align-mcp-remote 0.1.39 → 0.1.41
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-V2QU44UI.js → chunk-YCBPOVTL.js} +50 -18
- package/dist/client.js +2 -2
- package/dist/proxy.js +2 -2
- package/package.json +1 -1
|
@@ -15632,7 +15632,7 @@ var Client = class extends Protocol {
|
|
|
15632
15632
|
};
|
|
15633
15633
|
|
|
15634
15634
|
// package.json
|
|
15635
|
-
var version2 = "0.1.
|
|
15635
|
+
var version2 = "0.1.40";
|
|
15636
15636
|
|
|
15637
15637
|
// node_modules/pkce-challenge/dist/index.node.js
|
|
15638
15638
|
var crypto;
|
|
@@ -18092,23 +18092,51 @@ async function discoverOAuthServerInfo2(serverUrl, headers = {}) {
|
|
|
18092
18092
|
downstreamTokenHeader: protectedResourceMetadata?.x_downstream_resource ? downstreamTokenHeader : void 0
|
|
18093
18093
|
};
|
|
18094
18094
|
}
|
|
18095
|
-
async function performDownstreamAuth(authProvider, downstreamResource, callbackPort
|
|
18095
|
+
async function performDownstreamAuth(authProvider, downstreamResource, callbackPort) {
|
|
18096
18096
|
debugLog("Starting downstream OAuth flow", { downstreamResource });
|
|
18097
|
-
const
|
|
18097
|
+
const downstreamAs = downstreamResource.authorization_servers[0];
|
|
18098
|
+
if (!downstreamAs) {
|
|
18099
|
+
throw new Error("x_downstream_resource.authorization_servers is empty");
|
|
18100
|
+
}
|
|
18101
|
+
const downstreamServerMetadata = await fetchAuthorizationServerMetadata(downstreamAs);
|
|
18098
18102
|
if (!downstreamServerMetadata) {
|
|
18099
|
-
throw new Error(`Failed to fetch downstream authorization server metadata from ${
|
|
18103
|
+
throw new Error(`Failed to fetch downstream authorization server metadata from ${downstreamAs}`);
|
|
18100
18104
|
}
|
|
18101
|
-
const
|
|
18105
|
+
const downstreamCallbackPort = await findAvailablePort(callbackPort + 1);
|
|
18106
|
+
const downstreamEvents = new (await import("events")).EventEmitter();
|
|
18107
|
+
const { server: downstreamServer, waitForAuthCode: waitForDownstreamCode } = setupOAuthCallbackServerWithLongPoll({
|
|
18108
|
+
port: downstreamCallbackPort,
|
|
18109
|
+
path: "/oauth/callback",
|
|
18110
|
+
events: downstreamEvents,
|
|
18111
|
+
authTimeoutMs: 3e5
|
|
18112
|
+
});
|
|
18113
|
+
const host = authProvider.options.host || "localhost";
|
|
18114
|
+
const redirectUrl = `http://${host}:${downstreamCallbackPort}/oauth/callback`;
|
|
18102
18115
|
const scope = downstreamResource.scopes_required?.join(" ") ?? "";
|
|
18103
|
-
const
|
|
18116
|
+
const downstreamClientMetadata = {
|
|
18117
|
+
redirect_uris: [redirectUrl],
|
|
18118
|
+
token_endpoint_auth_method: "none",
|
|
18119
|
+
grant_types: ["authorization_code", "refresh_token"],
|
|
18120
|
+
response_types: ["code"],
|
|
18121
|
+
client_name: authProvider.options.clientName || "MCP CLI Client",
|
|
18122
|
+
scope
|
|
18123
|
+
};
|
|
18124
|
+
const downstreamClientInfo = await registerClient(downstreamAs, {
|
|
18125
|
+
metadata: downstreamServerMetadata,
|
|
18126
|
+
clientMetadata: downstreamClientMetadata
|
|
18127
|
+
});
|
|
18128
|
+
debugLog("Registered downstream client", { client_id: downstreamClientInfo.client_id });
|
|
18129
|
+
const downstreamHash = crypto2.createHash("md5").update(downstreamAs).digest("hex");
|
|
18130
|
+
await writeJsonFile(downstreamHash, "downstream_client_info.json", downstreamClientInfo);
|
|
18131
|
+
const { authorizationUrl, codeVerifier } = await startAuthorization(downstreamAs, {
|
|
18104
18132
|
metadata: downstreamServerMetadata,
|
|
18105
|
-
clientInformation:
|
|
18133
|
+
clientInformation: downstreamClientInfo,
|
|
18106
18134
|
redirectUrl,
|
|
18107
18135
|
scope,
|
|
18108
18136
|
resource: new URL(downstreamResource.resource)
|
|
18109
18137
|
});
|
|
18110
18138
|
log(`
|
|
18111
|
-
Please authorize downstream resource by visiting:
|
|
18139
|
+
Please authorize the downstream resource by visiting:
|
|
18112
18140
|
${authorizationUrl.toString()}
|
|
18113
18141
|
`);
|
|
18114
18142
|
try {
|
|
@@ -18118,16 +18146,20 @@ ${authorizationUrl.toString()}
|
|
|
18118
18146
|
} catch {
|
|
18119
18147
|
log("Could not open browser automatically. Please copy and paste the URL above.");
|
|
18120
18148
|
}
|
|
18121
|
-
|
|
18122
|
-
|
|
18123
|
-
|
|
18124
|
-
|
|
18125
|
-
|
|
18126
|
-
|
|
18127
|
-
|
|
18128
|
-
|
|
18129
|
-
|
|
18130
|
-
|
|
18149
|
+
try {
|
|
18150
|
+
const code = await waitForDownstreamCode();
|
|
18151
|
+
const tokens = await exchangeAuthorization(downstreamAs, {
|
|
18152
|
+
metadata: downstreamServerMetadata,
|
|
18153
|
+
clientInformation: downstreamClientInfo,
|
|
18154
|
+
authorizationCode: code,
|
|
18155
|
+
codeVerifier,
|
|
18156
|
+
redirectUri: redirectUrl
|
|
18157
|
+
});
|
|
18158
|
+
await authProvider.saveDownstreamTokens(tokens);
|
|
18159
|
+
debugLog("Downstream OAuth flow completed, tokens saved");
|
|
18160
|
+
} finally {
|
|
18161
|
+
downstreamServer.close();
|
|
18162
|
+
}
|
|
18131
18163
|
}
|
|
18132
18164
|
async function connectToRemoteServer(client, serverUrl, authProvider, headers, authInitializer, transportStrategy = "http-first", downstreamTokenHeader, recursionReasons = /* @__PURE__ */ new Set()) {
|
|
18133
18165
|
log(`[${pid}] Connecting to remote server: ${serverUrl}`);
|
package/dist/client.js
CHANGED
|
@@ -13,7 +13,7 @@ import {
|
|
|
13
13
|
performDownstreamAuth,
|
|
14
14
|
setupSignalHandlers,
|
|
15
15
|
version
|
|
16
|
-
} from "./chunk-
|
|
16
|
+
} from "./chunk-YCBPOVTL.js";
|
|
17
17
|
|
|
18
18
|
// src/client.ts
|
|
19
19
|
import { EventEmitter } from "events";
|
|
@@ -67,7 +67,7 @@ async function runClient(serverUrl, callbackPort, headers, transportStrategy = "
|
|
|
67
67
|
const code = await authState.waitForAuthCode();
|
|
68
68
|
if (downstreamResource && !authState.skipBrowserAuth) {
|
|
69
69
|
log("Layer 1 auth complete. Starting downstream (Layer 2) OAuth flow...");
|
|
70
|
-
await performDownstreamAuth(authProvider, downstreamResource, callbackPort
|
|
70
|
+
await performDownstreamAuth(authProvider, downstreamResource, callbackPort);
|
|
71
71
|
log("Layer 2 auth complete.");
|
|
72
72
|
}
|
|
73
73
|
return code;
|
package/dist/proxy.js
CHANGED
|
@@ -11,7 +11,7 @@ import {
|
|
|
11
11
|
parseCommandLineArgs,
|
|
12
12
|
performDownstreamAuth,
|
|
13
13
|
setupSignalHandlers
|
|
14
|
-
} from "./chunk-
|
|
14
|
+
} from "./chunk-YCBPOVTL.js";
|
|
15
15
|
|
|
16
16
|
// src/proxy.ts
|
|
17
17
|
import { EventEmitter } from "events";
|
|
@@ -152,7 +152,7 @@ async function runProxy(serverUrl, callbackPort, headers, transportStrategy = "h
|
|
|
152
152
|
const code = await authState.waitForAuthCode();
|
|
153
153
|
if (downstreamResource && !authState.skipBrowserAuth) {
|
|
154
154
|
log("Layer 1 auth complete. Starting downstream (Layer 2) OAuth flow...");
|
|
155
|
-
await performDownstreamAuth(authProvider, downstreamResource, callbackPort
|
|
155
|
+
await performDownstreamAuth(authProvider, downstreamResource, callbackPort);
|
|
156
156
|
log("Layer 2 auth complete.");
|
|
157
157
|
}
|
|
158
158
|
return code;
|