npm - mcp-proxy - Versions diffs - 5.6.1 → 5.8.0 - Mend

mcp-proxy 5.6.1 → 5.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/README.md +1 -0
package/dist/bin/mcp-proxy.js +7 -1
package/dist/bin/mcp-proxy.js.map +1 -1
package/dist/index.d.ts +4 -0
package/dist/index.js +1 -1
package/dist/{stdio-D0Lv8ytu.js → stdio-so1-I7Pn.js} +43 -16
package/dist/stdio-so1-I7Pn.js.map +1 -0
package/jsr.json +1 -1
package/package.json +1 -1
package/src/bin/mcp-proxy.ts +6 -0
package/src/fixtures/slow-stdio-server.ts +91 -0
package/src/proxyServer.test.ts +148 -0
package/src/proxyServer.ts +43 -10
package/src/startHTTPServer.test.ts +480 -0
package/src/startHTTPServer.ts +42 -2
package/dist/stdio-D0Lv8ytu.js.map +0 -1

package/dist/index.d.ts CHANGED Viewed

@@ -43,10 +43,12 @@ declare class InMemoryEventStore implements EventStore {
 //#region src/proxyServer.d.ts
 declare const proxyServer: ({
   client,
+  requestTimeout,
   server,
   serverCapabilities
 }: {
   client: Client;
+  requestTimeout?: number;
   server: Server;
   serverCapabilities: ServerCapabilities;
 }) => Promise<void>;
@@ -61,6 +63,7 @@ type ServerLike = {
 };
 declare const startHTTPServer: <T extends ServerLike>({
   apiKey,
+  authenticate,
   createServer,
   enableJsonResponse,
   eventStore,
@@ -74,6 +77,7 @@ declare const startHTTPServer: <T extends ServerLike>({
   streamEndpoint
 }: {
   apiKey?: string;
+  authenticate?: (request: http.IncomingMessage) => Promise<unknown>;
   createServer: (request: http.IncomingMessage) => Promise<T>;
   enableJsonResponse?: boolean;
   eventStore?: EventStore;

package/dist/index.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { Client, InMemoryEventStore, JSONRPCMessageSchema, LATEST_PROTOCOL_VERSION, NEVER, ReadBuffer, Server, ZodIssueCode, anyType, arrayType, booleanType, isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, numberType, objectType, proxyServer, serializeMessage, startHTTPServer, stringType } from "./stdio-D0Lv8ytu.js";
+import { Client, InMemoryEventStore, JSONRPCMessageSchema, LATEST_PROTOCOL_VERSION, NEVER, ReadBuffer, Server, ZodIssueCode, anyType, arrayType, booleanType, isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, numberType, objectType, proxyServer, serializeMessage, startHTTPServer, stringType } from "./stdio-so1-I7Pn.js";
 import process from "node:process";
 //#region node_modules/.pnpm/eventsource-parser@3.0.6/node_modules/eventsource-parser/dist/index.js

package/dist/{stdio-D0Lv8ytu.js → stdio-so1-I7Pn.js} RENAMED Viewed

@@ -4400,7 +4400,7 @@ var McpError = class extends Error {
 //#endregion
 //#region src/proxyServer.ts
-const proxyServer = async ({ client, server, serverCapabilities }) => {
+const proxyServer = async ({ client, requestTimeout, server, serverCapabilities }) => {
 	if (serverCapabilities?.logging) {
 		server.setNotificationHandler(LoggingMessageNotificationSchema, async (args) => {
 			return client.notification(args);
@@ -4411,44 +4411,44 @@ const proxyServer = async ({ client, server, serverCapabilities }) => {
 	}
 	if (serverCapabilities?.prompts) {
 		server.setRequestHandler(GetPromptRequestSchema, async (args) => {
-			return client.getPrompt(args.params);
+			return client.getPrompt(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 		server.setRequestHandler(ListPromptsRequestSchema, async (args) => {
-			return client.listPrompts(args.params);
+			return client.listPrompts(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 	}
 	if (serverCapabilities?.resources) {
 		server.setRequestHandler(ListResourcesRequestSchema, async (args) => {
-			return client.listResources(args.params);
+			return client.listResources(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 		server.setRequestHandler(ListResourceTemplatesRequestSchema, async (args) => {
-			return client.listResourceTemplates(args.params);
+			return client.listResourceTemplates(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 		server.setRequestHandler(ReadResourceRequestSchema, async (args) => {
-			return client.readResource(args.params);
+			return client.readResource(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 		if (serverCapabilities?.resources.subscribe) {
 			server.setNotificationHandler(ResourceUpdatedNotificationSchema, async (args) => {
 				return client.notification(args);
 			});
 			server.setRequestHandler(SubscribeRequestSchema, async (args) => {
-				return client.subscribeResource(args.params);
+				return client.subscribeResource(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 			});
 			server.setRequestHandler(UnsubscribeRequestSchema, async (args) => {
-				return client.unsubscribeResource(args.params);
+				return client.unsubscribeResource(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 			});
 		}
 	}
 	if (serverCapabilities?.tools) {
 		server.setRequestHandler(CallToolRequestSchema, async (args) => {
-			return client.callTool(args.params);
+			return client.callTool(args.params, void 0, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 		server.setRequestHandler(ListToolsRequestSchema, async (args) => {
-			return client.listTools(args.params);
+			return client.listTools(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 		});
 	}
 	server.setRequestHandler(CompleteRequestSchema, async (args) => {
-		return client.complete(args.params);
+		return client.complete(args.params, requestTimeout ? { timeout: requestTimeout } : void 0);
 	});
 };
@@ -15045,13 +15045,39 @@ const cleanupServer = async (server, onClose) => {
 		console.error("[mcp-proxy] error closing server", error);
 	}
 };
-const handleStreamRequest = async ({ activeTransports, createServer, enableJsonResponse, endpoint, eventStore, onClose, onConnect, req, res, stateless }) => {
+const handleStreamRequest = async ({ activeTransports, authenticate, createServer, enableJsonResponse, endpoint, eventStore, onClose, onConnect, req, res, stateless }) => {
 	if (req.method === "POST" && new URL(req.url, "http://localhost").pathname === endpoint) {
 		try {
 			const sessionId = Array.isArray(req.headers["mcp-session-id"]) ? req.headers["mcp-session-id"][0] : req.headers["mcp-session-id"];
 			let transport;
 			let server;
 			const body = await getBody(req);
+			if (stateless && authenticate) try {
+				if (!await authenticate(req)) {
+					res.setHeader("Content-Type", "application/json");
+					res.writeHead(401).end(JSON.stringify({
+						error: {
+							code: -32e3,
+							message: "Unauthorized: Authentication failed"
+						},
+						id: body?.id ?? null,
+						jsonrpc: "2.0"
+					}));
+					return true;
+				}
+			} catch (error) {
+				console.error("Authentication error:", error);
+				res.setHeader("Content-Type", "application/json");
+				res.writeHead(401).end(JSON.stringify({
+					error: {
+						code: -32e3,
+						message: "Unauthorized: Authentication error"
+					},
+					id: body?.id ?? null,
+					jsonrpc: "2.0"
+				}));
+				return true;
+			}
 			if (sessionId) {
 				const activeTransport = activeTransports[sessionId];
 				if (!activeTransport) {
@@ -15220,7 +15246,7 @@ const handleSSERequest = async ({ activeTransports, createServer, endpoint, onCl
 	}
 	return false;
 };
-const startHTTPServer = async ({ apiKey, createServer, enableJsonResponse, eventStore, host = "::", onClose, onConnect, onUnhandledRequest, port, sseEndpoint = "/sse", stateless, streamEndpoint = "/mcp" }) => {
+const startHTTPServer = async ({ apiKey, authenticate, createServer, enableJsonResponse, eventStore, host = "::", onClose, onConnect, onUnhandledRequest, port, sseEndpoint = "/sse", stateless, streamEndpoint = "/mcp" }) => {
 	const activeSSETransports = {};
 	const activeStreamTransports = {};
 	const authMiddleware = new AuthenticationMiddleware({ apiKey });
@@ -15233,8 +15259,8 @@ const startHTTPServer = async ({ apiKey, createServer, enableJsonResponse, event
 			res.setHeader("Access-Control-Allow-Origin", origin.origin);
 			res.setHeader("Access-Control-Allow-Credentials", "true");
 			res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
-			res.setHeader("Access-Control-Allow-Headers", "*");
-			res.setHeader("Access-Control-Expose-Headers", "mcp-session-id");
+			res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, Accept, Mcp-Session-Id, Last-Event-Id");
+			res.setHeader("Access-Control-Expose-Headers", "Mcp-Session-Id");
 		} catch (error) {
 			console.error("[mcp-proxy] error parsing origin", error);
 		}
@@ -15264,6 +15290,7 @@ const startHTTPServer = async ({ apiKey, createServer, enableJsonResponse, event
 		})) return;
 		if (streamEndpoint && await handleStreamRequest({
 			activeTransports: activeStreamTransports,
+			authenticate,
 			createServer,
 			enableJsonResponse,
 			endpoint: streamEndpoint,
@@ -21483,4 +21510,4 @@ function serializeMessage(message) {
 //#endregion
 export { Client, InMemoryEventStore, JSONRPCMessageSchema, LATEST_PROTOCOL_VERSION, NEVER, ReadBuffer, Server, ZodIssueCode, __commonJS, __toESM, anyType, arrayType, booleanType, isInitializedNotification, isJSONRPCRequest, isJSONRPCResponse, numberType, objectType, proxyServer, serializeMessage, startHTTPServer, stringType };
-//# sourceMappingURL=stdio-D0Lv8ytu.js.map
+//# sourceMappingURL=stdio-so1-I7Pn.js.map