omnikey-cli 1.0.39 → 1.0.40

package/backend-dist/mcpServerRoutes.js

@@ -0,0 +1,222 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.mcpServerRouter = mcpServerRouter;
+const express_1 = __importDefault(require("express"));
+const zod_1 = __importDefault(require("zod"));
+const authMiddleware_1 = require("./authMiddleware");
+const mcpServer_1 = require("./models/mcpServer");
+const mcpPromptCache_1 = require("./agent/mcpPromptCache");
+const mcpRuntime_1 = require("./agent/mcpRuntime");
+const transportEnum = zod_1.default.enum(['stdio', 'http', 'sse']);
+const urlSchema = zod_1.default
+    .string()
+    .max(1000)
+    .url({ message: 'url must be a valid URL.' })
+    .refine((v) => /^https?:\/\//i.test(v), {
+    message: 'url must use http:// or https:// scheme.',
+});
+const baseSchema = zod_1.default.object({
+    name: zod_1.default.string().min(1).max(100),
+    description: zod_1.default.string().max(500).nullable().optional(),
+    transport: transportEnum.optional(),
+    command: zod_1.default.string().max(500).nullable().optional(),
+    args: zod_1.default.array(zod_1.default.string()).optional(),
+    env: zod_1.default.record(zod_1.default.string(), zod_1.default.string()).optional(),
+    url: urlSchema.nullable().optional(),
+    headers: zod_1.default.record(zod_1.default.string(), zod_1.default.string()).optional(),
+    isEnabled: zod_1.default.boolean().optional(),
+});
+function validateTransportFields(transport, command, url) {
+    if (transport === 'stdio') {
+        if (!command || !command.trim())
+            return 'command is required when transport is "stdio".';
+    }
+    else {
+        if (!url || !url.trim())
+            return `url is required when transport is "${transport}".`;
+    }
+    return null;
+}
+// NOTE: `env` and `headers` may contain secrets (API tokens, credentials, etc.). They are
+// stored at rest in the application database and should be treated as sensitive. List
+// responses redact secret values by default to reduce accidental disclosure; single-record
+// reads return full values so that edit UIs can round-trip the configuration.
+const REDACTED = '***';
+function redactDict(dict) {
+    if (!dict)
+        return {};
+    const out = {};
+    for (const key of Object.keys(dict)) {
+        out[key] = REDACTED;
+    }
+    return out;
+}
+function formatServer(server, options = {}) {
+    const redact = options.redactSecrets === true;
+    return {
+        id: server.id,
+        name: server.name,
+        description: server.description,
+        transport: server.transport,
+        command: server.command,
+        args: server.args,
+        env: redact ? redactDict(server.env) : server.env,
+        url: server.url,
+        headers: redact ? redactDict(server.headers) : server.headers,
+        isEnabled: server.isEnabled,
+        lastConnectedAt: server.lastConnectedAt,
+        lastError: server.lastError,
+        createdAt: server.createdAt,
+        updatedAt: server.updatedAt,
+    };
+}
+function mcpServerRouter() {
+    const router = express_1.default.Router();
+    router.get('/', authMiddleware_1.authMiddleware, async (_req, res) => {
+        const { logger, subscription } = res.locals;
+        try {
+            const servers = await mcpServer_1.MCPServer.findAll({
+                where: { subscriptionId: subscription.id },
+                order: [['name', 'ASC']],
+            });
+            res.json({ servers: servers.map((s) => formatServer(s, { redactSecrets: true })) });
+        }
+        catch (err) {
+            logger.error('Error retrieving MCP servers.', { error: err });
+            res.status(500).json({ error: 'Failed to retrieve MCP servers.' });
+        }
+    });
+    router.post('/', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        try {
+            const parsed = baseSchema.parse(req.body);
+            const transport = parsed.transport ?? 'stdio';
+            const command = parsed.command ?? null;
+            const url = parsed.url ?? null;
+            const validationError = validateTransportFields(transport, command, url);
+            if (validationError) {
+                return res.status(400).json({ error: validationError });
+            }
+            const server = await mcpServer_1.MCPServer.create({
+                subscriptionId: subscription.id,
+                name: parsed.name.trim(),
+                description: parsed.description ?? null,
+                transport,
+                command,
+                args: parsed.args ?? [],
+                env: parsed.env ?? {},
+                url,
+                headers: parsed.headers ?? {},
+                isEnabled: parsed.isEnabled ?? true,
+            });
+            (0, mcpPromptCache_1.invalidatePromptMcps)(subscription.id);
+            void (0, mcpRuntime_1.invalidateMcpRuntimeForServer)(server.id);
+            res.status(201).json(formatServer(server));
+        }
+        catch (err) {
+            logger.error('Error creating MCP server.', { error: err });
+            if (err instanceof zod_1.default.ZodError) {
+                return res.status(400).json({ error: 'Invalid MCP server data.' });
+            }
+            if (err?.name === 'SequelizeUniqueConstraintError') {
+                return res.status(409).json({ error: 'An MCP server with that name already exists.' });
+            }
+            res.status(500).json({ error: 'Failed to create MCP server.' });
+        }
+    });
+    router.get('/:id', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        const { id } = req.params;
+        try {
+            const server = await mcpServer_1.MCPServer.findOne({
+                where: { id, subscriptionId: subscription.id },
+            });
+            if (!server) {
+                return res.status(404).json({ error: 'MCP server not found.' });
+            }
+            res.json(formatServer(server));
+        }
+        catch (err) {
+            logger.error('Error retrieving MCP server.', { error: err });
+            res.status(500).json({ error: 'Failed to retrieve MCP server.' });
+        }
+    });
+    router.patch('/:id', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        const { id } = req.params;
+        try {
+            const parsed = baseSchema.partial().parse(req.body);
+            const server = await mcpServer_1.MCPServer.findOne({
+                where: { id, subscriptionId: subscription.id },
+            });
+            if (!server) {
+                return res.status(404).json({ error: 'MCP server not found.' });
+            }
+            const transport = parsed.transport ?? server.transport;
+            const transportChanged = parsed.transport !== undefined && parsed.transport !== server.transport;
+            // When transport changes, clear fields incompatible with the new transport so
+            // stale credentials/config never persist across a transport switch.
+            const command = transportChanged
+                ? (transport === 'stdio' ? (parsed.command !== undefined ? parsed.command : server.command) : null)
+                : (parsed.command !== undefined ? parsed.command : server.command);
+            const url = transportChanged
+                ? (transport !== 'stdio' ? (parsed.url !== undefined ? parsed.url : server.url) : null)
+                : (parsed.url !== undefined ? parsed.url : server.url);
+            const args = transportChanged && transport !== 'stdio' ? [] : (parsed.args ?? server.args);
+            const env = transportChanged && transport !== 'stdio' ? {} : (parsed.env ?? server.env);
+            const headers = transportChanged && transport === 'stdio' ? {} : (parsed.headers ?? server.headers);
+            const validationError = validateTransportFields(transport, command, url);
+            if (validationError) {
+                return res.status(400).json({ error: validationError });
+            }
+            await server.update({
+                name: parsed.name !== undefined ? parsed.name.trim() : server.name,
+                description: parsed.description !== undefined ? parsed.description : server.description,
+                transport,
+                command,
+                args,
+                env,
+                url,
+                headers,
+                isEnabled: parsed.isEnabled ?? server.isEnabled,
+            });
+            (0, mcpPromptCache_1.invalidatePromptMcps)(subscription.id);
+            void (0, mcpRuntime_1.invalidateMcpRuntimeForServer)(server.id);
+            res.json(formatServer(server));
+        }
+        catch (err) {
+            logger.error('Error updating MCP server.', { error: err });
+            if (err instanceof zod_1.default.ZodError) {
+                return res.status(400).json({ error: 'Invalid MCP server data.' });
+            }
+            if (err?.name === 'SequelizeUniqueConstraintError') {
+                return res.status(409).json({ error: 'An MCP server with that name already exists.' });
+            }
+            res.status(500).json({ error: 'Failed to update MCP server.' });
+        }
+    });
+    router.delete('/:id', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        const { id } = req.params;
+        try {
+            const server = await mcpServer_1.MCPServer.findOne({
+                where: { id, subscriptionId: subscription.id },
+            });
+            if (!server) {
+                return res.status(404).json({ error: 'MCP server not found.' });
+            }
+            await server.destroy();
+            (0, mcpPromptCache_1.invalidatePromptMcps)(subscription.id);
+            void (0, mcpRuntime_1.invalidateMcpRuntimeForServer)(server.id);
+            res.status(204).send();
+        }
+        catch (err) {
+            logger.error('Error deleting MCP server.', { error: err });
+            res.status(500).json({ error: 'Failed to delete MCP server.' });
+        }
+    });
+    return router;
+}

package/backend-dist/models/mcpServer.js

@@ -0,0 +1,102 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MCPServer = void 0;
+const sequelize_1 = require("sequelize");
+const cuid_1 = __importDefault(require("cuid"));
+const db_1 = require("../db");
+const subscription_1 = require("./subscription");
+class MCPServer extends sequelize_1.Model {
+}
+exports.MCPServer = MCPServer;
+MCPServer.init({
+    id: {
+        type: sequelize_1.DataTypes.STRING,
+        primaryKey: true,
+        allowNull: false,
+        defaultValue: () => (0, cuid_1.default)(),
+    },
+    subscriptionId: {
+        type: sequelize_1.DataTypes.STRING,
+        allowNull: false,
+        field: 'subscription_id',
+        references: {
+            model: subscription_1.Subscription,
+            key: 'id',
+        },
+        onDelete: 'CASCADE',
+        onUpdate: 'CASCADE',
+    },
+    name: {
+        type: sequelize_1.DataTypes.STRING(100),
+        allowNull: false,
+    },
+    description: {
+        type: sequelize_1.DataTypes.STRING(500),
+        allowNull: true,
+    },
+    transport: {
+        type: sequelize_1.DataTypes.STRING(16),
+        allowNull: false,
+        defaultValue: 'stdio',
+    },
+    command: {
+        type: sequelize_1.DataTypes.STRING(500),
+        allowNull: true,
+    },
+    args: {
+        type: sequelize_1.DataTypes.JSON,
+        allowNull: false,
+        defaultValue: [],
+    },
+    env: {
+        type: sequelize_1.DataTypes.JSON,
+        allowNull: false,
+        defaultValue: {},
+    },
+    url: {
+        type: sequelize_1.DataTypes.STRING(1000),
+        allowNull: true,
+    },
+    headers: {
+        type: sequelize_1.DataTypes.JSON,
+        allowNull: false,
+        defaultValue: {},
+    },
+    isEnabled: {
+        type: sequelize_1.DataTypes.BOOLEAN,
+        allowNull: false,
+        defaultValue: true,
+        field: 'is_enabled',
+    },
+    lastConnectedAt: {
+        type: sequelize_1.DataTypes.DATE,
+        allowNull: true,
+        field: 'last_connected_at',
+    },
+    lastError: {
+        type: sequelize_1.DataTypes.TEXT,
+        allowNull: true,
+        field: 'last_error',
+    },
+}, {
+    sequelize: db_1.sequelize,
+    tableName: 'mcp_servers',
+    modelName: 'MCPServer',
+    indexes: [
+        {
+            unique: true,
+            fields: ['subscription_id', 'name'],
+        },
+    ],
+});
+subscription_1.Subscription.hasMany(MCPServer, {
+    foreignKey: 'subscriptionId',
+    as: 'mcpServers',
+});
+MCPServer.belongsTo(subscription_1.Subscription, {
+    foreignKey: 'subscriptionId',
+    as: 'subscription',
+});

package/dist/index.js

@@ -12,6 +12,7 @@ const showConfig_1 = require("./showConfig");
 const setConfig_1 = require("./setConfig");
 const grantBrowserAccess_1 = require("./grantBrowserAccess");
 const scheduleJob_1 = require("./scheduleJob");
+const mcpServer_1 = require("./mcpServer");
 const program = new commander_1.Command();
 program
     .name('omnikey')
@@ -95,23 +96,62 @@ program
     .action(async () => {
     await (0, grantBrowserAccess_1.reopenBrowserDebugProfile)();
 });
-const scheduleCmd = program
-    .command('schedule')
-    .description('Manage scheduled prompt jobs');
+const scheduleCmd = program.command('schedule').description('Manage scheduled prompt jobs');
 scheduleCmd
     .command('add')
     .description('Add a new scheduled job')
-    .action(async () => { await (0, scheduleJob_1.scheduleAdd)(); });
+    .action(async () => {
+    await (0, scheduleJob_1.scheduleAdd)();
+});
 scheduleCmd
     .command('list')
     .description('List all scheduled jobs')
-    .action(async () => { await (0, scheduleJob_1.scheduleList)(); });
+    .action(async () => {
+    await (0, scheduleJob_1.scheduleList)();
+});
 scheduleCmd
     .command('remove')
     .description('Remove a scheduled job')
-    .action(async () => { await (0, scheduleJob_1.scheduleRemove)(); });
+    .action(async () => {
+    await (0, scheduleJob_1.scheduleRemove)();
+});
 scheduleCmd
     .command('run-now <id>')
     .description('Immediately run a scheduled job by ID')
-    .action(async (id) => { await (0, scheduleJob_1.scheduleRunNow)(id); });
+    .action(async (id) => {
+    await (0, scheduleJob_1.scheduleRunNow)(id);
+});
+const mcpCmd = program
+    .command('mcp')
+    .description('Manage MCP (Model Context Protocol) servers available to the agent');
+mcpCmd
+    .command('add')
+    .description('Install a new MCP server')
+    .action(async () => {
+    await (0, mcpServer_1.mcpAdd)();
+});
+mcpCmd
+    .command('list')
+    .description('List installed MCP servers')
+    .action(async () => {
+    await (0, mcpServer_1.mcpList)();
+});
+mcpCmd
+    .command('remove')
+    .description('Remove an installed MCP server')
+    .action(async () => {
+    await (0, mcpServer_1.mcpRemove)();
+});
+mcpCmd
+    .command('toggle <id>')
+    .description('Toggle an MCP server enabled/disabled by ID')
+    .action(async (id) => {
+    await (0, mcpServer_1.mcpToggle)(id);
+});
+mcpCmd
+    .command('update <id>')
+    .description('Update an existing MCP server by ID')
+    .action(async (id) => {
+    await (0, mcpServer_1.mcpUpdate)(id);
+});
 program.parseAsync(process.argv);