mcp-remote 0.0.13 → 0.0.15

package/dist/{chunk-UL4C5N2N.js → chunk-R4LSJHXI.js}

@@ -1,5 +1,11 @@
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __commonJS = (cb, mod) => function __require() {
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+var __commonJS = (cb, mod) => function __require2() {
   return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
 
@@ -8,7 +14,7 @@ var require_package = __commonJS({
   "package.json"(exports, module) {
     module.exports = {
       name: "mcp-remote",
-      version: "0.0.13",
+      version: "0.0.14",
       description: "Remote proxy for Model Context Protocol, allowing local-only clients to connect to remote servers using oAuth",
       keywords: [
         "mcp",
@@ -18,7 +24,7 @@ var require_package = __commonJS({
         "oauth"
       ],
       author: "Glen Maddern <glen@cloudflare.com>",
-      repository: "https://github.com/geelen/remote-mcp",
+      repository: "https://github.com/geelen/mcp-remote",
       type: "module",
       files: [
         "dist",
@@ -74,6 +80,8 @@ import { UnauthorizedError } from "@modelcontextprotocol/sdk/client/auth.js";
 import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
 import express from "express";
 import net from "net";
+import crypto from "crypto";
+var MCP_REMOTE_VERSION = require_package().version;
 var pid = process.pid;
 function log(str, ...rest) {
   console.error(`[${pid}] ${str}`, ...rest);
@@ -112,7 +120,7 @@ function mcpProxy({ transportToClient, transportToServer }) {
     log("Error from remote server:", error);
   }
 }
-async function connectToRemoteServer(serverUrl, authProvider, waitForAuthCode) {
+async function connectToRemoteServer(serverUrl, authProvider, waitForAuthCode, skipBrowserAuth = false) {
   log(`[${pid}] Connecting to remote server: ${serverUrl}`);
   const url = new URL(serverUrl);
   const transport = new SSEClientTransport(url, { authProvider });
@@ -122,7 +130,11 @@ async function connectToRemoteServer(serverUrl, authProvider, waitForAuthCode) {
     return transport;
   } catch (error) {
     if (error instanceof UnauthorizedError || error instanceof Error && error.message.includes("Unauthorized")) {
-      log("Authentication required. Waiting for authorization...");
+      if (skipBrowserAuth) {
+        log("Authentication required but skipping browser auth - using shared auth");
+      } else {
+        log("Authentication required. Waiting for authorization...");
+      }
       const code = await waitForAuthCode();
       try {
         log("Completing authorization...");
@@ -141,9 +153,42 @@ async function connectToRemoteServer(serverUrl, authProvider, waitForAuthCode) {
     }
   }
 }
-function setupOAuthCallbackServer(options) {
+function setupOAuthCallbackServerWithLongPoll(options) {
   let authCode = null;
   const app = express();
+  let authCompletedResolve;
+  const authCompletedPromise = new Promise((resolve) => {
+    authCompletedResolve = resolve;
+  });
+  app.get("/wait-for-auth", (req, res) => {
+    if (authCode) {
+      log("Auth already completed, returning 200");
+      res.status(200).send("Authentication completed");
+      return;
+    }
+    if (req.query.poll === "false") {
+      log("Client requested no long poll, responding with 202");
+      res.status(202).send("Authentication in progress");
+      return;
+    }
+    const longPollTimeout = setTimeout(() => {
+      log("Long poll timeout reached, responding with 202");
+      res.status(202).send("Authentication in progress");
+    }, 3e4);
+    authCompletedPromise.then(() => {
+      clearTimeout(longPollTimeout);
+      if (!res.headersSent) {
+        log("Auth completed during long poll, responding with 200");
+        res.status(200).send("Authentication completed");
+      }
+    }).catch(() => {
+      clearTimeout(longPollTimeout);
+      if (!res.headersSent) {
+        log("Auth failed during long poll, responding with 500");
+        res.status(500).send("Authentication failed");
+      }
+    });
+  });
   app.get(options.path, (req, res) => {
     const code = req.query.code;
     if (!code) {
@@ -151,6 +196,8 @@ function setupOAuthCallbackServer(options) {
       return;
     }
     authCode = code;
+    log("Auth code received, resolving promise");
+    authCompletedResolve(code);
     res.send("Authorization successful! You may close this window and return to the CLI.");
     options.events.emit("auth-code-received", code);
   });
@@ -168,7 +215,7 @@ function setupOAuthCallbackServer(options) {
       });
     });
   };
-  return { server, authCode, waitForAuthCode };
+  return { server, authCode, waitForAuthCode, authCompletedPromise };
 }
 async function findAvailablePort(preferredPort) {
   return new Promise((resolve, reject) => {
@@ -226,7 +273,9 @@ function setupSignalHandlers(cleanup) {
   });
   process.stdin.resume();
 }
-var MCP_REMOTE_VERSION = require_package().version;
+function getServerUrlHash(serverUrl) {
+  return crypto.createHash("md5").update(serverUrl).digest("hex");
+}
 
 // src/lib/node-oauth-client-provider.ts
 import open from "open";
@@ -236,11 +285,37 @@ import {
 } from "@modelcontextprotocol/sdk/shared/auth.js";
 
 // src/lib/mcp-auth-config.ts
-import crypto from "crypto";
 import path from "path";
 import os from "os";
 import fs from "fs/promises";
-var knownConfigFiles = ["client_info.json", "tokens.json", "code_verifier.txt"];
+var knownConfigFiles = ["client_info.json", "tokens.json", "code_verifier.txt", "lock.json"];
+async function createLockfile(serverUrlHash, pid2, port) {
+  const lockData = {
+    pid: pid2,
+    port,
+    timestamp: Date.now()
+  };
+  await writeJsonFile(serverUrlHash, "lock.json", lockData);
+}
+async function checkLockfile(serverUrlHash) {
+  try {
+    const lockfile = await readJsonFile(serverUrlHash, "lock.json", {
+      async parseAsync(data) {
+        if (typeof data !== "object" || data === null) return null;
+        if (typeof data.pid !== "number" || typeof data.port !== "number" || typeof data.timestamp !== "number") {
+          return null;
+        }
+        return data;
+      }
+    });
+    return lockfile || null;
+  } catch {
+    return null;
+  }
+}
+async function deleteLockfile(serverUrlHash) {
+  await deleteConfigFile(serverUrlHash, "lock.json");
+}
 async function cleanServerConfig(serverUrlHash) {
   log(`Cleaning configuration files for server: ${serverUrlHash}`);
   for (const filename of knownConfigFiles) {
@@ -260,9 +335,6 @@ async function ensureConfigDir() {
     throw error;
   }
 }
-function getServerUrlHash(serverUrl) {
-  return crypto.createHash("md5").update(serverUrl).digest("hex");
-}
 function getConfigFilePath(serverUrlHash, filename) {
   const configDir = getConfigDir();
   return path.join(configDir, `${serverUrlHash}_${filename}`);
@@ -286,11 +358,13 @@ async function readJsonFile(serverUrlHash, filename, schema, clean = false) {
     }
     const filePath = getConfigFilePath(serverUrlHash, filename);
     const content = await fs.readFile(filePath, "utf-8");
-    return await schema.parseAsync(JSON.parse(content));
+    const result = await schema.parseAsync(JSON.parse(content));
+    return result;
   } catch (error) {
     if (error.code === "ENOENT") {
       return void 0;
     }
+    log(`Error reading ${filename}:`, error);
     return void 0;
   }
 }
@@ -423,13 +497,134 @@ ${authorizationUrl.toString()}
   }
 };
 
+// src/lib/coordination.ts
+import express2 from "express";
+async function isPidRunning(pid2) {
+  try {
+    process.kill(pid2, 0);
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function isLockValid(lockData) {
+  const MAX_LOCK_AGE = 30 * 60 * 1e3;
+  if (Date.now() - lockData.timestamp > MAX_LOCK_AGE) {
+    log("Lockfile is too old");
+    return false;
+  }
+  if (!await isPidRunning(lockData.pid)) {
+    log("Process from lockfile is not running");
+    return false;
+  }
+  try {
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), 1e3);
+    const response = await fetch(`http://127.0.0.1:${lockData.port}/wait-for-auth?poll=false`, {
+      signal: controller.signal
+    });
+    clearTimeout(timeout);
+    return response.status === 200 || response.status === 202;
+  } catch (error) {
+    log(`Error connecting to auth server: ${error.message}`);
+    return false;
+  }
+}
+async function waitForAuthentication(port) {
+  log(`Waiting for authentication from the server on port ${port}...`);
+  try {
+    while (true) {
+      const url = `http://127.0.0.1:${port}/wait-for-auth`;
+      log(`Querying: ${url}`);
+      const response = await fetch(url);
+      if (response.status === 200) {
+        log(`Authentication completed by other instance`);
+        return true;
+      } else if (response.status === 202) {
+        log(`Authentication still in progress`);
+        await new Promise((resolve) => setTimeout(resolve, 1e3));
+      } else {
+        log(`Unexpected response status: ${response.status}`);
+        return false;
+      }
+    }
+  } catch (error) {
+    log(`Error waiting for authentication: ${error.message}`);
+    return false;
+  }
+}
+async function coordinateAuth(serverUrlHash, callbackPort, events) {
+  const lockData = await checkLockfile(serverUrlHash);
+  if (lockData && await isLockValid(lockData)) {
+    log(`Another instance is handling authentication on port ${lockData.port}`);
+    try {
+      const authCompleted = await waitForAuthentication(lockData.port);
+      if (authCompleted) {
+        log("Authentication completed by another instance");
+        const dummyServer = express2().listen(0);
+        const dummyWaitForAuthCode = () => {
+          log("WARNING: waitForAuthCode called in secondary instance - this is unexpected");
+          return new Promise(() => {
+          });
+        };
+        return {
+          server: dummyServer,
+          waitForAuthCode: dummyWaitForAuthCode,
+          skipBrowserAuth: true
+        };
+      } else {
+        log("Taking over authentication process...");
+      }
+    } catch (error) {
+      log(`Error waiting for authentication: ${error}`);
+    }
+    await deleteLockfile(serverUrlHash);
+  } else if (lockData) {
+    log("Found invalid lockfile, deleting it");
+    await deleteLockfile(serverUrlHash);
+  }
+  const { server, waitForAuthCode, authCompletedPromise } = setupOAuthCallbackServerWithLongPoll({
+    port: callbackPort,
+    path: "/oauth/callback",
+    events
+  });
+  const address = server.address();
+  const actualPort = address.port;
+  log(`Creating lockfile for server ${serverUrlHash} with process ${process.pid} on port ${actualPort}`);
+  await createLockfile(serverUrlHash, process.pid, actualPort);
+  const cleanupHandler = async () => {
+    try {
+      log(`Cleaning up lockfile for server ${serverUrlHash}`);
+      await deleteLockfile(serverUrlHash);
+    } catch (error) {
+      log(`Error cleaning up lockfile: ${error}`);
+    }
+  };
+  process.once("exit", () => {
+    try {
+      const configPath = getConfigFilePath(serverUrlHash, "lock.json");
+      __require("fs").unlinkSync(configPath);
+    } catch {
+    }
+  });
+  process.once("SIGINT", async () => {
+    await cleanupHandler();
+  });
+  return {
+    server,
+    waitForAuthCode,
+    skipBrowserAuth: false
+  };
+}
+
 export {
+  MCP_REMOTE_VERSION,
   log,
   mcpProxy,
   connectToRemoteServer,
-  setupOAuthCallbackServer,
   parseCommandLineArgs,
   setupSignalHandlers,
-  MCP_REMOTE_VERSION,
-  NodeOAuthClientProvider
+  getServerUrlHash,
+  NodeOAuthClientProvider,
+  coordinateAuth
 };

package/dist/client.js

@@ -2,10 +2,12 @@
 import {
   MCP_REMOTE_VERSION,
   NodeOAuthClientProvider,
+  coordinateAuth,
+  getServerUrlHash,
+  log,
   parseCommandLineArgs,
-  setupOAuthCallbackServer,
   setupSignalHandlers
-} from "./chunk-UL4C5N2N.js";
+} from "./chunk-R4LSJHXI.js";
 
 // src/client.ts
 import { EventEmitter } from "events";
@@ -15,12 +17,18 @@ import { ListResourcesResultSchema, ListToolsResultSchema } from "@modelcontextp
 import { UnauthorizedError } from "@modelcontextprotocol/sdk/client/auth.js";
 async function runClient(serverUrl, callbackPort, clean = false) {
   const events = new EventEmitter();
+  const serverUrlHash = getServerUrlHash(serverUrl);
+  const { server, waitForAuthCode, skipBrowserAuth } = await coordinateAuth(serverUrlHash, callbackPort, events);
   const authProvider = new NodeOAuthClientProvider({
     serverUrl,
     callbackPort,
     clientName: "MCP CLI Client",
     clean
   });
+  if (skipBrowserAuth) {
+    log("Authentication was completed by another instance - will use tokens from disk...");
+    await new Promise((res) => setTimeout(res, 1e3));
+  }
   const client = new Client(
     {
       name: "mcp-remote",
@@ -34,76 +42,71 @@ async function runClient(serverUrl, callbackPort, clean = false) {
   function initTransport() {
     const transport2 = new SSEClientTransport(url, { authProvider });
     transport2.onmessage = (message) => {
-      console.log("Received message:", JSON.stringify(message, null, 2));
+      log("Received message:", JSON.stringify(message, null, 2));
     };
     transport2.onerror = (error) => {
-      console.error("Transport error:", error);
+      log("Transport error:", error);
     };
     transport2.onclose = () => {
-      console.log("Connection closed.");
+      log("Connection closed.");
       process.exit(0);
     };
     return transport2;
   }
   const transport = initTransport();
-  const { server, waitForAuthCode } = setupOAuthCallbackServer({
-    port: callbackPort,
-    path: "/oauth/callback",
-    events
-  });
   const cleanup = async () => {
-    console.log("\nClosing connection...");
+    log("\nClosing connection...");
     await client.close();
     server.close();
   };
   setupSignalHandlers(cleanup);
   try {
-    console.log("Connecting to server...");
+    log("Connecting to server...");
     await client.connect(transport);
-    console.log("Connected successfully!");
+    log("Connected successfully!");
   } catch (error) {
     if (error instanceof UnauthorizedError || error instanceof Error && error.message.includes("Unauthorized")) {
-      console.log("Authentication required. Waiting for authorization...");
+      log("Authentication required. Waiting for authorization...");
       const code = await waitForAuthCode();
       try {
-        console.log("Completing authorization...");
+        log("Completing authorization...");
         await transport.finishAuth(code);
-        console.log("Connecting after authorization...");
+        log("Connecting after authorization...");
         await client.connect(initTransport());
-        console.log("Connected successfully!");
-        console.log("Requesting tools list...");
+        log("Connected successfully!");
+        log("Requesting tools list...");
         const tools = await client.request({ method: "tools/list" }, ListToolsResultSchema);
-        console.log("Tools:", JSON.stringify(tools, null, 2));
-        console.log("Requesting resource list...");
+        log("Tools:", JSON.stringify(tools, null, 2));
+        log("Requesting resource list...");
         const resources = await client.request({ method: "resources/list" }, ListResourcesResultSchema);
-        console.log("Resources:", JSON.stringify(resources, null, 2));
-        console.log("Listening for messages. Press Ctrl+C to exit.");
+        log("Resources:", JSON.stringify(resources, null, 2));
+        log("Listening for messages. Press Ctrl+C to exit.");
       } catch (authError) {
-        console.error("Authorization error:", authError);
+        log("Authorization error:", authError);
         server.close();
         process.exit(1);
       }
     } else {
-      console.error("Connection error:", error);
+      log("Connection error:", error);
       server.close();
       process.exit(1);
     }
   }
   try {
-    console.log("Requesting tools list...");
+    log("Requesting tools list...");
     const tools = await client.request({ method: "tools/list" }, ListToolsResultSchema);
-    console.log("Tools:", JSON.stringify(tools, null, 2));
+    log("Tools:", JSON.stringify(tools, null, 2));
   } catch (e) {
-    console.log("Error requesting tools list:", e);
+    log("Error requesting tools list:", e);
   }
   try {
-    console.log("Requesting resource list...");
+    log("Requesting resource list...");
     const resources = await client.request({ method: "resources/list" }, ListResourcesResultSchema);
-    console.log("Resources:", JSON.stringify(resources, null, 2));
+    log("Resources:", JSON.stringify(resources, null, 2));
   } catch (e) {
-    console.log("Error requesting resources list:", e);
+    log("Error requesting resources list:", e);
   }
-  console.log("Listening for messages. Press Ctrl+C to exit.");
+  log("Listening for messages. Press Ctrl+C to exit.");
 }
 parseCommandLineArgs(process.argv.slice(2), 3333, "Usage: npx tsx client.ts [--clean] <https://server-url> [callback-port]").then(({ serverUrl, callbackPort, clean }) => {
   return runClient(serverUrl, callbackPort, clean);

package/dist/proxy.js

@@ -2,32 +2,34 @@
 import {
   NodeOAuthClientProvider,
   connectToRemoteServer,
+  coordinateAuth,
+  getServerUrlHash,
   log,
   mcpProxy,
   parseCommandLineArgs,
-  setupOAuthCallbackServer,
   setupSignalHandlers
-} from "./chunk-UL4C5N2N.js";
+} from "./chunk-R4LSJHXI.js";
 
 // src/proxy.ts
 import { EventEmitter } from "events";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 async function runProxy(serverUrl, callbackPort, clean = false) {
   const events = new EventEmitter();
+  const serverUrlHash = getServerUrlHash(serverUrl);
+  const { server, waitForAuthCode, skipBrowserAuth } = await coordinateAuth(serverUrlHash, callbackPort, events);
   const authProvider = new NodeOAuthClientProvider({
     serverUrl,
     callbackPort,
     clientName: "MCP CLI Proxy",
     clean
   });
+  if (skipBrowserAuth) {
+    log("Authentication was completed by another instance - will use tokens from disk");
+    await new Promise((res) => setTimeout(res, 1e3));
+  }
   const localTransport = new StdioServerTransport();
-  const { server, waitForAuthCode } = setupOAuthCallbackServer({
-    port: callbackPort,
-    path: "/oauth/callback",
-    events
-  });
   try {
-    const remoteTransport = await connectToRemoteServer(serverUrl, authProvider, waitForAuthCode);
+    const remoteTransport = await connectToRemoteServer(serverUrl, authProvider, waitForAuthCode, skipBrowserAuth);
     mcpProxy({
       transportToClient: localTransport,
       transportToServer: remoteTransport

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mcp-remote",
-  "version": "0.0.13",
+  "version": "0.0.15",
   "description": "Remote proxy for Model Context Protocol, allowing local-only clients to connect to remote servers using oAuth",
   "keywords": [
     "mcp",
@@ -10,7 +10,7 @@
     "oauth"
   ],
   "author": "Glen Maddern <glen@cloudflare.com>",
-  "repository": "https://github.com/geelen/remote-mcp",
+  "repository": "https://github.com/geelen/mcp-remote",
   "type": "module",
   "files": [
     "dist",