modality-mcp-kit 1.5.1 → 1.6.0

package/dist/types/index.d.ts

@@ -3,4 +3,4 @@ export { setupAITools, ModalityFastMCP } from "./util_mcp_tools_converter";
 export type { AITools, AITool, FastMCPTool, } from "./schemas/schemas_tool_config";
 export type { FastMCPCompatible, BasePrompt, } from "./util_mcp_tools_converter";
 export { FastHonoMcp } from "./FastHonoMcp";
-export { mcpProxyHandler, mcpProxyListHandler, mcpProxyCacheHandler, type McpProxyConfig, } from "./util_mcp_proxy";
+export { mcpProxyHandler, mcpProxyListHandler, mcpProxyCacheHandler, type McpProxyConfig, type OAuthAllowAccessFn, } from "./util_mcp_proxy";

package/dist/types/util_mcp_proxy.d.ts

@@ -12,12 +12,16 @@ interface MCPServerConfig {
     description?: string;
 }
 export type McpProxyConfig = Record<string, MCPServerConfig>;
+export type OAuthAllowAccessFn = (serverUrl: string, mcpName: string) => Promise<{
+    status: string;
+    message?: string;
+}>;
 /**
  * Hono handler for MCP proxy
  * @param c - Hono context with mcpName param
  * @returns Response proxied from MCP server
  */
-export declare const mcpProxyHandler: (MCP_SERVERS: McpProxyConfig) => (c: any) => Promise<any>;
+export declare const mcpProxyHandler: (MCP_SERVERS: McpProxyConfig, oauthAllowAccess?: OAuthAllowAccessFn) => (c: any) => Promise<any>;
 /**
  * Hono handler for listing available MCP servers
  * @param c - Hono context

package/dist/util_mcp_proxy.js

@@ -8,6 +8,10 @@
  * Example: /proxy/figma → http://127.0.0.1:3845/mcp
  */
 import { SimpleCache } from "modality-kit";
+import { createHash } from "node:crypto";
+import { readFileSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
 // ============================================
 // CACHE CONFIGURATION
 // ============================================
@@ -195,14 +199,39 @@ function getAnyCacheForMethod(cache, method) {
     }
 }
 // ============================================
-// HONO HANDLERS
+// OAUTH TOKEN HELPERS
 // ============================================
+function getOAuthCachePath(serverUrl) {
+    const key = createHash("sha1").update(serverUrl).digest("hex").slice(0, 12);
+    return join(homedir(), ".cache", "counter", `${key}.json`);
+}
+function getStoredOAuthToken(serverUrl) {
+    try {
+        const data = JSON.parse(readFileSync(getOAuthCachePath(serverUrl), "utf8"));
+        return data.tokens?.access_token ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+function clearStoredOAuthTokens(serverUrl) {
+    const cachePath = getOAuthCachePath(serverUrl);
+    try {
+        const data = JSON.parse(readFileSync(cachePath, "utf8"));
+        delete data.tokens;
+        writeFileSync(cachePath, JSON.stringify(data, null, 2));
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
 /**
  * Hono handler for MCP proxy
  * @param c - Hono context with mcpName param
  * @returns Response proxied from MCP server
  */
-export const mcpProxyHandler = (MCP_SERVERS) => async (c) => {
+export const mcpProxyHandler = (MCP_SERVERS, oauthAllowAccess) => async (c) => {
     const mcpName = c.req.param("mcpName");
     if (!mcpName) {
         return c.json({
@@ -210,6 +239,38 @@ export const mcpProxyHandler = (MCP_SERVERS) => async (c) => {
             availableServers: Object.keys(MCP_SERVERS),
         }, 400);
     }
+    // Handle /_allow sub-route (OAuth access flow)
+    if (c.req.path.endsWith("/_allow")) {
+        const serverConfig = MCP_SERVERS[mcpName];
+        if (!serverConfig) {
+            return c.json({ error: "MCP server not found", availableServers: Object.keys(MCP_SERVERS) }, 404);
+        }
+        if (!oauthAllowAccess) {
+            return c.json({ error: "OAuth not configured for this proxy" }, 501);
+        }
+        try {
+            const result = await oauthAllowAccess(serverConfig.url, mcpName);
+            return c.json(result);
+        }
+        catch (err) {
+            return c.json({ error: "OAuth failed", message: err.message }, 500);
+        }
+    }
+    // Handle /_clear-auth sub-route
+    if (c.req.path.endsWith("/_clear-auth")) {
+        const serverConfig = MCP_SERVERS[mcpName];
+        if (!serverConfig) {
+            return c.json({ error: "MCP server not found", availableServers: Object.keys(MCP_SERVERS) }, 404);
+        }
+        const cleared = clearStoredOAuthTokens(serverConfig.url);
+        return c.json({
+            status: cleared ? "cleared" : "no_cache",
+            mcpName,
+            message: cleared
+                ? "OAuth tokens cleared"
+                : "No cached OAuth state found",
+        });
+    }
     // Handle /_cache sub-routes (matched via app.use prefix routing)
     const cachePathMatch = c.req.path.match(/\/_cache(?:\/(.+))?$/);
     if (cachePathMatch) {
@@ -272,10 +333,18 @@ export const mcpProxyHandler = (MCP_SERVERS) => async (c) => {
                     upstreamHeaders[header] = value;
                 }
             }
+            // Auto-inject stored OAuth token if no Authorization header present
+            if (!upstreamHeaders.authorization) {
+                const storedToken = getStoredOAuthToken(serverConfig.url);
+                if (storedToken) {
+                    upstreamHeaders.authorization = `Bearer ${storedToken}`;
+                }
+            }
             try {
                 const upstreamResponse = await fetch(serverConfig.url, {
                     method: "GET",
                     headers: upstreamHeaders,
+                    signal: c.req.raw.signal,
                 });
                 // Forward response headers
                 const responseHeaders = new Headers();
@@ -308,11 +377,22 @@ export const mcpProxyHandler = (MCP_SERVERS) => async (c) => {
         }
         // Regular GET - return server info
         const cache = getServerCache(mcpName);
+        const basePath = `/proxy/${mcpName}`;
         return c.json({
             mcpName,
-            ...serverConfig,
-            cacheKeys: cache.keys(),
-            cacheSize: cache.keys().length,
+            upstream: serverConfig.url,
+            description: serverConfig.description,
+            endpoints: {
+                sse: `${basePath} (GET, Accept: text/event-stream)`,
+                rpc: `${basePath} (POST)`,
+                allow: `${basePath}/_allow`,
+                clearAuth: `${basePath}/_clear-auth`,
+                cache: `${basePath}/_cache`,
+            },
+            cache: {
+                keys: cache.keys(),
+                size: cache.keys().length,
+            },
         });
     }
     // POST request - proxy to MCP server with streaming support
@@ -384,6 +464,14 @@ export const mcpProxyHandler = (MCP_SERVERS) => async (c) => {
                     console.log(`[MCP-PROXY] Forwarding header: ${header}=${value.substring(0, 50)}`);
                 }
             }
+            // Auto-inject stored OAuth token if no Authorization header present
+            if (!upstreamHeaders.authorization) {
+                const storedToken = getStoredOAuthToken(serverConfig.url);
+                if (storedToken) {
+                    upstreamHeaders.authorization = `Bearer ${storedToken}`;
+                    console.log(`[MCP-PROXY] Using stored OAuth token for ${mcpName}`);
+                }
+            }
             console.log(`[MCP-PROXY] Upstream headers:`, Object.keys(upstreamHeaders));
             const upstreamResponse = await fetch(serverConfig.url, {
                 method: "POST",

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "1.5.1",
+  "version": "1.6.0",
   "name": "modality-mcp-kit",
   "repository": {
     "type": "git",