npm - @smithery/sdk - Versions diffs - 1.6.3 → 1.6.5 - Mend

@smithery/sdk 1.6.3 → 1.6.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/server/auth/oauth.d.ts +10 -2
package/dist/server/auth/oauth.js +18 -4
package/package.json +1 -1

package/dist/server/auth/oauth.d.ts CHANGED Viewed

@@ -1,13 +1,21 @@
 import type { OAuthServerProvider, OAuthTokenVerifier } from "@modelcontextprotocol/sdk/server/auth/provider.js";
+import type { AuthInfo } from "@modelcontextprotocol/sdk/server/auth/types.js";
 import type { Application, Response } from "express";
 import { type IdentityHandler } from "./identity.js";
-export interface CallbackOAuthServerProvider extends OAuthServerProvider {
+export interface TokenVerifier extends OAuthTokenVerifier {
+    verifyAccessToken: (token: string) => Promise<AuthInfo>;
+    requiredScopes?: string[];
+    resourceMetadataUrl?: string;
+}
+type ProviderVerifier = OAuthServerProvider & TokenVerifier;
+export interface OAuthProvider extends ProviderVerifier {
     basePath?: string;
     callbackPath?: string;
     handleOAuthCallback?: (code: string, state: string | undefined, res: Response) => Promise<URL>;
 }
 export interface OAuthMountOptions {
-    provider?: CallbackOAuthServerProvider | OAuthTokenVerifier;
+    provider?: OAuthProvider | ProviderVerifier;
     identity?: IdentityHandler;
 }
 export declare function mountOAuth(app: Application, opts: OAuthMountOptions): void;
+export {};

package/dist/server/auth/oauth.js CHANGED Viewed

@@ -1,10 +1,10 @@
-import { requireBearerAuth } from "@modelcontextprotocol/sdk/server/auth/middleware/bearerAuth.js";
-import { mcpAuthMetadataRouter, createOAuthMetadata, } from "@modelcontextprotocol/sdk/server/auth/router.js";
 import { authorizationHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/authorize.js";
-import { tokenHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/token.js";
+import { metadataHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/metadata.js";
 import { clientRegistrationHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/register.js";
 import { revocationHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/revoke.js";
-import { metadataHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/metadata.js";
+import { tokenHandler } from "@modelcontextprotocol/sdk/server/auth/handlers/token.js";
+import { requireBearerAuth } from "@modelcontextprotocol/sdk/server/auth/middleware/bearerAuth.js";
+import { createOAuthMetadata, mcpAuthMetadataRouter, } from "@modelcontextprotocol/sdk/server/auth/router.js";
 import { mountIdentity } from "./identity.js";
 function isOAuthProvider(provider) {
     return !!provider && "authorize" in provider;
@@ -77,9 +77,21 @@ export function mountOAuth(app, opts) {
             const issuerUrl = new URL(`${req.protocol}://${host}`);
             const protectedResourceMetadata = {
                 resource: new URL("/mcp", issuerUrl).href,
+                authorization_servers: [issuerUrl.href],
             };
             return metadataHandler(protectedResourceMetadata)(req, res, next);
         });
+        // Identity-only: also advertise minimal AS metadata for discovery per RFC 8414
+        app.use("/.well-known/oauth-authorization-server", (req, res, next) => {
+            const host = req.get("host") ?? "localhost";
+            const issuerUrl = new URL(`${req.protocol}://${host}`);
+            const oauthMetadata = {
+                issuer: issuerUrl.href,
+                token_endpoint: new URL(`${basePath}token`, issuerUrl).href,
+                grant_types_supported: ["urn:ietf:params:oauth:grant-type:jwt-bearer"],
+            };
+            return metadataHandler(oauthMetadata)(req, res, next);
+        });
     }
     // Mount identity (JWT bearer grant) first so OAuth token can fall through
     if (opts.identity) {
@@ -135,6 +147,8 @@ export function mountOAuth(app, opts) {
         app.use("/mcp", (req, res, next) => {
             return requireBearerAuth({
                 verifier: provider,
+                requiredScopes: provider.requiredScopes,
+                resourceMetadataUrl: provider.resourceMetadataUrl,
             })(req, res, next);
         });
     }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@smithery/sdk",
-	"version": "1.6.3",
+	"version": "1.6.5",
 	"description": "SDK to develop with Smithery",
 	"type": "module",
 	"main": "./dist/index.js",