npm - strapi-mcp-server - Versions diffs - 0.1.1 - Mend

strapi-mcp-server 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (89) hide show

package/LICENSE +21 -0
package/README.md +415 -0
package/admin/src/components/PageHeader.tsx +33 -0
package/admin/src/components/Sidebar.tsx +138 -0
package/admin/src/index.tsx +54 -0
package/admin/src/lib/api.ts +27 -0
package/admin/src/lib/applyQuery.ts +152 -0
package/admin/src/pages/App.tsx +126 -0
package/admin/src/pages/AuditLog.tsx +386 -0
package/admin/src/pages/Clients.tsx +465 -0
package/admin/src/pages/EditClient.tsx +248 -0
package/admin/src/pages/HomePage.tsx +378 -0
package/admin/src/pages/NewClient.tsx +244 -0
package/admin/src/pages/Settings.tsx +514 -0
package/admin/src/pages/SsoBridge.tsx +96 -0
package/admin/src/pages/Tools.tsx +68 -0
package/admin/src/pluginId.ts +1 -0
package/admin/src/translations/en.json +8 -0
package/package.json +105 -0
package/server/src/bootstrap.ts +118 -0
package/server/src/config/index.ts +290 -0
package/server/src/content-types/audit-log/index.ts +3 -0
package/server/src/content-types/audit-log/schema.json +32 -0
package/server/src/content-types/index.ts +19 -0
package/server/src/content-types/oauth-auth-code/index.ts +3 -0
package/server/src/content-types/oauth-auth-code/schema.json +31 -0
package/server/src/content-types/oauth-client/index.ts +3 -0
package/server/src/content-types/oauth-client/schema.json +33 -0
package/server/src/content-types/oauth-consent/index.ts +3 -0
package/server/src/content-types/oauth-consent/schema.json +21 -0
package/server/src/content-types/oauth-refresh-token/index.ts +3 -0
package/server/src/content-types/oauth-refresh-token/schema.json +25 -0
package/server/src/content-types/oauth-revocation/index.ts +3 -0
package/server/src/content-types/oauth-revocation/schema.json +18 -0
package/server/src/content-types/oauth-signing-key/index.ts +3 -0
package/server/src/content-types/oauth-signing-key/schema.json +21 -0
package/server/src/controllers/admin/audit.ts +30 -0
package/server/src/controllers/admin/clients.ts +148 -0
package/server/src/controllers/admin/dashboard.ts +28 -0
package/server/src/controllers/admin/index.ts +15 -0
package/server/src/controllers/admin/settings.ts +38 -0
package/server/src/controllers/admin/tools.ts +23 -0
package/server/src/controllers/index.ts +13 -0
package/server/src/controllers/mcp.ts +168 -0
package/server/src/controllers/oauth/authorize.ts +418 -0
package/server/src/controllers/oauth/index.ts +15 -0
package/server/src/controllers/oauth/introspect.ts +45 -0
package/server/src/controllers/oauth/metadata.ts +86 -0
package/server/src/controllers/oauth/mode-guard.ts +22 -0
package/server/src/controllers/oauth/register.ts +109 -0
package/server/src/controllers/oauth/token.ts +206 -0
package/server/src/controllers/proxy.ts +81 -0
package/server/src/destroy.ts +28 -0
package/server/src/index.ts +23 -0
package/server/src/policies/authenticate.ts +81 -0
package/server/src/policies/index.ts +13 -0
package/server/src/policies/origin.ts +50 -0
package/server/src/policies/rateLimit.ts +27 -0
package/server/src/policies/scope.ts +32 -0
package/server/src/register.ts +48 -0
package/server/src/routes/admin.ts +85 -0
package/server/src/routes/index.ts +13 -0
package/server/src/routes/mcp.ts +31 -0
package/server/src/routes/oauth.ts +81 -0
package/server/src/routes/proxy.ts +29 -0
package/server/src/services/audit.ts +158 -0
package/server/src/services/heartbeat.ts +76 -0
package/server/src/services/index.ts +37 -0
package/server/src/services/instance-id.ts +30 -0
package/server/src/services/mcp-server.ts +100 -0
package/server/src/services/oauth/audience.ts +26 -0
package/server/src/services/oauth/auth-codes.ts +78 -0
package/server/src/services/oauth/clients.ts +386 -0
package/server/src/services/oauth/consent.ts +38 -0
package/server/src/services/oauth/errors.ts +32 -0
package/server/src/services/oauth/pkce.ts +34 -0
package/server/src/services/oauth/scopes.ts +42 -0
package/server/src/services/oauth/signing-keys.ts +166 -0
package/server/src/services/oauth/tokens.ts +324 -0
package/server/src/services/permissions.ts +87 -0
package/server/src/services/proxy-client.ts +167 -0
package/server/src/services/rate-limiter.ts +180 -0
package/server/src/services/redis.ts +139 -0
package/server/src/services/session-directory.ts +121 -0
package/server/src/services/session-store.ts +216 -0
package/server/src/services/sso-cookie.ts +146 -0
package/server/src/services/tools/content.ts +284 -0
package/server/src/services/tools/index.ts +23 -0
package/server/src/services/tools/media.ts +170 -0

package/admin/src/pages/Clients.tsx ADDED Viewed

@@ -0,0 +1,465 @@
+import { useEffect, useMemo, useState } from 'react';
+import { useNavigate } from 'react-router-dom';
+import {
+  Box,
+  Button,
+  Dialog,
+  Flex,
+  IconButton,
+  Modal,
+  Typography,
+  Table,
+  Thead,
+  Tbody,
+  Tr,
+  Td,
+  Th,
+} from '@strapi/design-system';
+import { Pencil, Plus, Trash } from '@strapi/icons';
+import { Filters, Pagination, SearchInput, useQueryParams } from '@strapi/strapi/admin';
+import styled from 'styled-components';
+import { useMcpApi } from '../lib/api';
+import { PageHeader } from '../components/PageHeader';
+import { applyMcpQuery, hasActiveQuery, paginate, type McpListQuery } from '../lib/applyQuery';
+const CLIENT_FILTERS = [
+  {
+    name: 'type',
+    label: 'Type',
+    type: 'enumeration' as const,
+    options: [
+      { label: 'Confidential', value: 'confidential' },
+      { label: 'Public', value: 'public' },
+    ],
+  },
+  {
+    name: 'createdAt',
+    label: 'Created',
+    type: 'date' as const,
+  },
+];
+interface AdminUser {
+  id: number;
+  email?: string;
+  firstname?: string;
+  lastname?: string;
+  username?: string;
+}
+interface ClientRow {
+  clientId: string;
+  clientName: string;
+  isConfidential: boolean;
+  redirectUris: string[];
+  scopes: string[];
+  disabled: boolean;
+  lastUsedAt?: string | null;
+  createdAt?: string | null;
+  ownerAdmin?: AdminUser | null;
+  createdByAdmin?: AdminUser | null;
+}
+function formatAdmin(user: AdminUser | null | undefined): string {
+  if (!user) return '—';
+  const name = [user.firstname, user.lastname].filter(Boolean).join(' ').trim();
+  return name || user.email || user.username || `#${user.id}`;
+}
+const ClickableTr = styled(Tr)`
+  cursor: pointer;
+  transition: background-color 100ms ease;
+  &:hover td {
+    background: ${({ theme }) => theme.colors.neutral100};
+  }
+`;
+function formatLastUsed(value: string | null | undefined): string {
+  if (!value) return 'Never';
+  const d = new Date(value);
+  if (Number.isNaN(d.getTime())) return 'Never';
+  return d.toLocaleString();
+}
+function formatCreated(value: string | null | undefined): string {
+  if (!value) return '—';
+  const d = new Date(value);
+  if (Number.isNaN(d.getTime())) return '—';
+  return d.toLocaleString();
+}
+function DetailRow({
+  label,
+  children,
+}: {
+  label: string;
+  children: React.ReactNode;
+}): JSX.Element {
+  return (
+    <Box paddingBottom={4}>
+      <Typography variant="sigma" textColor="neutral600">
+        {label}
+      </Typography>
+      <Box paddingTop={1}>{children}</Box>
+    </Box>
+  );
+}
+export function Clients(): JSX.Element {
+  const api = useMcpApi();
+  const navigate = useNavigate();
+  const [clients, setClients] = useState<ClientRow[]>([]);
+  const [error, setError] = useState<string | null>(null);
+  const [loading, setLoading] = useState(true);
+  const [selected, setSelected] = useState<ClientRow | null>(null);
+  const [pendingDelete, setPendingDelete] = useState<ClientRow | null>(null);
+  const [deleting, setDeleting] = useState(false);
+  const [{ query }] = useQueryParams<McpListQuery>();
+  const filtered = useMemo(
+    () =>
+      applyMcpQuery(clients, query, {
+        searchText: (c) =>
+          [
+            c.clientName,
+            c.clientId,
+            formatAdmin(c.ownerAdmin),
+            formatAdmin(c.createdByAdmin),
+          ].join(' '),
+        field: (c, name) => {
+          if (name === 'type') return c.isConfidential ? 'confidential' : 'public';
+          if (name === 'createdAt') return c.createdAt ?? '';
+          return '';
+        },
+      }),
+    [clients, query]
+  );
+  const paged = useMemo(() => paginate(filtered, query), [filtered, query]);
+  const hasFilters = hasActiveQuery(query);
+  function refresh(): Promise<void> {
+    return api
+      .listClients()
+      .then((d: { clients: ClientRow[] }) => setClients(d.clients ?? []))
+      .catch((err: Error) => setError(err.message ?? String(err)))
+      .finally(() => setLoading(false));
+  }
+  useEffect(() => {
+    refresh();
+  }, []);
+  async function confirmDelete(): Promise<void> {
+    if (!pendingDelete) return;
+    setDeleting(true);
+    try {
+      await api.deleteClient(pendingDelete.clientId);
+      setPendingDelete(null);
+      setSelected(null);
+      await refresh();
+    } catch (err) {
+      setError((err as Error).message);
+    } finally {
+      setDeleting(false);
+    }
+  }
+  return (
+    <Box>
+      <PageHeader
+        title="Clients"
+        subtitle="OAuth 2.1 clients allowed to obtain MCP access tokens"
+        actions={
+          <Button startIcon={<Plus />} onClick={() => navigate('new')}>
+            New client
+          </Button>
+        }
+      />
+      {error && (
+        <Box background="danger100" padding={4} hasRadius marginBottom={6}>
+          <Typography textColor="danger700">Failed: {error}</Typography>
+        </Box>
+      )}
+      <Flex gap={1} paddingBottom={4} alignItems="flex-start">
+        <SearchInput
+          label="Search clients"
+          placeholder="Search by name, client ID, owner, or creator"
+        />
+        <Filters.Root options={CLIENT_FILTERS}>
+          <Filters.Trigger />
+          <Filters.Popover />
+          <Filters.List />
+        </Filters.Root>
+      </Flex>
+      <Box background="neutral0" hasRadius shadow="tableShadow">
+        <Table colCount={6} rowCount={paged.rows.length}>
+          <Thead>
+            <Tr>
+              <Th>
+                <Typography variant="sigma">Name</Typography>
+              </Th>
+              <Th>
+                <Typography variant="sigma">Type</Typography>
+              </Th>
+              <Th>
+                <Typography variant="sigma">Created by</Typography>
+              </Th>
+              <Th>
+                <Typography variant="sigma">Owner</Typography>
+              </Th>
+              <Th>
+                <Typography variant="sigma">Created</Typography>
+              </Th>
+              <Th>
+                <Typography variant="sigma">&nbsp;</Typography>
+              </Th>
+            </Tr>
+          </Thead>
+          <Tbody>
+            {paged.rows.map((c) => (
+              <ClickableTr
+                key={c.clientId}
+                onClick={() => setSelected(c)}
+                role="button"
+                tabIndex={0}
+                onKeyDown={(e: React.KeyboardEvent) => {
+                  if (e.key === 'Enter' || e.key === ' ') {
+                    e.preventDefault();
+                    setSelected(c);
+                  }
+                }}
+              >
+                <Td>
+                  <Typography variant="omega" fontWeight="semiBold">
+                    {c.clientName}
+                  </Typography>
+                </Td>
+                <Td>
+                  <Typography variant="omega">
+                    {c.isConfidential ? 'Confidential' : 'Public'}
+                  </Typography>
+                </Td>
+                <Td>
+                  <Typography variant="omega" textColor="neutral700">
+                    {formatAdmin(c.createdByAdmin)}
+                  </Typography>
+                </Td>
+                <Td>
+                  <Typography variant="omega" textColor="neutral700">
+                    {formatAdmin(c.ownerAdmin)}
+                  </Typography>
+                </Td>
+                <Td>
+                  <Typography variant="omega" textColor="neutral700">
+                    {formatCreated(c.createdAt)}
+                  </Typography>
+                </Td>
+                <Td onClick={(e: React.MouseEvent) => e.stopPropagation()}>
+                  <Flex gap={2} justifyContent="flex-end">
+                    <IconButton
+                      label="Edit"
+                      variant="ghost"
+                      onClick={(e: React.MouseEvent) => {
+                        e.stopPropagation();
+                        navigate(`${c.clientId}/edit`);
+                      }}
+                    >
+                      <Pencil />
+                    </IconButton>
+                    <IconButton
+                      label="Delete"
+                      variant="ghost"
+                      onClick={(e: React.MouseEvent) => {
+                        e.stopPropagation();
+                        setPendingDelete(c);
+                      }}
+                    >
+                      <Trash />
+                    </IconButton>
+                  </Flex>
+                </Td>
+              </ClickableTr>
+            ))}
+            {!loading && paged.rows.length === 0 && (
+              <Tr>
+                <Td colSpan={6}>
+                  <Box paddingTop={6} paddingBottom={6}>
+                    <Typography textColor="neutral600">
+                      {clients.length === 0
+                        ? 'No OAuth clients yet. Create one, or wait for an MCP client to register via DCR.'
+                        : hasFilters
+                          ? 'No clients match the current search or filters.'
+                          : 'No clients to display.'}
+                    </Typography>
+                  </Box>
+                </Td>
+              </Tr>
+            )}
+          </Tbody>
+        </Table>
+      </Box>
+      {paged.total > 0 && (
+        <Box paddingTop={4}>
+          <Pagination.Root pageCount={paged.pageCount} total={paged.total}>
+            <Pagination.PageSize />
+            <Pagination.Links />
+          </Pagination.Root>
+        </Box>
+      )}
+      {/* Detail modal */}
+      <Modal.Root
+        open={selected !== null}
+        onOpenChange={(open) => !open && setSelected(null)}
+      >
+        <Modal.Content>
+          <Modal.Header>
+            <Modal.Title>{selected?.clientName ?? 'Client'}</Modal.Title>
+          </Modal.Header>
+          <Modal.Body>
+            {selected && (
+              <Box paddingTop={2}>
+                <DetailRow label="Client ID">
+                  <Typography variant="omega" textColor="neutral800">
+                    <code>{selected.clientId}</code>
+                  </Typography>
+                </DetailRow>
+                <DetailRow label="Type">
+                  <Typography variant="omega">
+                    {selected.isConfidential ? 'Confidential' : 'Public'}
+                  </Typography>
+                </DetailRow>
+                <DetailRow label="Created by">
+                  <Typography variant="omega" textColor="neutral800">
+                    {formatAdmin(selected.createdByAdmin)}
+                    {selected.createdByAdmin?.email && (
+                      <Typography variant="pi" textColor="neutral600">
+                        {' '}
+                        ({selected.createdByAdmin.email})
+                      </Typography>
+                    )}
+                  </Typography>
+                </DetailRow>
+                <DetailRow label="Owner">
+                  <Typography variant="omega" textColor="neutral800">
+                    {formatAdmin(selected.ownerAdmin)}
+                    {selected.ownerAdmin?.email && (
+                      <Typography variant="pi" textColor="neutral600">
+                        {' '}
+                        ({selected.ownerAdmin.email})
+                      </Typography>
+                    )}
+                  </Typography>
+                </DetailRow>
+                <DetailRow label="Created">
+                  <Typography variant="omega" textColor="neutral800">
+                    {formatCreated(selected.createdAt)}
+                  </Typography>
+                </DetailRow>
+                <DetailRow label="Last used">
+                  <Typography variant="omega" textColor="neutral800">
+                    {formatLastUsed(selected.lastUsedAt)}
+                  </Typography>
+                </DetailRow>
+                <DetailRow label="Scopes">
+                  {selected.scopes.length === 0 ? (
+                    <Typography variant="omega" textColor="neutral600">
+                      (none)
+                    </Typography>
+                  ) : (
+                    <Flex direction="column" gap={1} alignItems="flex-start">
+                      {selected.scopes.map((s) => (
+                        <Typography key={s} variant="omega">
+                          <code>{s}</code>
+                        </Typography>
+                      ))}
+                    </Flex>
+                  )}
+                </DetailRow>
+                <DetailRow label="Redirect URIs">
+                  {selected.redirectUris.length === 0 ? (
+                    <Typography variant="omega" textColor="neutral600">
+                      (none)
+                    </Typography>
+                  ) : (
+                    <Flex direction="column" gap={1} alignItems="flex-start">
+                      {selected.redirectUris.map((u) => (
+                        <Typography key={u} variant="omega" textColor="neutral800">
+                          <code>{u}</code>
+                        </Typography>
+                      ))}
+                    </Flex>
+                  )}
+                </DetailRow>
+              </Box>
+            )}
+          </Modal.Body>
+          <Modal.Footer justifyContent="space-between">
+            <Modal.Close>
+              <Button variant="tertiary">Cancel</Button>
+            </Modal.Close>
+            <Flex gap={2}>
+              <Button
+                variant="danger-light"
+                startIcon={<Trash />}
+                onClick={() => {
+                  if (selected) {
+                    setPendingDelete(selected);
+                    setSelected(null);
+                  }
+                }}
+              >
+                Delete
+              </Button>
+              <Button
+                variant="default"
+                startIcon={<Pencil />}
+                onClick={() => {
+                  if (selected) {
+                    const id = selected.clientId;
+                    setSelected(null);
+                    navigate(`${id}/edit`);
+                  }
+                }}
+              >
+                Edit
+              </Button>
+            </Flex>
+          </Modal.Footer>
+        </Modal.Content>
+      </Modal.Root>
+      {/* Delete confirmation */}
+      <Dialog.Root
+        open={pendingDelete !== null}
+        onOpenChange={(open) => !open && setPendingDelete(null)}
+      >
+        <Dialog.Content>
+          <Dialog.Header>Delete client</Dialog.Header>
+          <Dialog.Body>
+            <Typography>
+              Delete <strong>{pendingDelete?.clientName}</strong>? This revokes the client_id,
+              invalidates any active sessions tied to it, and removes its stored refresh
+              tokens. This cannot be undone.
+            </Typography>
+          </Dialog.Body>
+          <Dialog.Footer>
+            <Dialog.Cancel>
+              <Button variant="tertiary">Cancel</Button>
+            </Dialog.Cancel>
+            <Dialog.Action>
+              <Button variant="danger-light" loading={deleting} onClick={confirmDelete}>
+                Delete client
+              </Button>
+            </Dialog.Action>
+          </Dialog.Footer>
+        </Dialog.Content>
+      </Dialog.Root>
+    </Box>
+  );
+}