@sassoftware/sas-score-mcp-serverjs 1.1.2 → 1.1.4

package/cli.js

@@ -266,12 +266,12 @@ let authFlow = process.env.AUTHFLOW;
 let mcpHost = process.env.MCPHOST;
 
 if (authFlow === 'oauth' || authFlow === 'oauthclient') {
-  authFlow = 'bearer';
   authExternal = (authFlow === 'oauthclient') ? true : false;
+  authFlow = 'bearer';
 } else if (authFlow === 'bearer') {
   authExternal = true; // in bearer token flow we assume the token is generated externally and passed in via env variable or token file, so we set authExternal to true to indicate that  
 }
-  let autoLogon = process.env.AUTOLOGON != null ? process.env.AUTOLOGON.toUpperCase() : "FALSE";
+let autoLogon = process.env.AUTOLOGON != null ? process.env.AUTOLOGON.toUpperCase() : "FALSE";
 const appEnvBase = {
   version: version,
   mcpType: mcpType,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sassoftware/sas-score-mcp-serverjs",
-  "version": "1.1.2",
+  "version": "1.1.4",
   "description": "A mcp server for SAS Viya",
   "author": "Deva Kumar <deva.kumar@sas.com>",
   "license": "Apache-2.0",

package/src/oauthHandlers/authorize.js

@@ -8,12 +8,17 @@ import baseUrl from "./baseUrl.js";
 function authorize(req, res, appContext, pkceStore, codeStore) {
     const { response_type, redirect_uri, state, scope } = req.query;
     console.error("===============================================================");
+    console.error("[NOTE] query parameters:", { response_type, redirect_uri, state, scope });
+    let callbackUri = appContext.mcpHost + '/callback';
+    console.error("[Note] Constructed callbackUri:", callbackUri);
+    console.error("[Note] appContext.AUTHEXTERNAL:", appContext.AUTHEXTERNAL);
     if (appContext.AUTHEXTERNAL === true) {
         console.error('*************************************************************');
         console.error("[Error] Received request for /authorize endpoint with external authorization expected");
         console.error('*************************************************************');
+        callbackUri = redirect_uri;
     }
-    console.error("[NOTE] query parameters:", { response_type, redirect_uri, state, scope });
+   
     if (response_type !== "code") {
         return res.status(400).json({ error: "unsupported_response_type" });
     }
@@ -27,7 +32,7 @@ function authorize(req, res, appContext, pkceStore, codeStore) {
 
     pkceStore.set(ourState, { codeVerifier, clientRedirectUri: redirect_uri, clientState: state, codeChallenge });
 
-    const callbackUri = appContext.mcpHost + '/callback';
+  
     console.error("[Note] callbackUri:", callbackUri);
     let urlConfig = {
         response_type: "code",

package/src/processHeaders.js

@@ -31,7 +31,7 @@ function processHeaders(req, res, next, cache, appContext) {
   //for now, ignore Authorization if authflow is not bearer
   let token = (hdr != null) ? hdr.slice(7) : null;
   debugger;
-  console.error('[Note} AUTHFLOW=',   appContext.AUTHFLOW);
+  console.error('[Note} AUTHFLOW=',appContext.AUTHFLOW);
   console.error("[Note] External authorization :", appContext.AUTHEXTERNAL);
   if (appContext.AUTHFLOW === 'bearer') {
     debugger;
@@ -42,6 +42,7 @@ function processHeaders(req, res, next, cache, appContext) {
       if (token != null) {
         console.error("[Note] Using user supplied token for authorization");
         headerCache.bearerToken = token;
+        console.error("[Note] incoming token:", token);
       } else {
         console.error("[Note] No Authorization token provided in header for external authorization.");
         console.error("[Note] Returning 404 since we are configured for external token and no token provided in header.");
@@ -83,7 +84,7 @@ function processHeaders(req, res, next, cache, appContext) {
       // start auth flow process since no token provided in header and we are not configured for external token
     }
   }
- // console.error("Header cache after processing:", headerCache);
+  console.error("Header cache after processing:", headerCache);
   cache.set("headerCache", headerCache);
   next();
 }