for oauth authentication(pkce preferred. default: vscodemcp)
     -a, --authflow <flow>          Authentication flow: oauth, oauthclient, sascli, code, token(default oauth)
-    -s, --clientsecret <secret>   Client Secret for oauth authentication (not needed for pkce)
     --profile <name>               SAS CLI profile name for sascli flow (default: Default)
     --config <path>                SAS CLI config directory for sascli flow (default: user home directory)
 
+  Agent/skills options:
+    -s, --skills  <name>           Copies the skills for .github and .claude
+    -f, --folder <folder>          Subfolder to copy the skills to. ex: ./github/<folder>, used to have different set of skills for different agents under the same client. 
+ 
   Other options:
     -p, --port <port>              Port to run the server on (default: 8080)
     --https                        Use HTTPS for the server (default: false)
@@ -165,6 +168,13 @@ Environment Variables:
   `);
   process.exit(0);
 }
+if (args.values.skills) {
+  console.error(`[Note] Settings up skills for ${args.values.skills }`);
+  setupSkills(args.values.skills, args.values.folder);;
+  console.error(`[Note] Skills setup completed. `);
+  process.exit(0);
+}
+
 console.error('Parsed command line arguments:', args.values);
 // read env file and then override with command line arguments
 if (args.values.env) {
@@ -194,7 +204,7 @@ process.env.AUTHFLOW = args.values.authflow || process.env.AUTHFLOW || 'oauth';
 process.env.MCPCLIENT = args.values.client || process.env.MCPCLIENT || 'github';
 process.env.VIYA_SERVER = args.values.viya || process.env.VIYA_SERVER;
 process.env.CLIENTID = args.values.clientid || process.env.CLIENTID || 'vscodemcp';
-process.env.CLIENTSECRET = args.values.clientsecret || process.env.CLIENTSECRET || null;
+process.env.CLIENTSECRET = null;
 process.env.SAS_CLI_PROFILE = args.values.profile || process.env.SAS_CLI_PROFILE || 'Default';
 process.env.SAS_CLI_CONFIG = args.values.config || process.env.SAS_CLI_CONFIG || os.homedir(); // default to user home directory
 process.env.CASSERVER = args.values.casserver || process.env.CASSERVER || 'cas-shared-default';
@@ -219,6 +229,7 @@ if (args.values.version) {
 console.error(`[Note] MCP client set to: ${process.env.CLIENT}`);
 
 
+
 /********************************* */
 const BRAND = 'sas-score'
 /********************************* */
@@ -256,8 +267,10 @@ let mcpHost = process.env.MCPHOST;
 if (authFlow === 'oauth' || authFlow === 'oauthclient') {
   authFlow = 'bearer';
   authExternal = (authFlow === 'oauthclient') ? true : false;
+} else if (authFlow === 'bearer') {
+  authExternal = true; // in bearer token flow we assume the token is generated externally and passed in via env variable or token file, so we set authExternal to true to indicate that  
 }
-let autoLogon = process.env.AUTOLOGON != null ? process.env.AUTOLOGON.toUpperCase() : "FALSE";
+  let autoLogon = process.env.AUTOLOGON != null ? process.env.AUTOLOGON.toUpperCase() : "FALSE";
 const appEnvBase = {
   version: version,
   mcpType: mcpType,
@@ -373,10 +386,13 @@ if (appEnvBase.TOKENFILE != null) {
 
 // setup skills based on client before mcp initialization
 //
+
+
+
 if (process.env.AGENT === 'TRUE') {
   if (process.env.CLIENT !== 'none') {
     console.error(`[Note] Setting up skills for client: ${process.env.CLIENT}...`);
-    setupSkills(process.env.CLIENT);
+    setupSkills(process.env.CLIENT, args.values.folder); 
   } 
 } else {
     console.error(`[Note] Agent mode not enabled`);
@@ -453,14 +469,8 @@ if (mcpType === 'stdio') {
 
 } else {
   console.error('[Note] Starting HTTP MCP server...');
-  if (useHapi === true) {
-    process.env.AUTHTYPE = null;
-    await hapiMcpServer(mcpServer, sessionCache, appEnvBase);
-    console.error('[Note] Using HAPI HTTP server...')
-  } else {
-    await expressMcpServer(mcpServer, sessionCache, appEnvBase);
-    console.error('[Note] MCP HTTP express server started on port ' + appEnvBase.PORT);
-  }
+  await expressMcpServer(mcpServer, sessionCache, appEnvBase);
+  console.error('[Note] MCP HTTP express server started on port ' + appEnvBase.PORT);
 }
 
 // custom reader for .env file to avoid dotenv logging to console

package/openApi.yaml

@@ -1,121 +1,121 @@
-swagger: "2.0"
-info:
-  title: SAS Viya Sample MCP Server API
-  version: "1.0.0"
-  description: API for interacting with the SAS Viya Sample MCP Server.
-host: localhost:8080
-basePath: /
-schemes:
-  - http
-  - https
-consumes:
-  - application/json
-produces:
-  - application/json
-paths:
-  /health:
-    get:
-      summary: Health check
-      description: Returns health and version information.
-      responses:
-        200:
-          description: Health information
-          schema:
-            type: object
-            properties:
-              name:
-                type: string
-              version:
-                type: string
-              description:
-                type: string
-              endpoints:
-                type: object
-              usage:
-                type: string
-  /apiMeta:
-    get:
-      summary: API metadata
-      description: Returns the OpenAPI specification for this server.
-      responses:
-        200:
-          description: OpenAPI document
-          schema:
-            type: object
-  /mcp:
-    options:
-      summary: CORS preflight
-      description: CORS preflight endpoint.
-      responses:
-        204:
-          description: No Content
-    post:
-      summary: MCP request
-      description: Handles MCP JSON-RPC requests.
-      parameters:
-        - name: body
-          in: body
-          required: true
-          schema:
-            type: object
-        - name: Authorization
-          in: header
-          required: false
-          type: string
-          description: Bearer token for authentication
-        - name: X-VIYA-SERVER
-          in: header
-          required: false
-          type: string
-          description: Override VIYA server
-        - name: X-REFRESH-TOKEN
-          in: header
-          required: false
-          type: string
-          description: Refresh token for authentication
-        - name: mcp-session-id
-          in: header
-          required: false
-          type: string
-          description: Session ID
-      responses:
-        200:
-          description: MCP response
-          schema:
-            type: object
-        500:
-          description: Server error
-          schema:
-            type: object
-    get:
-      summary: Get MCP session
-      description: Retrieves information for an MCP session.
-      parameters:
-        - name: mcp-session-id
-          in: header
-          required: true
-          type: string
-          description: Session ID
-      responses:
-        200:
-          description: Session information
-          schema:
-            type: object
-        400:
-          description: Invalid or missing session ID
-    delete:
-      summary: Delete MCP session
-      description: Deletes an MCP session.
-      parameters:
-        - name: mcp-session-id
-          in: header
-          required: true
-          type: string
-          description: Session ID
-      responses:
-        200:
-          description: Session deleted
-          schema:
-            type: object
-        400:
-          description: Invalid or missing session ID
+swagger: "2.0"
+info:
+  title: SAS Viya Sample MCP Server API
+  version: "1.0.0"
+  description: API for interacting with the SAS Viya Sample MCP Server.
+host: localhost:8080
+basePath: /
+schemes:
+  - http
+  - https
+consumes:
+  - application/json
+produces:
+  - application/json
+paths:
+  /health:
+    get:
+      summary: Health check
+      description: Returns health and version information.
+      responses:
+        200:
+          description: Health information
+          schema:
+            type: object
+            properties:
+              name:
+                type: string
+              version:
+                type: string
+              description:
+                type: string
+              endpoints:
+                type: object
+              usage:
+                type: string
+  /apiMeta:
+    get:
+      summary: API metadata
+      description: Returns the OpenAPI specification for this server.
+      responses:
+        200:
+          description: OpenAPI document
+          schema:
+            type: object
+  /mcp:
+    options:
+      summary: CORS preflight
+      description: CORS preflight endpoint.
+      responses:
+        204:
+          description: No Content
+    post:
+      summary: MCP request
+      description: Handles MCP JSON-RPC requests.
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            type: object
+        - name: Authorization
+          in: header
+          required: false
+          type: string
+          description: Bearer token for authentication
+        - name: X-VIYA-SERVER
+          in: header
+          required: false
+          type: string
+          description: Override VIYA server
+        - name: X-REFRESH-TOKEN
+          in: header
+          required: false
+          type: string
+          description: Refresh token for authentication
+        - name: mcp-session-id
+          in: header
+          required: false
+          type: string
+          description: Session ID
+      responses:
+        200:
+          description: MCP response
+          schema:
+            type: object
+        500:
+          description: Server error
+          schema:
+            type: object
+    get:
+      summary: Get MCP session
+      description: Retrieves information for an MCP session.
+      parameters:
+        - name: mcp-session-id
+          in: header
+          required: true
+          type: string
+          description: Session ID
+      responses:
+        200:
+          description: Session information
+          schema:
+            type: object
+        400:
+          description: Invalid or missing session ID
+    delete:
+      summary: Delete MCP session
+      description: Deletes an MCP session.
+      parameters:
+        - name: mcp-session-id
+          in: header
+          required: true
+          type: string
+          description: Session ID
+      responses:
+        200:
+          description: Session deleted
+          schema:
+            type: object
+        400:
+          description: Invalid or missing session ID

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sassoftware/sas-score-mcp-serverjs",
-  "version": "1.0.1-3",
+  "version": "1.0.1-31",
   "description": "A mcp server for SAS Viya",
   "author": "Deva Kumar <deva.kumar@sas.com>",
   "license": "Apache-2.0",
@@ -15,13 +15,15 @@
     "test": "cd test && node",
     "debug": "cross-env NODE_TLS_REJECT_UNAUTHORIZED=0  node --inspect-brk cli.js",
     "getViyatls": "bash ./scripts/getViyaca.sh",
-    "deploy": "bash ./deploy.sh",
-    "push2acr": "cd docker && bash ./push2acr.sh",
+    "push2acr": "bash ./push2acr.sh",
+    "push2ghcr": "bash ./push2ghcr.sh",
     "bump": "npm version prerelease",
-    "pub": "npm publish --tag dev --access public",
-    "setup-skills": "node scripts/setup-skills.js"
+    "pub": "npm publish --tag dev --access public"
   },
   "repository": "https://github.com/sassoftware/sas-score-mcp-serverjs",
+  "bugs": {
+    "url": "https://github.com/sassoftware/sas-score-mcp-serverjs/issues"
+  },
   "keywords": [
     "SAS Viya",
     "mcp-serverjs",
@@ -42,16 +44,14 @@
     "openApi.json",
     "openApi.yaml",
     "scripts",
-    ".skills_github",
-    ".skills_claude"
+    ".skills"
   ],
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.29.0",
-    "@sassoftware/restaf": "^5.6.0",
-    "@sassoftware/restafedit": "^3.11.1-10",
-    "@sassoftware/restaflib": "^5.6.0",
-    "@sassoftware/viya-serverjs": "^0.6.3-0",
-    "axios": "^1.13.2",
+    "@sassoftware/restaf": "^5.7.2",
+    "@sassoftware/restafedit": "^3.10.5",
+    "@sassoftware/restaflib": "^5.7.2",
+    "axios": "^1.13.5",
     "body-parser": "^2.2.1",
     "cors": "^2.8.5",
     "cross-env": "^10.1.0",
@@ -63,8 +63,8 @@
     "node-cache": "^5.1.2",
     "open": "^11.0.0",
     "selfsigned": "^5.2.0",
-    "undici": "^7.16.0",
-    "uuid": "^13.0.0",
+    "undici": "^7.24.0",
+    "uuid": "^14.0.0",
     "zod": "^4.2.1"
   },
   "devDependencies": {

package/scripts/docs/oauth-http-transport.md

@@ -5,7 +5,7 @@
 
 TBD
 
-## VSCODE Githu Copilot
+## VSCODE Github Copilot
 
 ### Scenario:
 
@@ -35,7 +35,7 @@ It appears that the / at the end of the redirect URI is important]
 }
 ```
 
-### pkce clientid when mcp server does teh oauth flow
+### pkce clientid when mcp server does the oauth flow
 
 ```js
 

package/scripts/refreshtoken.js

@@ -0,0 +1,58 @@
+/*
+* Copyright © 2025, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+* SPDX-License-Identifier: Apache-2.0
+*/
+import { Agent, fetch } from 'undici';
+import fs from "fs";
+
+refreshToken()
+.then (token => {
+  console.log(token);
+  fs.writeFileSync('token.txt', `"AUTHORIZATION": "Bearer ${token}"`, 'utf8');
+})
+.catch (err => {
+  console.error('[Error] Failed to refresh token: ', err);
+});
+async function refreshToken(){
+  let host = process.env.VIYA_SERVER;
+  let token = process.env.REFRESH_TOKEN;
+  let url = `${host}/SASLogon/oauth/token`;
+
+  let aconnect = {
+    rejectUnauthorized: false  // or false, if you really want to bypass checks
+  }
+
+  const agent = new Agent(aconnect);
+
+  console.error('[Info] Refreshing token...', token);
+  const ibody = {
+    grant_type: 'refresh_token',
+    refresh_token: token,
+    client_id: 'sas.cli'
+  };
+
+  let body = new URLSearchParams(ibody);
+  try {
+    const response = await fetch(url, {
+      method: 'POST',
+      headers: {
+        'Accept': 'application/json',
+        'Content-Type': 'application/x-www-form-urlencoded',
+        dispatcher: agent
+      },
+      body: body.toString()
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      console.error('[Error] Failed to refresh token: ', error);
+      throw new Error(error);
+    }
+
+    const data = await response.json();
+    return data.access_token;
+  } catch (err) {
+    console.error('[Error] Failed to refresh token: ', err);
+    throw err;
+  }
+}

package/src/createMcpServer.js

@@ -86,7 +86,6 @@ async function createMcpServer(cache, _appContext) {
       inputSchema: tool.inputSchema
     }
     let toolHandler = wrapf(cache, tool.handler);
-  //  console.error(`[Note] Registering tool ${toolName} with config: ${JSON.stringify(config)}`);
     let r = mcpServer.registerTool(toolName, config, toolHandler);
     toolNames.push(toolName);
   });