npm - mcp-oauth-provider - Versions diffs - 0.0.1 - Mend

mcp-oauth-provider 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/README.md +668 -0
package/dist/__tests__/config.test.js +56 -0
package/dist/__tests__/config.test.js.map +1 -0
package/dist/__tests__/integration.test.js +341 -0
package/dist/__tests__/integration.test.js.map +1 -0
package/dist/__tests__/oauth-flow.test.js +201 -0
package/dist/__tests__/oauth-flow.test.js.map +1 -0
package/dist/__tests__/server.test.js +271 -0
package/dist/__tests__/server.test.js.map +1 -0
package/dist/__tests__/storage.test.js +256 -0
package/dist/__tests__/storage.test.js.map +1 -0
package/dist/client/config.js +30 -0
package/dist/client/config.js.map +1 -0
package/dist/client/factory.js +16 -0
package/dist/client/factory.js.map +1 -0
package/dist/client/index.js +237 -0
package/dist/client/index.js.map +1 -0
package/dist/client/oauth-flow.js +73 -0
package/dist/client/oauth-flow.js.map +1 -0
package/dist/client/storage.js +237 -0
package/dist/client/storage.js.map +1 -0
package/dist/index.js +12 -0
package/dist/index.js.map +1 -0
package/dist/server/callback.js +164 -0
package/dist/server/callback.js.map +1 -0
package/dist/server/index.js +8 -0
package/dist/server/index.js.map +1 -0
package/dist/server/templates.js +245 -0
package/dist/server/templates.js.map +1 -0
package/package.json +66 -0
package/src/__tests__/config.test.ts +78 -0
package/src/__tests__/integration.test.ts +398 -0
package/src/__tests__/oauth-flow.test.ts +276 -0
package/src/__tests__/server.test.ts +391 -0
package/src/__tests__/storage.test.ts +329 -0
package/src/client/config.ts +134 -0
package/src/client/factory.ts +19 -0
package/src/client/index.ts +361 -0
package/src/client/oauth-flow.ts +115 -0
package/src/client/storage.ts +335 -0
package/src/index.ts +31 -0
package/src/server/callback.ts +257 -0
package/src/server/index.ts +21 -0
package/src/server/templates.ts +271 -0

package/src/__tests__/storage.test.ts ADDED Viewed

@@ -0,0 +1,329 @@
+import { beforeEach, describe, expect, test } from 'bun:test';
+import type { OAuthTokens } from '../client/config.js';
+import {
+  FileStorage,
+  MemoryStorage,
+  OAuthStorage,
+  createStorageAdapter,
+} from '../client/storage.js';
+describe('MemoryStorage', () => {
+  let storage: MemoryStorage;
+  beforeEach(() => {
+    storage = new MemoryStorage();
+  });
+  test('should store and retrieve values', async () => {
+    await storage.set('test-key', 'test-value');
+    const value = await storage.get('test-key');
+    expect(value).toBe('test-value');
+  });
+  test('should return undefined for missing keys', async () => {
+    const value = await storage.get('non-existent');
+    expect(value).toBeUndefined();
+  });
+  test('should delete values', async () => {
+    await storage.set('test-key', 'test-value');
+    await storage.delete('test-key');
+    const value = await storage.get('test-key');
+    expect(value).toBeUndefined();
+  });
+  test('should clear all data', async () => {
+    await storage.set('key1', 'value1');
+    await storage.set('key2', 'value2');
+    storage.clear();
+    const value1 = await storage.get('key1');
+    const value2 = await storage.get('key2');
+    expect(value1).toBeUndefined();
+    expect(value2).toBeUndefined();
+  });
+  test('should handle multiple values', async () => {
+    await storage.set('key1', 'value1');
+    await storage.set('key2', 'value2');
+    await storage.set('key3', 'value3');
+    const value1 = await storage.get('key1');
+    const value2 = await storage.get('key2');
+    const value3 = await storage.get('key3');
+    expect(value1).toBe('value1');
+    expect(value2).toBe('value2');
+    expect(value3).toBe('value3');
+  });
+});
+describe('FileStorage', () => {
+  let storage: FileStorage;
+  const testPath = './test-oauth-data';
+  beforeEach(async () => {
+    storage = new FileStorage(testPath);
+    await storage.clear(); // Clean up before each test
+  });
+  test('should store and retrieve values', async () => {
+    await storage.set('test-key', 'test-value');
+    const value = await storage.get('test-key');
+    expect(value).toBe('test-value');
+  });
+  test('should return undefined for missing keys', async () => {
+    const value = await storage.get('non-existent');
+    expect(value).toBeUndefined();
+  });
+  test('should delete values', async () => {
+    await storage.set('test-key', 'test-value');
+    await storage.delete('test-key');
+    const value = await storage.get('test-key');
+    expect(value).toBeUndefined();
+  });
+  test('should sanitize keys for filenames', async () => {
+    const unsafeKey = 'test/key:with@special#chars';
+    await storage.set(unsafeKey, 'test-value');
+    const value = await storage.get(unsafeKey);
+    expect(value).toBe('test-value');
+  });
+  test('should handle multiple values', async () => {
+    await storage.set('key1', 'value1');
+    await storage.set('key2', 'value2');
+    const value1 = await storage.get('key1');
+    const value2 = await storage.get('key2');
+    expect(value1).toBe('value1');
+    expect(value2).toBe('value2');
+  });
+  test('should clear all data', async () => {
+    await storage.set('key1', 'value1');
+    await storage.set('key2', 'value2');
+    await storage.clear();
+    const value1 = await storage.get('key1');
+    const value2 = await storage.get('key2');
+    expect(value1).toBeUndefined();
+    expect(value2).toBeUndefined();
+  });
+});
+describe('createStorageAdapter', () => {
+  test('should create MemoryStorage by default', () => {
+    const storage = createStorageAdapter();
+    expect(storage).toBeInstanceOf(MemoryStorage);
+  });
+  test('should create MemoryStorage when type is "memory"', () => {
+    const storage = createStorageAdapter('memory');
+    expect(storage).toBeInstanceOf(MemoryStorage);
+  });
+  test('should create FileStorage when type is "file"', () => {
+    const storage = createStorageAdapter('file');
+    expect(storage).toBeInstanceOf(FileStorage);
+  });
+  test('should use custom path for FileStorage', async () => {
+    const customPath = './custom-oauth-path';
+    const storage = createStorageAdapter('file', { path: customPath });
+    expect(storage).toBeInstanceOf(FileStorage);
+    // Clean up
+    if (storage instanceof FileStorage) {
+      await storage.clear();
+    }
+  });
+});
+describe('OAuthStorage', () => {
+  let storage: MemoryStorage;
+  let oauthStorage: OAuthStorage;
+  const sessionId = 'test-session-id';
+  beforeEach(() => {
+    storage = new MemoryStorage();
+    oauthStorage = new OAuthStorage(storage, sessionId);
+  });
+  describe('token management', () => {
+    test('should save and retrieve tokens', async () => {
+      const tokens: OAuthTokens = {
+        access_token: 'test-access-token',
+        token_type: 'Bearer',
+        expires_in: 3600,
+        refresh_token: 'test-refresh-token',
+      };
+      await oauthStorage.saveTokens(tokens);
+      const retrieved = await oauthStorage.getTokens();
+      expect(retrieved).toBeDefined();
+      expect(retrieved?.access_token).toBe(tokens.access_token);
+      expect(retrieved?.token_type).toBe(tokens.token_type);
+      expect(retrieved?.refresh_token).toBe(tokens.refresh_token);
+      // expires_in should be close to original value (within 5 seconds due to time passing)
+      expect(retrieved?.expires_in).toBeGreaterThanOrEqual(3595);
+      expect(retrieved?.expires_in).toBeLessThanOrEqual(3600);
+    });
+    test('should return undefined when no tokens exist', async () => {
+      const tokens = await oauthStorage.getTokens();
+      expect(tokens).toBeUndefined();
+    });
+    test('should clear tokens', async () => {
+      const tokens: OAuthTokens = {
+        access_token: 'test-access-token',
+        token_type: 'Bearer',
+      };
+      await oauthStorage.saveTokens(tokens);
+      await oauthStorage.clearTokens();
+      const retrieved = await oauthStorage.getTokens();
+      expect(retrieved).toBeUndefined();
+    });
+    test('should handle tokens without optional fields', async () => {
+      const tokens: OAuthTokens = {
+        access_token: 'test-access-token',
+        token_type: 'Bearer',
+      };
+      await oauthStorage.saveTokens(tokens);
+      const retrieved = await oauthStorage.getTokens();
+      expect(retrieved).toEqual(tokens);
+    });
+  });
+  describe('client info management', () => {
+    test('should save and retrieve client info', async () => {
+      const clientInfo = {
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        redirect_uris: ['http://localhost:8080/callback'],
+      };
+      await oauthStorage.saveClientInfo(clientInfo);
+      const retrieved = await oauthStorage.getClientInfo();
+      expect(retrieved).toEqual(clientInfo);
+    });
+    test('should return undefined when no client info exists', async () => {
+      const clientInfo = await oauthStorage.getClientInfo();
+      expect(clientInfo).toBeUndefined();
+    });
+    test('should handle client info without secret', async () => {
+      const clientInfo = {
+        client_id: 'test-client-id',
+        redirect_uris: ['http://localhost:8080/callback'],
+      };
+      await oauthStorage.saveClientInfo(clientInfo);
+      const retrieved = await oauthStorage.getClientInfo();
+      expect(retrieved).toEqual(clientInfo);
+    });
+  });
+  describe('code verifier management', () => {
+    test('should save and retrieve code verifier', async () => {
+      const verifier = 'test-code-verifier-12345';
+      await oauthStorage.saveCodeVerifier(verifier);
+      const retrieved = await oauthStorage.getCodeVerifier();
+      expect(retrieved).toBe(verifier);
+    });
+    test('should return undefined when no code verifier exists', async () => {
+      const verifier = await oauthStorage.getCodeVerifier();
+      expect(verifier).toBeUndefined();
+    });
+    test('should clear code verifier', async () => {
+      const verifier = 'test-code-verifier-12345';
+      await oauthStorage.saveCodeVerifier(verifier);
+      await oauthStorage.clearCodeVerifier();
+      const retrieved = await oauthStorage.getCodeVerifier();
+      expect(retrieved).toBeUndefined();
+    });
+  });
+  describe('session isolation', () => {
+    test('should isolate tokens between sessions', async () => {
+      const session1 = new OAuthStorage(storage, 'session-1');
+      const session2 = new OAuthStorage(storage, 'session-2');
+      const tokens1: OAuthTokens = {
+        access_token: 'token-1',
+        token_type: 'Bearer',
+      };
+      const tokens2: OAuthTokens = {
+        access_token: 'token-2',
+        token_type: 'Bearer',
+      };
+      await session1.saveTokens(tokens1);
+      await session2.saveTokens(tokens2);
+      const retrieved1 = await session1.getTokens();
+      const retrieved2 = await session2.getTokens();
+      expect(retrieved1).toEqual(tokens1);
+      expect(retrieved2).toEqual(tokens2);
+    });
+    test('should correctly calculate expires_in over time', async () => {
+      const tokens: OAuthTokens = {
+        access_token: 'test-access-token',
+        token_type: 'Bearer',
+        expires_in: 3600, // 1 hour
+        refresh_token: 'test-refresh-token',
+      };
+      // Save tokens
+      await oauthStorage.saveTokens(tokens);
+      // Retrieve immediately - should be close to 3600
+      const retrieved1 = await oauthStorage.getTokens();
+      expect(retrieved1?.expires_in).toBeGreaterThanOrEqual(3595);
+      expect(retrieved1?.expires_in).toBeLessThanOrEqual(3600);
+      // Wait 2 seconds
+      await new Promise(resolve => setTimeout(resolve, 2000));
+      // Retrieve again - should be approximately 2 seconds less
+      const retrieved2 = await oauthStorage.getTokens();
+      expect(retrieved2?.expires_in).toBeGreaterThanOrEqual(3593);
+      expect(retrieved2?.expires_in).toBeLessThanOrEqual(3598);
+      expect(retrieved2?.expires_in).toBeLessThan(retrieved1!.expires_in!);
+    });
+  });
+});

package/src/client/config.ts ADDED Viewed

@@ -0,0 +1,134 @@
+import type {
+  OAuthClientInformation,
+  OAuthClientInformationFull,
+  OAuthClientMetadata,
+  OAuthTokens,
+} from '@modelcontextprotocol/sdk/shared/auth.js';
+export type {
+  OAuthClientInformation,
+  OAuthClientInformationFull,
+  OAuthClientMetadata,
+  OAuthTokens,
+};
+/**
+ * Storage adapter interface for persisting OAuth data
+ */
+export interface StorageAdapter {
+  /**
+   * Get a value by key
+   */
+  get(key: string): Promise<string | undefined> | string | undefined;
+  /**
+   * Set a value by key
+   */
+  set(key: string, value: string): Promise<void> | void;
+  /**
+   * Delete a value by key
+   */
+  delete(key: string): Promise<void> | void;
+}
+/**
+ * Configuration for OAuth client provider
+ */
+export interface OAuthConfig {
+  /**
+   * OAuth client ID (can be provided or dynamically registered)
+   */
+  clientId?: string;
+  /**
+   * OAuth client secret (optional for public clients)
+   */
+  clientSecret?: string;
+  /**
+   * Redirect URI for OAuth callbacks
+   */
+  redirectUri: string;
+  /**
+   * OAuth scope to request
+   */
+  scope?: string;
+  /**
+   * Session identifier for this OAuth client instance
+   */
+  sessionId?: string;
+  /**
+   * Storage adapter for persisting OAuth data
+   */
+  storage?: StorageAdapter;
+  /**
+   * OAuth client metadata for registration
+   */
+  clientMetadata?: Partial<OAuthClientMetadata>;
+  /**
+   * OAuth tokens (can be provided statically or loaded from storage)
+   */
+  tokens?: OAuthTokens;
+  /**
+   * Token refresh configuration
+   */
+  tokenRefresh?: {
+    /**
+     * Maximum number of retry attempts for token refresh
+     */
+    maxRetries?: number;
+    /**
+     * Delay between retry attempts in milliseconds
+     */
+    retryDelay?: number;
+  };
+  /**
+   * Authorization server metadata (can be provided or obtained during auth flow)
+   */
+  authorizationServerMetadata?: {
+    issuer: string;
+    authorization_endpoint: string;
+    token_endpoint: string;
+    [key: string]: unknown;
+  };
+}
+/**
+ * Default OAuth client metadata
+ */
+export const DEFAULT_CLIENT_METADATA: OAuthClientMetadata = {
+  redirect_uris: [],
+  grant_types: ['authorization_code', 'refresh_token'],
+  response_types: ['code'],
+  token_endpoint_auth_method: 'client_secret_post',
+  scope: 'openid profile email',
+  client_name: 'MCP OAuth Client',
+  client_uri: 'https://github.com/modelcontextprotocol/typescript-sdk',
+};
+/**
+ * Generate a random session ID
+ */
+export function generateSessionId(): string {
+  return crypto.randomUUID();
+}
+/**
+ * Generate a random state parameter for CSRF protection
+ */
+export function generateState(): string {
+  const array = new Uint8Array(32);
+  crypto.getRandomValues(array);
+  return Array.from(array, byte => byte.toString(16).padStart(2, '0')).join('');
+}

package/src/client/factory.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type { OAuthConfig } from './config.js';
+import { MCPOAuthClientProvider } from './index.js';
+/**
+ * Factory function to create an OAuth client provider
+ *
+ * @example
+ * ```typescript
+ * const provider = createOAuthProvider({
+ *   redirectUri: 'http://localhost:8080/callback',
+ *   scope: 'openid profile email',
+ * });
+ * ```
+ */
+export function createOAuthProvider(
+  config: OAuthConfig
+): MCPOAuthClientProvider {
+  return new MCPOAuthClientProvider(config);
+}