@signdocs-brasil/mcp-server 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +13 -0
- package/dist/http/server.js +9 -62
- package/dist/http/server.js.map +1 -1
- package/dist/http/shared.d.ts +31 -0
- package/dist/http/shared.js +67 -0
- package/dist/http/shared.js.map +1 -0
- package/dist/index.d.ts +12 -0
- package/dist/index.js +13 -0
- package/dist/index.js.map +1 -0
- package/dist/lambda.d.ts +51 -0
- package/dist/lambda.js +96 -0
- package/dist/lambda.js.map +1 -0
- package/dist/schemas.d.ts +6 -6
- package/dist/server.d.ts +1 -1
- package/dist/server.js +1 -1
- package/package.json +18 -4
package/README.md
CHANGED
|
@@ -162,6 +162,19 @@ Example client config (Bearer):
|
|
|
162
162
|
> the existing `external-api` Lambda + API Gateway as a NestedStack is the
|
|
163
163
|
> intended production path.
|
|
164
164
|
|
|
165
|
+
### AWS Lambda
|
|
166
|
+
|
|
167
|
+
For serverless hosting, `@signdocs-brasil/mcp-server/lambda` exports
|
|
168
|
+
`createLambdaHandler` — an API Gateway HTTP API v2 handler that runs the MCP
|
|
169
|
+
transport **statelessly** (one server per invocation, no session store), with the
|
|
170
|
+
same Bearer/Basic auth. SignDocs hosts this on `mcp-hml.signdocs.com.br` /
|
|
171
|
+
`mcp.signdocs.com.br`.
|
|
172
|
+
|
|
173
|
+
```ts
|
|
174
|
+
import { createLambdaHandler } from '@signdocs-brasil/mcp-server/lambda';
|
|
175
|
+
export const handler = createLambdaHandler({ defaultEnvironment: 'hml' });
|
|
176
|
+
```
|
|
177
|
+
|
|
165
178
|
## Development
|
|
166
179
|
|
|
167
180
|
```bash
|
package/dist/http/server.js
CHANGED
|
@@ -3,7 +3,7 @@ import { randomUUID } from 'node:crypto';
|
|
|
3
3
|
import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
|
|
4
4
|
import { isInitializeRequest } from '@modelcontextprotocol/sdk/types.js';
|
|
5
5
|
import { createServer as createMcpServer } from '../server.js';
|
|
6
|
-
import {
|
|
6
|
+
import { extractAuthFromHeaders, environmentFromHeaders, buildContextForAuth, protectedResourceMetadata as buildProtectedResourceMetadata, wwwAuthenticate, headerValue, UNAUTHORIZED_BODY, } from './shared.js';
|
|
7
7
|
function applyCors(res, opts) {
|
|
8
8
|
res.setHeader('Access-Control-Allow-Origin', opts.corsOrigin);
|
|
9
9
|
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, DELETE, OPTIONS');
|
|
@@ -22,59 +22,9 @@ function publicBase(req, opts) {
|
|
|
22
22
|
const host = req.headers.host ?? 'localhost';
|
|
23
23
|
return `${proto}://${host}`;
|
|
24
24
|
}
|
|
25
|
-
function headerValue(req, name) {
|
|
26
|
-
const raw = req.headers[name];
|
|
27
|
-
return Array.isArray(raw) ? raw[0] : raw;
|
|
28
|
-
}
|
|
29
|
-
function extractAuth(req) {
|
|
30
|
-
const header = req.headers.authorization;
|
|
31
|
-
if (!header)
|
|
32
|
-
return null;
|
|
33
|
-
const space = header.indexOf(' ');
|
|
34
|
-
if (space < 0)
|
|
35
|
-
return null;
|
|
36
|
-
const scheme = header.slice(0, space).toLowerCase();
|
|
37
|
-
const value = header.slice(space + 1).trim();
|
|
38
|
-
if (!value)
|
|
39
|
-
return null;
|
|
40
|
-
if (scheme === 'bearer')
|
|
41
|
-
return { mode: 'bearer', bearer: value };
|
|
42
|
-
if (scheme === 'basic') {
|
|
43
|
-
const decoded = Buffer.from(value, 'base64').toString('utf8');
|
|
44
|
-
const sep = decoded.indexOf(':');
|
|
45
|
-
if (sep < 0)
|
|
46
|
-
return null;
|
|
47
|
-
return { mode: 'credentials', clientId: decoded.slice(0, sep), clientSecret: decoded.slice(sep + 1) };
|
|
48
|
-
}
|
|
49
|
-
return null;
|
|
50
|
-
}
|
|
51
|
-
function requestEnvironment(req, fallback) {
|
|
52
|
-
const value = headerValue(req, 'x-signdocs-environment');
|
|
53
|
-
if (value && value.trim()) {
|
|
54
|
-
try {
|
|
55
|
-
return resolveEnvironment(value);
|
|
56
|
-
}
|
|
57
|
-
catch {
|
|
58
|
-
/* ignore invalid header, use fallback */
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
return fallback;
|
|
62
|
-
}
|
|
63
|
-
function protectedResourceMetadata(req, opts) {
|
|
64
|
-
return {
|
|
65
|
-
resource: `${publicBase(req, opts)}/mcp`,
|
|
66
|
-
authorization_servers: [getBaseUrl(opts.defaultEnvironment)],
|
|
67
|
-
scopes_supported: DEFAULT_SCOPES,
|
|
68
|
-
bearer_methods_supported: ['header'],
|
|
69
|
-
};
|
|
70
|
-
}
|
|
71
25
|
function challenge(req, res, opts) {
|
|
72
|
-
res.setHeader('WWW-Authenticate',
|
|
73
|
-
sendJson(res, 401,
|
|
74
|
-
error: 'unauthorized',
|
|
75
|
-
error_description: 'Provide a SignDocs OAuth2 access token (Authorization: Bearer <token>) or client ' +
|
|
76
|
-
'credentials (Authorization: Basic base64(clientId:clientSecret)) on the initialize request.',
|
|
77
|
-
});
|
|
26
|
+
res.setHeader('WWW-Authenticate', wwwAuthenticate(`${publicBase(req, opts)}/.well-known/oauth-protected-resource`));
|
|
27
|
+
sendJson(res, 401, UNAUTHORIZED_BODY);
|
|
78
28
|
}
|
|
79
29
|
function readBody(req) {
|
|
80
30
|
return new Promise((resolve, reject) => {
|
|
@@ -95,16 +45,13 @@ function readBody(req) {
|
|
|
95
45
|
});
|
|
96
46
|
}
|
|
97
47
|
async function startSession(req, res, opts, sessions, body) {
|
|
98
|
-
const auth =
|
|
48
|
+
const auth = extractAuthFromHeaders(req.headers);
|
|
99
49
|
if (!auth) {
|
|
100
50
|
challenge(req, res, opts);
|
|
101
51
|
return;
|
|
102
52
|
}
|
|
103
|
-
const environment =
|
|
104
|
-
const
|
|
105
|
-
? buildClient({ mode: 'bearer', bearer: auth.bearer, environment })
|
|
106
|
-
: buildClient({ mode: 'credentials', clientId: auth.clientId, clientSecret: auth.clientSecret, environment });
|
|
107
|
-
const ctx = { client, environment };
|
|
53
|
+
const environment = environmentFromHeaders(req.headers, opts.defaultEnvironment);
|
|
54
|
+
const ctx = buildContextForAuth(auth, environment);
|
|
108
55
|
const server = createMcpServer(ctx);
|
|
109
56
|
const transport = new StreamableHTTPServerTransport({
|
|
110
57
|
sessionIdGenerator: () => randomUUID(),
|
|
@@ -135,7 +82,7 @@ async function handlePost(req, res, opts, sessions) {
|
|
|
135
82
|
sendJson(res, 400, { error: 'invalid_json', error_description: 'Request body is not valid JSON.' });
|
|
136
83
|
return;
|
|
137
84
|
}
|
|
138
|
-
const sessionId = headerValue(req, 'mcp-session-id');
|
|
85
|
+
const sessionId = headerValue(req.headers, 'mcp-session-id');
|
|
139
86
|
const existing = sessionId ? sessions.get(sessionId) : undefined;
|
|
140
87
|
if (existing) {
|
|
141
88
|
await existing.transport.handleRequest(req, res, body);
|
|
@@ -164,7 +111,7 @@ async function handle(req, res, opts, sessions) {
|
|
|
164
111
|
return;
|
|
165
112
|
}
|
|
166
113
|
if (method === 'GET' && path === '/.well-known/oauth-protected-resource') {
|
|
167
|
-
sendJson(res, 200,
|
|
114
|
+
sendJson(res, 200, buildProtectedResourceMetadata(`${publicBase(req, opts)}/mcp`, opts.defaultEnvironment));
|
|
168
115
|
return;
|
|
169
116
|
}
|
|
170
117
|
if (path !== '/mcp') {
|
|
@@ -177,7 +124,7 @@ async function handle(req, res, opts, sessions) {
|
|
|
177
124
|
}
|
|
178
125
|
// GET (SSE stream) and DELETE (session teardown) require an established session.
|
|
179
126
|
if (method === 'GET' || method === 'DELETE') {
|
|
180
|
-
const sessionId = headerValue(req, 'mcp-session-id');
|
|
127
|
+
const sessionId = headerValue(req.headers, 'mcp-session-id');
|
|
181
128
|
const session = sessionId ? sessions.get(sessionId) : undefined;
|
|
182
129
|
if (!session) {
|
|
183
130
|
sendJson(res, 400, { error: 'invalid_session', error_description: 'Unknown or missing Mcp-Session-Id.' });
|
package/dist/http/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/http/server.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,IAAI,oBAAoB,GAIrC,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,EAAE,YAAY,IAAI,eAAe,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/http/server.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,IAAI,oBAAoB,GAIrC,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAC;AACnG,OAAO,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,EAAE,YAAY,IAAI,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/D,OAAO,EACL,sBAAsB,EACtB,sBAAsB,EACtB,mBAAmB,EACnB,yBAAyB,IAAI,8BAA8B,EAC3D,eAAe,EACf,WAAW,EACX,iBAAiB,GAElB,MAAM,aAAa,CAAC;AA4CrB,SAAS,SAAS,CAAC,GAAmB,EAAE,IAAqB;IAC3D,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAC9D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,4BAA4B,CAAC,CAAC;IAC5E,GAAG,CAAC,SAAS,CACX,8BAA8B,EAC9B,2FAA2F,CAC5F,CAAC;IACF,GAAG,CAAC,SAAS,CAAC,+BAA+B,EAAE,kCAAkC,CAAC,CAAC;AACrF,CAAC;AAED,SAAS,QAAQ,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAa,EAAE,KAA8B;IAClG,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;IACxE,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,UAAU,CAAC,GAAoB,EAAE,IAAqB;IAC7D,IAAI,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;IAC3E,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;IAC7C,OAAO,GAAG,KAAK,MAAM,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,SAAS,CAAC,GAAoB,EAAE,GAAmB,EAAE,IAAqB;IACjF,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,eAAe,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,uCAAuC,CAAC,CAAC,CAAC;IACpH,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,iBAAiB,CAAC,CAAC;AACxC,CAAC;AAED,SAAS,QAAQ,CAAC,GAAoB;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9C,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACjB,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACnD,IAAI,CAAC,GAAG;gBAAE,OAAO,OAAO,CAAC,SAAS,CAAC,CAAC;YACpC,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,GAAoB,EACpB,GAAmB,EACnB,IAAqB,EACrB,QAA8B,EAC9B,IAAa;IAEb,MAAM,IAAI,GAAsB,sBAAsB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACpE,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,MAAM,WAAW,GAAG,sBAAsB,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACjF,MAAM,GAAG,GAAG,mBAAmB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;QAClD,kBAAkB,EAAE,GAAG,EAAE,CAAC,UAAU,EAAE;QACtC,kBAAkB,EAAE,IAAI;QACxB,4BAA4B,EAAE,IAAI,CAAC,4BAA4B,IAAI,KAAK;QACxE,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE;YAC5B,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;QAC3C,CAAC;QACD,eAAe,EAAE,CAAC,GAAG,EAAE,EAAE;YACvB,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,CAAC;KACF,CAAC,CAAC;IACH,SAAS,CAAC,OAAO,GAAG,GAAG,EAAE;QACvB,IAAI,SAAS,CAAC,SAAS;YAAE,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAChE,CAAC,CAAC;IAEF,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AAChD,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,GAAoB,EACpB,GAAmB,EACnB,IAAqB,EACrB,QAA8B;IAE9B,IAAI,IAAa,CAAC;IAClB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,iCAAiC,EAAE,CAAC,CAAC;QACpG,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IAC7D,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjE,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,QAAQ,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QACvD,OAAO;IACT,CAAC;IAED,IAAI,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;QACjB,KAAK,EAAE,iBAAiB;QACxB,iBAAiB,EAAE,sEAAsE;KAC1F,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,MAAM,CACnB,GAAoB,EACpB,GAAmB,EACnB,IAAqB,EACrB,QAA8B;IAE9B,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACrB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC;IAEnC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC;IAElE,IAAI,MAAM,KAAK,KAAK,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;QAC5C,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QAC5F,OAAO;IACT,CAAC;IACD,IAAI,MAAM,KAAK,KAAK,IAAI,IAAI,KAAK,uCAAuC,EAAE,CAAC;QACzE,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,8BAA8B,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;QAC5G,OAAO;IACT,CAAC;IAED,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,iFAAiF;IACjF,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QAC7D,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAChE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,oCAAoC,EAAE,CAAC,CAAC;YAC1G,OAAO;QACT,CAAC;QACD,MAAM,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAChD,OAAO;IACT,CAAC;IAED,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC,CAAC;AAC/F,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,gBAAgB,CAAC,UAA6B,EAAE;IAC9D,MAAM,IAAI,GAAoB;QAC5B,GAAG,OAAO;QACV,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,IAAI,KAAK;QACvD,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,GAAG;KACtC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAmB,CAAC;IAC5C,OAAO,oBAAoB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACvC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YAC7C,IAAI,CAAC;gBACH,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;oBACrB,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC7G,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,GAAG,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import { type Environment, type ToolContext } from '../client.js';
|
|
2
|
+
/**
|
|
3
|
+
* Transport-agnostic auth/discovery helpers shared by the long-running HTTP
|
|
4
|
+
* server (http/server.ts) and the Lambda adapter (lambda.ts). Everything here
|
|
5
|
+
* works off a plain header map so it serves both Node IncomingMessage headers
|
|
6
|
+
* and API Gateway event headers.
|
|
7
|
+
*/
|
|
8
|
+
export type AuthResult = {
|
|
9
|
+
mode: 'bearer';
|
|
10
|
+
bearer: string;
|
|
11
|
+
} | {
|
|
12
|
+
mode: 'credentials';
|
|
13
|
+
clientId: string;
|
|
14
|
+
clientSecret: string;
|
|
15
|
+
};
|
|
16
|
+
export type HeaderMap = Record<string, string | string[] | undefined>;
|
|
17
|
+
export declare function headerValue(headers: HeaderMap, name: string): string | undefined;
|
|
18
|
+
/** Parse the Authorization header into a Bearer token or Basic client credentials. */
|
|
19
|
+
export declare function extractAuthFromHeaders(headers: HeaderMap): AuthResult | null;
|
|
20
|
+
/** Resolve the SignDocs environment from the X-SignDocs-Environment header, else fallback. */
|
|
21
|
+
export declare function environmentFromHeaders(headers: HeaderMap, fallback: Environment): Environment;
|
|
22
|
+
/** Build a request-scoped tool context (fresh SDK client) from parsed auth. */
|
|
23
|
+
export declare function buildContextForAuth(auth: AuthResult, environment: Environment): ToolContext;
|
|
24
|
+
/** RFC 9728 protected-resource metadata pointing at the SignDocs authorization server. */
|
|
25
|
+
export declare function protectedResourceMetadata(resourceUrl: string, environment: Environment): Record<string, unknown>;
|
|
26
|
+
/** WWW-Authenticate challenge value pointing a client at the resource metadata. */
|
|
27
|
+
export declare function wwwAuthenticate(metadataUrl: string): string;
|
|
28
|
+
export declare const UNAUTHORIZED_BODY: {
|
|
29
|
+
error: string;
|
|
30
|
+
error_description: string;
|
|
31
|
+
};
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
import { buildClient, getBaseUrl, resolveEnvironment, DEFAULT_SCOPES, } from '../client.js';
|
|
2
|
+
export function headerValue(headers, name) {
|
|
3
|
+
const raw = headers[name] ?? headers[name.toLowerCase()];
|
|
4
|
+
return Array.isArray(raw) ? raw[0] : raw;
|
|
5
|
+
}
|
|
6
|
+
/** Parse the Authorization header into a Bearer token or Basic client credentials. */
|
|
7
|
+
export function extractAuthFromHeaders(headers) {
|
|
8
|
+
const auth = headerValue(headers, 'authorization');
|
|
9
|
+
if (!auth)
|
|
10
|
+
return null;
|
|
11
|
+
const space = auth.indexOf(' ');
|
|
12
|
+
if (space < 0)
|
|
13
|
+
return null;
|
|
14
|
+
const scheme = auth.slice(0, space).toLowerCase();
|
|
15
|
+
const value = auth.slice(space + 1).trim();
|
|
16
|
+
if (!value)
|
|
17
|
+
return null;
|
|
18
|
+
if (scheme === 'bearer')
|
|
19
|
+
return { mode: 'bearer', bearer: value };
|
|
20
|
+
if (scheme === 'basic') {
|
|
21
|
+
const decoded = Buffer.from(value, 'base64').toString('utf8');
|
|
22
|
+
const sep = decoded.indexOf(':');
|
|
23
|
+
if (sep < 0)
|
|
24
|
+
return null;
|
|
25
|
+
return { mode: 'credentials', clientId: decoded.slice(0, sep), clientSecret: decoded.slice(sep + 1) };
|
|
26
|
+
}
|
|
27
|
+
return null;
|
|
28
|
+
}
|
|
29
|
+
/** Resolve the SignDocs environment from the X-SignDocs-Environment header, else fallback. */
|
|
30
|
+
export function environmentFromHeaders(headers, fallback) {
|
|
31
|
+
const value = headerValue(headers, 'x-signdocs-environment');
|
|
32
|
+
if (value && value.trim()) {
|
|
33
|
+
try {
|
|
34
|
+
return resolveEnvironment(value);
|
|
35
|
+
}
|
|
36
|
+
catch {
|
|
37
|
+
/* ignore invalid header, use fallback */
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
return fallback;
|
|
41
|
+
}
|
|
42
|
+
/** Build a request-scoped tool context (fresh SDK client) from parsed auth. */
|
|
43
|
+
export function buildContextForAuth(auth, environment) {
|
|
44
|
+
const client = auth.mode === 'bearer'
|
|
45
|
+
? buildClient({ mode: 'bearer', bearer: auth.bearer, environment })
|
|
46
|
+
: buildClient({ mode: 'credentials', clientId: auth.clientId, clientSecret: auth.clientSecret, environment });
|
|
47
|
+
return { client, environment };
|
|
48
|
+
}
|
|
49
|
+
/** RFC 9728 protected-resource metadata pointing at the SignDocs authorization server. */
|
|
50
|
+
export function protectedResourceMetadata(resourceUrl, environment) {
|
|
51
|
+
return {
|
|
52
|
+
resource: resourceUrl,
|
|
53
|
+
authorization_servers: [getBaseUrl(environment)],
|
|
54
|
+
scopes_supported: DEFAULT_SCOPES,
|
|
55
|
+
bearer_methods_supported: ['header'],
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
/** WWW-Authenticate challenge value pointing a client at the resource metadata. */
|
|
59
|
+
export function wwwAuthenticate(metadataUrl) {
|
|
60
|
+
return `Bearer resource_metadata="${metadataUrl}"`;
|
|
61
|
+
}
|
|
62
|
+
export const UNAUTHORIZED_BODY = {
|
|
63
|
+
error: 'unauthorized',
|
|
64
|
+
error_description: 'Provide a SignDocs OAuth2 access token (Authorization: Bearer <token>) or client ' +
|
|
65
|
+
'credentials (Authorization: Basic base64(clientId:clientSecret)).',
|
|
66
|
+
};
|
|
67
|
+
//# sourceMappingURL=shared.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shared.js","sourceRoot":"","sources":["../../src/http/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,UAAU,EACV,kBAAkB,EAClB,cAAc,GAGf,MAAM,cAAc,CAAC;AAetB,MAAM,UAAU,WAAW,CAAC,OAAkB,EAAE,IAAY;IAC1D,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IACzD,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAC3C,CAAC;AAED,sFAAsF;AACtF,MAAM,UAAU,sBAAsB,CAAC,OAAkB;IACvD,MAAM,IAAI,GAAG,WAAW,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IACnD,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAChC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3C,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,IAAI,MAAM,KAAK,QAAQ;QAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAClE,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,GAAG,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACzB,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,YAAY,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC;IACxG,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,8FAA8F;AAC9F,MAAM,UAAU,sBAAsB,CAAC,OAAkB,EAAE,QAAqB;IAC9E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,wBAAwB,CAAC,CAAC;IAC7D,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,OAAO,kBAAkB,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;QAC3C,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAC/E,MAAM,UAAU,mBAAmB,CAAC,IAAgB,EAAE,WAAwB;IAC5E,MAAM,MAAM,GACV,IAAI,CAAC,IAAI,KAAK,QAAQ;QACpB,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC;QACnE,CAAC,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,WAAW,EAAE,CAAC,CAAC;IAClH,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjC,CAAC;AAED,0FAA0F;AAC1F,MAAM,UAAU,yBAAyB,CAAC,WAAmB,EAAE,WAAwB;IACrF,OAAO;QACL,QAAQ,EAAE,WAAW;QACrB,qBAAqB,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAChD,gBAAgB,EAAE,cAAc;QAChC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;KACrC,CAAC;AACJ,CAAC;AAED,mFAAmF;AACnF,MAAM,UAAU,eAAe,CAAC,WAAmB;IACjD,OAAO,6BAA6B,WAAW,GAAG,CAAC;AACrD,CAAC;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,KAAK,EAAE,cAAc;IACrB,iBAAiB,EACf,mFAAmF;QACnF,mEAAmE;CACtE,CAAC"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Public API of @signdocs-brasil/mcp-server.
|
|
3
|
+
*
|
|
4
|
+
* - `createServer(ctx)` — transport-agnostic MCP server (tools + resources).
|
|
5
|
+
* - `buildClient` / `getStdioContext` — request-scoped SignDocs SDK clients.
|
|
6
|
+
* - `createHttpServer` — long-running remote Streamable-HTTP server (also at "./http").
|
|
7
|
+
* - `createLambdaHandler` — API Gateway v2 adapter (also at "./lambda").
|
|
8
|
+
*/
|
|
9
|
+
export { createServer, SERVER_NAME, SERVER_VERSION } from './server.js';
|
|
10
|
+
export { buildClient, getClient, getStdioContext, getBaseUrl, resolveEnvironment, buildSigningUrl, StaticTokenCache, DEFAULT_SCOPES, type Environment, type ToolContext, type BuildClientOptions, type ResolvedEnv, } from './client.js';
|
|
11
|
+
export { createHttpServer, type HttpServerOptions } from './http/server.js';
|
|
12
|
+
export { createLambdaHandler, type LambdaHandler, type LambdaHandlerOptions, type ApiGatewayV2Event, type ApiGatewayV2Result, } from './lambda.js';
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Public API of @signdocs-brasil/mcp-server.
|
|
3
|
+
*
|
|
4
|
+
* - `createServer(ctx)` — transport-agnostic MCP server (tools + resources).
|
|
5
|
+
* - `buildClient` / `getStdioContext` — request-scoped SignDocs SDK clients.
|
|
6
|
+
* - `createHttpServer` — long-running remote Streamable-HTTP server (also at "./http").
|
|
7
|
+
* - `createLambdaHandler` — API Gateway v2 adapter (also at "./lambda").
|
|
8
|
+
*/
|
|
9
|
+
export { createServer, SERVER_NAME, SERVER_VERSION } from './server.js';
|
|
10
|
+
export { buildClient, getClient, getStdioContext, getBaseUrl, resolveEnvironment, buildSigningUrl, StaticTokenCache, DEFAULT_SCOPES, } from './client.js';
|
|
11
|
+
export { createHttpServer } from './http/server.js';
|
|
12
|
+
export { createLambdaHandler, } from './lambda.js';
|
|
13
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EACL,WAAW,EACX,SAAS,EACT,eAAe,EACf,UAAU,EACV,kBAAkB,EAClB,eAAe,EACf,gBAAgB,EAChB,cAAc,GAKf,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,gBAAgB,EAA0B,MAAM,kBAAkB,CAAC;AAC5E,OAAO,EACL,mBAAmB,GAKpB,MAAM,aAAa,CAAC"}
|
package/dist/lambda.d.ts
ADDED
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
import type { Environment } from './client.js';
|
|
2
|
+
/**
|
|
3
|
+
* AWS Lambda (API Gateway HTTP API v2) adapter for the MCP server.
|
|
4
|
+
*
|
|
5
|
+
* Runs the transport in STATELESS mode — a fresh server + transport per
|
|
6
|
+
* invocation — which works with standard MCP clients and needs no shared
|
|
7
|
+
* session store (a perfect fit for Lambda's per-request isolation). Auth is
|
|
8
|
+
* per request: Bearer access-token passthrough or Basic client_credentials.
|
|
9
|
+
*
|
|
10
|
+
* Built on the SDK's Web-Standard transport (Request → Response), so no
|
|
11
|
+
* Node req/res shim is needed; Node 18+ provides global Request/Response.
|
|
12
|
+
*
|
|
13
|
+
* Minimal local event/result types avoid an `aws-lambda` dependency; the
|
|
14
|
+
* returned handler is structurally compatible with `APIGatewayProxyHandlerV2`.
|
|
15
|
+
*/
|
|
16
|
+
export interface ApiGatewayV2Event {
|
|
17
|
+
version?: string;
|
|
18
|
+
routeKey?: string;
|
|
19
|
+
rawPath?: string;
|
|
20
|
+
rawQueryString?: string;
|
|
21
|
+
headers?: Record<string, string | undefined>;
|
|
22
|
+
requestContext?: {
|
|
23
|
+
http?: {
|
|
24
|
+
method?: string;
|
|
25
|
+
path?: string;
|
|
26
|
+
sourceIp?: string;
|
|
27
|
+
};
|
|
28
|
+
};
|
|
29
|
+
body?: string;
|
|
30
|
+
isBase64Encoded?: boolean;
|
|
31
|
+
}
|
|
32
|
+
export interface ApiGatewayV2Result {
|
|
33
|
+
statusCode: number;
|
|
34
|
+
headers?: Record<string, string>;
|
|
35
|
+
body?: string;
|
|
36
|
+
isBase64Encoded?: boolean;
|
|
37
|
+
}
|
|
38
|
+
export type LambdaHandler = (event: ApiGatewayV2Event) => Promise<ApiGatewayV2Result>;
|
|
39
|
+
export interface LambdaHandlerOptions {
|
|
40
|
+
/** Environment when a request doesn't send X-SignDocs-Environment. Default 'hml'. */
|
|
41
|
+
defaultEnvironment?: Environment;
|
|
42
|
+
/** Public base origin (e.g. https://mcp-hml.signdocs.com.br) for resource metadata. Derived from headers if unset. */
|
|
43
|
+
publicUrl?: string;
|
|
44
|
+
/** CORS Access-Control-Allow-Origin. Default '*'. */
|
|
45
|
+
corsOrigin?: string;
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Build an API Gateway v2 Lambda handler that serves the MCP endpoint.
|
|
49
|
+
* Routes: `POST /mcp` (MCP), `GET /mcp` (resource metadata), `OPTIONS` (CORS).
|
|
50
|
+
*/
|
|
51
|
+
export declare function createLambdaHandler(options?: LambdaHandlerOptions): LambdaHandler;
|
package/dist/lambda.js
ADDED
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
import { WebStandardStreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js';
|
|
2
|
+
import { createServer as createMcpServer } from './server.js';
|
|
3
|
+
import { extractAuthFromHeaders, environmentFromHeaders, buildContextForAuth, protectedResourceMetadata, wwwAuthenticate, UNAUTHORIZED_BODY, } from './http/shared.js';
|
|
4
|
+
const CORS_ALLOW_HEADERS = 'Content-Type, Authorization, Mcp-Session-Id, Mcp-Protocol-Version, X-SignDocs-Environment';
|
|
5
|
+
function corsHeaders(origin) {
|
|
6
|
+
return {
|
|
7
|
+
'Access-Control-Allow-Origin': origin,
|
|
8
|
+
'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
|
|
9
|
+
'Access-Control-Allow-Headers': CORS_ALLOW_HEADERS,
|
|
10
|
+
'Access-Control-Expose-Headers': 'Mcp-Session-Id, WWW-Authenticate',
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
function lowercaseHeaders(headers) {
|
|
14
|
+
const out = {};
|
|
15
|
+
for (const [k, v] of Object.entries(headers)) {
|
|
16
|
+
if (v !== undefined)
|
|
17
|
+
out[k.toLowerCase()] = v;
|
|
18
|
+
}
|
|
19
|
+
return out;
|
|
20
|
+
}
|
|
21
|
+
function baseOrigin(headers, opts) {
|
|
22
|
+
if (opts.publicUrl)
|
|
23
|
+
return opts.publicUrl.replace(/\/$/, '');
|
|
24
|
+
const proto = headers['x-forwarded-proto']?.split(',')[0] ?? 'https';
|
|
25
|
+
const host = headers['x-forwarded-host'] ?? headers['host'] ?? 'localhost';
|
|
26
|
+
return `${proto}://${host}`;
|
|
27
|
+
}
|
|
28
|
+
function json(statusCode, body, headers = {}) {
|
|
29
|
+
return { statusCode, headers: { 'Content-Type': 'application/json', ...headers }, body: JSON.stringify(body) };
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Build an API Gateway v2 Lambda handler that serves the MCP endpoint.
|
|
33
|
+
* Routes: `POST /mcp` (MCP), `GET /mcp` (resource metadata), `OPTIONS` (CORS).
|
|
34
|
+
*/
|
|
35
|
+
export function createLambdaHandler(options = {}) {
|
|
36
|
+
const defaultEnvironment = options.defaultEnvironment ?? 'hml';
|
|
37
|
+
const corsOrigin = options.corsOrigin ?? '*';
|
|
38
|
+
return async (event) => {
|
|
39
|
+
const headers = lowercaseHeaders(event.headers ?? {});
|
|
40
|
+
const method = (event.requestContext?.http?.method ?? 'POST').toUpperCase();
|
|
41
|
+
const resourceUrl = `${baseOrigin(headers, options)}/mcp`;
|
|
42
|
+
const cors = corsHeaders(corsOrigin);
|
|
43
|
+
if (method === 'OPTIONS')
|
|
44
|
+
return { statusCode: 204, headers: cors };
|
|
45
|
+
if (method === 'GET')
|
|
46
|
+
return json(200, protectedResourceMetadata(resourceUrl, defaultEnvironment), cors);
|
|
47
|
+
if (method !== 'POST')
|
|
48
|
+
return json(405, { error: 'method_not_allowed' }, { ...cors, Allow: 'GET, POST, OPTIONS' });
|
|
49
|
+
const auth = extractAuthFromHeaders(headers);
|
|
50
|
+
if (!auth) {
|
|
51
|
+
return json(401, UNAUTHORIZED_BODY, { ...cors, 'WWW-Authenticate': wwwAuthenticate(resourceUrl) });
|
|
52
|
+
}
|
|
53
|
+
const rawBody = event.body ? Buffer.from(event.body, event.isBase64Encoded ? 'base64' : 'utf8') : undefined;
|
|
54
|
+
let parsedBody;
|
|
55
|
+
try {
|
|
56
|
+
parsedBody = rawBody && rawBody.length ? JSON.parse(rawBody.toString('utf8')) : undefined;
|
|
57
|
+
}
|
|
58
|
+
catch {
|
|
59
|
+
return json(400, { error: 'invalid_json', error_description: 'Request body is not valid JSON.' }, cors);
|
|
60
|
+
}
|
|
61
|
+
const environment = environmentFromHeaders(headers, defaultEnvironment);
|
|
62
|
+
const ctx = buildContextForAuth(auth, environment);
|
|
63
|
+
const server = createMcpServer(ctx);
|
|
64
|
+
const transport = new WebStandardStreamableHTTPServerTransport({
|
|
65
|
+
sessionIdGenerator: undefined,
|
|
66
|
+
enableJsonResponse: true,
|
|
67
|
+
});
|
|
68
|
+
// Build a Web-Standard Request. Ensure Accept satisfies the transport
|
|
69
|
+
// (it requires application/json and/or text/event-stream).
|
|
70
|
+
const requestHeaders = new Headers();
|
|
71
|
+
for (const [k, v] of Object.entries(headers))
|
|
72
|
+
requestHeaders.set(k, v);
|
|
73
|
+
if (!requestHeaders.has('accept'))
|
|
74
|
+
requestHeaders.set('accept', 'application/json, text/event-stream');
|
|
75
|
+
const request = new Request(resourceUrl, {
|
|
76
|
+
method: 'POST',
|
|
77
|
+
headers: requestHeaders,
|
|
78
|
+
body: rawBody ? rawBody.toString('utf8') : undefined,
|
|
79
|
+
});
|
|
80
|
+
try {
|
|
81
|
+
await server.connect(transport);
|
|
82
|
+
const response = await transport.handleRequest(request, { parsedBody });
|
|
83
|
+
const outHeaders = { ...cors };
|
|
84
|
+
response.headers.forEach((value, key) => {
|
|
85
|
+
outHeaders[key] = value;
|
|
86
|
+
});
|
|
87
|
+
const body = await response.text();
|
|
88
|
+
return { statusCode: response.status, headers: outHeaders, body };
|
|
89
|
+
}
|
|
90
|
+
finally {
|
|
91
|
+
await transport.close().catch(() => undefined);
|
|
92
|
+
await server.close().catch(() => undefined);
|
|
93
|
+
}
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
//# sourceMappingURL=lambda.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"lambda.js","sourceRoot":"","sources":["../src/lambda.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wCAAwC,EAAE,MAAM,+DAA+D,CAAC;AACzH,OAAO,EAAE,YAAY,IAAI,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9D,OAAO,EACL,sBAAsB,EACtB,sBAAsB,EACtB,mBAAmB,EACnB,yBAAyB,EACzB,eAAe,EACf,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AA8C1B,MAAM,kBAAkB,GACtB,2FAA2F,CAAC;AAE9F,SAAS,WAAW,CAAC,MAAc;IACjC,OAAO;QACL,6BAA6B,EAAE,MAAM;QACrC,8BAA8B,EAAE,oBAAoB;QACpD,8BAA8B,EAAE,kBAAkB;QAClD,+BAA+B,EAAE,kCAAkC;KACpE,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,OAA2C;IACnE,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,IAAI,CAAC,KAAK,SAAS;YAAE,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,GAAG,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,UAAU,CAAC,OAA+B,EAAE,IAA0B;IAC7E,IAAI,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC7D,MAAM,KAAK,GAAG,OAAO,CAAC,mBAAmB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC;IACrE,MAAM,IAAI,GAAG,OAAO,CAAC,kBAAkB,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC;IAC3E,OAAO,GAAG,KAAK,MAAM,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,IAAI,CAAC,UAAkB,EAAE,IAAa,EAAE,UAAkC,EAAE;IACnF,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,GAAG,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;AACjH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,UAAgC,EAAE;IACpE,MAAM,kBAAkB,GAAgB,OAAO,CAAC,kBAAkB,IAAI,KAAK,CAAC;IAC5E,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC;IAE7C,OAAO,KAAK,EAAE,KAAwB,EAA+B,EAAE;QACrE,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QACtD,MAAM,MAAM,GAAG,CAAC,KAAK,CAAC,cAAc,EAAE,IAAI,EAAE,MAAM,IAAI,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5E,MAAM,WAAW,GAAG,GAAG,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC;QAC1D,MAAM,IAAI,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;QAErC,IAAI,MAAM,KAAK,SAAS;YAAE,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QACpE,IAAI,MAAM,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC,GAAG,EAAE,yBAAyB,CAAC,WAAW,EAAE,kBAAkB,CAAC,EAAE,IAAI,CAAC,CAAC;QACzG,IAAI,MAAM,KAAK,MAAM;YAAE,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAEnH,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC,GAAG,EAAE,iBAAiB,EAAE,EAAE,GAAG,IAAI,EAAE,kBAAkB,EAAE,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QACrG,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC5G,IAAI,UAAmB,CAAC;QACxB,IAAI,CAAC;YACH,UAAU,GAAG,OAAO,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC5F,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,iCAAiC,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1G,CAAC;QAED,MAAM,WAAW,GAAG,sBAAsB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;QACxE,MAAM,GAAG,GAAG,mBAAmB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QACnD,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,wCAAwC,CAAC;YAC7D,kBAAkB,EAAE,SAAS;YAC7B,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QAEH,sEAAsE;QACtE,2DAA2D;QAC3D,MAAM,cAAc,GAAG,IAAI,OAAO,EAAE,CAAC;QACrC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;YAAE,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE,qCAAqC,CAAC,CAAC;QAEvG,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,WAAW,EAAE;YACvC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,cAAc;YACvB,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;YACxE,MAAM,UAAU,GAA2B,EAAE,GAAG,IAAI,EAAE,CAAC;YACvD,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;gBACtC,UAAU,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;QACpE,CAAC;gBAAS,CAAC;YACT,MAAM,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;YAC/C,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
|
package/dist/schemas.d.ts
CHANGED
|
@@ -41,12 +41,12 @@ export declare const createSigningSessionShape: {
|
|
|
41
41
|
description: z.ZodString;
|
|
42
42
|
reference: z.ZodOptional<z.ZodString>;
|
|
43
43
|
}, "strip", z.ZodTypeAny, {
|
|
44
|
-
description: string;
|
|
45
44
|
type: string;
|
|
45
|
+
description: string;
|
|
46
46
|
reference?: string | undefined;
|
|
47
47
|
}, {
|
|
48
|
-
description: string;
|
|
49
48
|
type: string;
|
|
49
|
+
description: string;
|
|
50
50
|
reference?: string | undefined;
|
|
51
51
|
}>>;
|
|
52
52
|
returnUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -58,11 +58,11 @@ export declare const createSigningSessionShape: {
|
|
|
58
58
|
name: z.ZodOptional<z.ZodString>;
|
|
59
59
|
email: z.ZodOptional<z.ZodString>;
|
|
60
60
|
}, "strip", z.ZodTypeAny, {
|
|
61
|
-
email?: string | undefined;
|
|
62
61
|
name?: string | undefined;
|
|
63
|
-
}, {
|
|
64
62
|
email?: string | undefined;
|
|
63
|
+
}, {
|
|
65
64
|
name?: string | undefined;
|
|
65
|
+
email?: string | undefined;
|
|
66
66
|
}>>;
|
|
67
67
|
idempotencyKey: z.ZodOptional<z.ZodString>;
|
|
68
68
|
};
|
|
@@ -92,11 +92,11 @@ export declare const createEnvelopeShape: {
|
|
|
92
92
|
name: z.ZodOptional<z.ZodString>;
|
|
93
93
|
email: z.ZodOptional<z.ZodString>;
|
|
94
94
|
}, "strip", z.ZodTypeAny, {
|
|
95
|
-
email?: string | undefined;
|
|
96
95
|
name?: string | undefined;
|
|
97
|
-
}, {
|
|
98
96
|
email?: string | undefined;
|
|
97
|
+
}, {
|
|
99
98
|
name?: string | undefined;
|
|
99
|
+
email?: string | undefined;
|
|
100
100
|
}>>;
|
|
101
101
|
idempotencyKey: z.ZodOptional<z.ZodString>;
|
|
102
102
|
};
|
package/dist/server.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
|
|
2
2
|
import type { ToolContext } from './client.js';
|
|
3
3
|
export declare const SERVER_NAME = "signdocs-brasil";
|
|
4
|
-
export declare const SERVER_VERSION = "0.
|
|
4
|
+
export declare const SERVER_VERSION = "0.3.0";
|
|
5
5
|
/**
|
|
6
6
|
* Build a fully-wired MCP server bound to a request/session-scoped
|
|
7
7
|
* {@link ToolContext}. Transport-agnostic: stdio (bin/stdio.ts) builds one
|
package/dist/server.js
CHANGED
|
@@ -8,7 +8,7 @@ import { registerVerifyTools } from './tools/verify.js';
|
|
|
8
8
|
import { registerWebhookTools } from './tools/webhooks.js';
|
|
9
9
|
import { registerResources } from './resources.js';
|
|
10
10
|
export const SERVER_NAME = 'signdocs-brasil';
|
|
11
|
-
export const SERVER_VERSION = '0.
|
|
11
|
+
export const SERVER_VERSION = '0.3.0';
|
|
12
12
|
const INSTRUCTIONS = `SignDocs Brasil electronic-signature API.
|
|
13
13
|
|
|
14
14
|
Use signing sessions for single-signer flows and envelopes for multi-signer
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@signdocs-brasil/mcp-server",
|
|
3
|
-
"version": "0.
|
|
4
|
-
"description": "Model Context Protocol (MCP) server for the SignDocs Brasil e-signature API — lets AI agents create signing sessions, manage envelopes, verify documents and more. Local stdio
|
|
3
|
+
"version": "0.3.0",
|
|
4
|
+
"description": "Model Context Protocol (MCP) server for the SignDocs Brasil e-signature API — lets AI agents create signing sessions, manage envelopes, verify documents and more. Local stdio, remote HTTP, and AWS Lambda transports.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"type": "module",
|
|
7
7
|
"engines": {
|
|
@@ -11,8 +11,22 @@
|
|
|
11
11
|
"signdocs-mcp": "dist/bin/stdio.js",
|
|
12
12
|
"signdocs-mcp-http": "dist/bin/http.js"
|
|
13
13
|
},
|
|
14
|
-
"main": "dist/
|
|
15
|
-
"types": "dist/
|
|
14
|
+
"main": "dist/index.js",
|
|
15
|
+
"types": "dist/index.d.ts",
|
|
16
|
+
"exports": {
|
|
17
|
+
".": {
|
|
18
|
+
"types": "./dist/index.d.ts",
|
|
19
|
+
"import": "./dist/index.js"
|
|
20
|
+
},
|
|
21
|
+
"./http": {
|
|
22
|
+
"types": "./dist/http/server.d.ts",
|
|
23
|
+
"import": "./dist/http/server.js"
|
|
24
|
+
},
|
|
25
|
+
"./lambda": {
|
|
26
|
+
"types": "./dist/lambda.d.ts",
|
|
27
|
+
"import": "./dist/lambda.js"
|
|
28
|
+
}
|
|
29
|
+
},
|
|
16
30
|
"files": [
|
|
17
31
|
"dist",
|
|
18
32
|
"README.md",
|