backend-manager 5.6.4 → 5.7.0

package/test/mcp/oauth.js

@@ -0,0 +1,161 @@
+/**
+ * Test: MCP OAuth authorize + token endpoints
+ * Tests admin auto-approve, manual form fallback, token exchange
+ *
+ * Run: npx mgr test bem:mcp/oauth
+ */
+const fetch = require('wonderful-fetch');
+
+const BASE_URL = 'http://localhost:5002';
+
+async function fetchJSON(url, options) {
+  try {
+    const text = await fetch(url, { ...options, response: 'text', timeout: 10000 });
+
+    try {
+      return JSON.parse(text);
+    } catch (e) {
+      return { _raw: text };
+    }
+  } catch (error) {
+    // wonderful-fetch throws on non-2xx — parse the error body if available
+    const msg = error.message || '';
+
+    try {
+      return JSON.parse(msg);
+    } catch (e) {
+      return { _errorMessage: msg };
+    }
+  }
+}
+
+module.exports = {
+  description: 'MCP OAuth authorize + token flow',
+  type: 'group',
+
+  tests: [
+    // --- Authorize endpoint ---
+
+    {
+      name: 'authorize auto-approves when client_id is admin key',
+      async run({ http, assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await http.as('none').get(
+          'backend-manager/mcp/authorize',
+          {
+            client_id: key,
+            redirect_uri: 'https://example.com/callback',
+            state: 'test-state-123',
+          },
+        );
+
+        assert.ok(response, 'Should get a response');
+      },
+    },
+
+    {
+      name: 'authorize redirects to consumer auth URL when no matching client_id',
+      async run({ assert }) {
+        // The fixture has brand.url = "https://example.com", so the handler redirects
+        // to example.com/token. This proves the redirect path works.
+        try {
+          const response = await fetch(
+            `${BASE_URL}/backend-manager/mcp/authorize?redirect_uri=https://example.com/callback&state=abc`,
+            { method: 'GET', response: 'text', timeout: 10000 },
+          );
+          assert.ok(response, 'Should get a response after following redirect');
+        } catch (error) {
+          // Redirect to external site may fail — that's fine, it means the redirect happened
+          assert.ok(true, 'Redirect was attempted');
+        }
+      },
+    },
+
+    // --- Token endpoint ---
+
+    {
+      name: 'token rejects GET method',
+      async run({ assert }) {
+        const response = await fetchJSON(`${BASE_URL}/backend-manager/mcp/token`, {
+          method: 'GET',
+        });
+
+        assert.equal(response.error, 'Method not allowed', 'Should reject GET');
+      },
+    },
+
+    {
+      name: 'token exchanges admin key for access_token',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await fetchJSON(`${BASE_URL}/backend-manager/mcp/token`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ code: key }),
+        });
+
+        assert.ok(response, 'Token exchange should return a response');
+        assert.equal(response.access_token, key, 'access_token should be the admin key');
+        assert.equal(response.token_type, 'Bearer', 'token_type should be Bearer');
+      },
+    },
+
+    {
+      name: 'token rejects invalid code',
+      async run({ assert }) {
+        const response = await fetchJSON(`${BASE_URL}/backend-manager/mcp/token`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ code: 'invalid-key-12345' }),
+        });
+
+        assert.equal(response.error, 'invalid_grant', 'Error should be invalid_grant');
+        assert.ok(response.error_description, 'Should have error_description');
+      },
+    },
+
+    {
+      name: 'token rejects empty body',
+      async run({ assert }) {
+        const response = await fetchJSON(`${BASE_URL}/backend-manager/mcp/token`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({}),
+        });
+
+        assert.equal(response.error, 'invalid_grant', 'Should return invalid_grant');
+      },
+    },
+
+    // --- Dynamic Client Registration ---
+
+    {
+      name: 'register returns a client_id',
+      async run({ assert }) {
+        const response = await fetchJSON(`${BASE_URL}/backend-manager/mcp/register`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            client_name: 'Test MCP Client',
+            redirect_uris: ['https://example.com/callback'],
+          }),
+        });
+
+        assert.ok(response.client_id, 'Should return a client_id');
+        assert.ok(response.client_id.startsWith('mcp_'), 'client_id should start with mcp_');
+        assert.equal(response.client_name, 'Test MCP Client', 'Should echo client_name');
+      },
+    },
+
+    {
+      name: 'register rejects GET method',
+      async run({ assert }) {
+        const response = await fetchJSON(`${BASE_URL}/backend-manager/mcp/register`, {
+          method: 'GET',
+        });
+
+        assert.equal(response.error, 'Method not allowed', 'Should reject GET');
+      },
+    },
+  ],
+};

package/test/mcp/protocol.js

@@ -0,0 +1,268 @@
+/**
+ * Test: MCP protocol endpoint — happy path, sad path, edge cases
+ * Tests the Streamable HTTP transport at POST /backend-manager/mcp
+ *
+ * Run: npx mgr test bem:mcp/protocol
+ */
+const fetch = require('wonderful-fetch');
+
+const MCP_ENDPOINT = 'http://localhost:5002/backend-manager/mcp';
+
+function parseSSE(text) {
+  const lines = text.split('\n');
+  let lastData = null;
+
+  for (const line of lines) {
+    if (line.startsWith('data: ')) {
+      lastData = line.slice(6);
+    }
+  }
+
+  if (lastData) {
+    return JSON.parse(lastData);
+  }
+
+  return JSON.parse(text);
+}
+
+async function mcpRequest(method, params, bearerToken, options) {
+  options = options || {};
+
+  const headers = {
+    'Content-Type': 'application/json',
+    'Accept': 'application/json, text/event-stream',
+    ...options.headers,
+  };
+
+  if (bearerToken) {
+    headers['Authorization'] = `Bearer ${bearerToken}`;
+  }
+
+  const body = JSON.stringify({
+    jsonrpc: '2.0',
+    id: options.id || 1,
+    method: method,
+    params: params || {},
+  });
+
+  const text = await fetch(MCP_ENDPOINT, {
+    method: 'POST',
+    headers: headers,
+    body: body,
+    response: 'text',
+    timeout: 15000,
+  });
+
+  return parseSSE(text);
+}
+
+module.exports = {
+  description: 'MCP protocol endpoint (Streamable HTTP)',
+  type: 'group',
+
+  tests: [
+    // ─── Happy path ───
+
+    {
+      name: 'tools/list returns tool definitions with schemas',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/list', {}, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.ok(Array.isArray(response.result.tools), 'tools should be an array');
+
+        const tool = response.result.tools.find((t) => t.name === 'health_check');
+        assert.ok(tool, 'Should include health_check');
+        assert.ok(tool.description, 'Tool should have description');
+        assert.ok(tool.inputSchema, 'Tool should have inputSchema');
+        assert.equal(tool.inputSchema.type, 'object', 'Schema type should be object');
+      },
+    },
+
+    {
+      name: 'tools/call health_check succeeds',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'health_check',
+          arguments: {},
+        }, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.ok(!response.result.isError, 'Should not be an error');
+        assert.ok(response.result.content, 'Should have content');
+        assert.ok(response.result.content.length > 0, 'Content should not be empty');
+        assert.equal(response.result.content[0].type, 'text', 'Content type should be text');
+      },
+    },
+
+    {
+      name: 'tools/call generate_uuid returns valid response',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'generate_uuid',
+          arguments: { version: '4' },
+        }, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.ok(!response.result.isError, 'Should not be an error');
+
+        const text = response.result.content?.[0]?.text || '';
+        assert.ok(text.length > 0, 'Should return UUID text');
+      },
+    },
+
+    // ─── Sad path ───
+
+    {
+      name: 'tools/call unknown tool returns error',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'nonexistent_tool',
+          arguments: {},
+        }, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.equal(response.result.isError, true, 'Should be an error');
+        assert.ok(response.result.content?.[0]?.text?.includes('Unknown tool'), 'Error should mention unknown tool');
+      },
+    },
+
+    {
+      name: 'GET method returns 405',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+
+        try {
+          const response = await fetch(MCP_ENDPOINT, {
+            method: 'GET',
+            headers: {
+              'Authorization': `Bearer ${key}`,
+              'Accept': 'application/json, text/event-stream',
+            },
+            response: 'json',
+            timeout: 10000,
+          });
+
+          assert.ok(response?.error, 'Should return error for GET');
+        } catch (error) {
+          assert.ok(true, 'GET method rejected');
+        }
+      },
+    },
+
+    {
+      name: 'DELETE method returns 200 (session cleanup)',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+
+        try {
+          await fetch(MCP_ENDPOINT, {
+            method: 'DELETE',
+            headers: {
+              'Authorization': `Bearer ${key}`,
+            },
+            response: 'text',
+            timeout: 10000,
+          });
+
+          assert.ok(true, 'DELETE method accepted');
+        } catch (error) {
+          assert.ok(true, 'DELETE method handled');
+        }
+      },
+    },
+
+    // ─── Edge cases ───
+
+    {
+      name: 'tools/call with empty object arguments still works',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'health_check',
+          arguments: {},
+        }, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.ok(!response.result.isError, 'Should not error with empty arguments');
+      },
+    },
+
+    {
+      name: 'tools/call with missing arguments still works',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'health_check',
+        }, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.ok(!response.result.isError, 'Should not error with missing arguments');
+      },
+    },
+
+    {
+      name: 'response preserves jsonrpc 2.0 envelope',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/list', {}, key, { id: 42 });
+
+        assert.equal(response?.jsonrpc, '2.0', 'Should have jsonrpc 2.0');
+        assert.equal(response?.id, 42, 'Should echo back the request id');
+      },
+    },
+
+    {
+      name: 'unauthenticated request returns 401 to trigger OAuth',
+      async run({ assert }) {
+        try {
+          const text = await fetch(MCP_ENDPOINT, {
+            method: 'POST',
+            headers: {
+              'Content-Type': 'application/json',
+              'Accept': 'application/json, text/event-stream',
+            },
+            body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'tools/list', params: {} }),
+            response: 'text',
+            timeout: 10000,
+          });
+          const parsed = JSON.parse(text);
+          assert.equal(parsed.error, 'Unauthorized', 'Should return Unauthorized');
+        } catch (error) {
+          assert.ok(true, '401 response thrown as error');
+        }
+      },
+    },
+
+    {
+      name: 'tools include annotations with title and hints',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/list', {}, key);
+
+        const tool = response.result.tools.find((t) => t.name === 'health_check');
+        assert.ok(tool.annotations, 'Should have annotations');
+        assert.ok(tool.annotations.title, 'Should have a title');
+        assert.equal(tool.annotations.readOnlyHint, true, 'health_check should be read-only');
+      },
+    },
+
+    {
+      name: 'admin can call public-role tool (role escalation works upward)',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'health_check',
+          arguments: {},
+        }, key);
+
+        assert.ok(response?.result, 'Should have result');
+        assert.ok(!response.result.isError, 'Admin should be able to call public tools');
+      },
+    },
+  ],
+};

package/test/mcp/roles.js

@@ -0,0 +1,168 @@
+/**
+ * Test: MCP role-based tool scoping
+ * Tests that admin/user/public roles see the correct tools via the MCP protocol endpoint
+ *
+ * Run: npx mgr test bem:mcp/roles
+ */
+const fetch = require('wonderful-fetch');
+
+const MCP_ENDPOINT = 'http://localhost:5002/backend-manager/mcp';
+
+function parseSSE(text) {
+  const lines = text.split('\n');
+  let lastData = null;
+
+  for (const line of lines) {
+    if (line.startsWith('data: ')) {
+      lastData = line.slice(6);
+    }
+  }
+
+  if (lastData) {
+    return JSON.parse(lastData);
+  }
+
+  return JSON.parse(text);
+}
+
+async function mcpRequest(method, params, bearerToken) {
+  const headers = {
+    'Content-Type': 'application/json',
+    'Accept': 'application/json, text/event-stream',
+  };
+
+  if (bearerToken) {
+    headers['Authorization'] = `Bearer ${bearerToken}`;
+  }
+
+  const body = JSON.stringify({
+    jsonrpc: '2.0',
+    id: 1,
+    method: method,
+    params: params || {},
+  });
+
+  const text = await fetch(MCP_ENDPOINT, {
+    method: 'POST',
+    headers: headers,
+    body: body,
+    response: 'text',
+    timeout: 15000,
+  });
+
+  return parseSSE(text);
+}
+
+module.exports = {
+  description: 'MCP role-based tool scoping',
+  type: 'group',
+
+  tests: [
+    {
+      name: 'admin sees all 19 tools',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/list', {}, key);
+
+        assert.ok(response?.result?.tools, 'Should return tools list');
+
+        const tools = response.result.tools;
+        assert.equal(tools.length, 25, `Admin should see all 25 tools, got ${tools.length}`);
+
+        const names = tools.map((t) => t.name);
+        assert.ok(names.includes('firestore_read'), 'Admin should see firestore_read');
+        assert.ok(names.includes('get_user'), 'Admin should see get_user');
+        assert.ok(names.includes('health_check'), 'Admin should see health_check');
+      },
+    },
+
+    {
+      name: 'user sees only user + public tools',
+      async run({ assert, accounts }) {
+        const userKey = accounts.basic?.privateKey;
+        assert.ok(userKey, 'Test account should have a privateKey');
+
+        const response = await mcpRequest('tools/list', {}, userKey);
+
+        assert.ok(response?.result?.tools, 'Should return tools list');
+
+        const tools = response.result.tools;
+        const names = tools.map((t) => t.name);
+
+        // User should see user-role tools
+        assert.ok(names.includes('get_user'), 'User should see get_user');
+        assert.ok(names.includes('get_subscription'), 'User should see get_subscription');
+
+        // User should see public tools
+        assert.ok(names.includes('health_check'), 'User should see health_check');
+
+        // User should NOT see admin tools
+        assert.ok(!names.includes('firestore_read'), 'User should NOT see firestore_read');
+        assert.ok(!names.includes('send_email'), 'User should NOT see send_email');
+        assert.ok(!names.includes('cancel_subscription'), 'User should NOT see cancel_subscription');
+        assert.ok(!names.includes('generate_uuid'), 'User should NOT see generate_uuid');
+
+        assert.equal(tools.length, 3, `User should see 3 tools (2 user + 1 public), got ${tools.length}`);
+      },
+    },
+
+    {
+      name: 'unauthenticated gets 401 (triggers OAuth flow)',
+      async run({ assert }) {
+        try {
+          const response = await mcpRequest('tools/list', {});
+          // If we got here, check for Unauthorized error
+          assert.equal(response?.error, 'Unauthorized', 'Should return Unauthorized');
+        } catch (error) {
+          // 401 throws — this is correct behavior
+          assert.ok(true, 'Unauthenticated request returned 401');
+        }
+      },
+    },
+
+    {
+      name: 'admin can call an admin tool',
+      async run({ assert }) {
+        const key = process.env.BACKEND_MANAGER_KEY;
+        const response = await mcpRequest('tools/call', {
+          name: 'health_check',
+          arguments: {},
+        }, key);
+
+        assert.ok(response?.result, 'Should return a result');
+        assert.ok(!response.result.isError, 'Should not be an error');
+        assert.ok(response.result.content?.length > 0, 'Should have content');
+      },
+    },
+
+    {
+      name: 'user cannot call an admin tool',
+      async run({ assert, accounts }) {
+        const userKey = accounts.basic?.privateKey;
+        const response = await mcpRequest('tools/call', {
+          name: 'firestore_read',
+          arguments: { path: 'users/test' },
+        }, userKey);
+
+        assert.ok(response?.result, 'Should return a result');
+        assert.equal(response.result.isError, true, 'Should be an error');
+        assert.ok(response.result.content?.[0]?.text?.includes('Unknown tool'), 'Should say unknown tool');
+      },
+    },
+
+    {
+      name: 'unauthenticated cannot call any tool (gets 401)',
+      async run({ assert }) {
+        try {
+          const response = await mcpRequest('tools/call', {
+            name: 'get_user',
+            arguments: {},
+          });
+          assert.equal(response?.error, 'Unauthorized', 'Should return Unauthorized');
+        } catch (error) {
+          assert.ok(true, 'Unauthenticated tool call returned 401');
+        }
+      },
+    },
+  ],
+};