npm - strapi-mcp-server - Versions diffs - 0.1.1 - Mend

strapi-mcp-server 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (89) hide show

package/LICENSE +21 -0
package/README.md +415 -0
package/admin/src/components/PageHeader.tsx +33 -0
package/admin/src/components/Sidebar.tsx +138 -0
package/admin/src/index.tsx +54 -0
package/admin/src/lib/api.ts +27 -0
package/admin/src/lib/applyQuery.ts +152 -0
package/admin/src/pages/App.tsx +126 -0
package/admin/src/pages/AuditLog.tsx +386 -0
package/admin/src/pages/Clients.tsx +465 -0
package/admin/src/pages/EditClient.tsx +248 -0
package/admin/src/pages/HomePage.tsx +378 -0
package/admin/src/pages/NewClient.tsx +244 -0
package/admin/src/pages/Settings.tsx +514 -0
package/admin/src/pages/SsoBridge.tsx +96 -0
package/admin/src/pages/Tools.tsx +68 -0
package/admin/src/pluginId.ts +1 -0
package/admin/src/translations/en.json +8 -0
package/package.json +105 -0
package/server/src/bootstrap.ts +118 -0
package/server/src/config/index.ts +290 -0
package/server/src/content-types/audit-log/index.ts +3 -0
package/server/src/content-types/audit-log/schema.json +32 -0
package/server/src/content-types/index.ts +19 -0
package/server/src/content-types/oauth-auth-code/index.ts +3 -0
package/server/src/content-types/oauth-auth-code/schema.json +31 -0
package/server/src/content-types/oauth-client/index.ts +3 -0
package/server/src/content-types/oauth-client/schema.json +33 -0
package/server/src/content-types/oauth-consent/index.ts +3 -0
package/server/src/content-types/oauth-consent/schema.json +21 -0
package/server/src/content-types/oauth-refresh-token/index.ts +3 -0
package/server/src/content-types/oauth-refresh-token/schema.json +25 -0
package/server/src/content-types/oauth-revocation/index.ts +3 -0
package/server/src/content-types/oauth-revocation/schema.json +18 -0
package/server/src/content-types/oauth-signing-key/index.ts +3 -0
package/server/src/content-types/oauth-signing-key/schema.json +21 -0
package/server/src/controllers/admin/audit.ts +30 -0
package/server/src/controllers/admin/clients.ts +148 -0
package/server/src/controllers/admin/dashboard.ts +28 -0
package/server/src/controllers/admin/index.ts +15 -0
package/server/src/controllers/admin/settings.ts +38 -0
package/server/src/controllers/admin/tools.ts +23 -0
package/server/src/controllers/index.ts +13 -0
package/server/src/controllers/mcp.ts +168 -0
package/server/src/controllers/oauth/authorize.ts +418 -0
package/server/src/controllers/oauth/index.ts +15 -0
package/server/src/controllers/oauth/introspect.ts +45 -0
package/server/src/controllers/oauth/metadata.ts +86 -0
package/server/src/controllers/oauth/mode-guard.ts +22 -0
package/server/src/controllers/oauth/register.ts +109 -0
package/server/src/controllers/oauth/token.ts +206 -0
package/server/src/controllers/proxy.ts +81 -0
package/server/src/destroy.ts +28 -0
package/server/src/index.ts +23 -0
package/server/src/policies/authenticate.ts +81 -0
package/server/src/policies/index.ts +13 -0
package/server/src/policies/origin.ts +50 -0
package/server/src/policies/rateLimit.ts +27 -0
package/server/src/policies/scope.ts +32 -0
package/server/src/register.ts +48 -0
package/server/src/routes/admin.ts +85 -0
package/server/src/routes/index.ts +13 -0
package/server/src/routes/mcp.ts +31 -0
package/server/src/routes/oauth.ts +81 -0
package/server/src/routes/proxy.ts +29 -0
package/server/src/services/audit.ts +158 -0
package/server/src/services/heartbeat.ts +76 -0
package/server/src/services/index.ts +37 -0
package/server/src/services/instance-id.ts +30 -0
package/server/src/services/mcp-server.ts +100 -0
package/server/src/services/oauth/audience.ts +26 -0
package/server/src/services/oauth/auth-codes.ts +78 -0
package/server/src/services/oauth/clients.ts +386 -0
package/server/src/services/oauth/consent.ts +38 -0
package/server/src/services/oauth/errors.ts +32 -0
package/server/src/services/oauth/pkce.ts +34 -0
package/server/src/services/oauth/scopes.ts +42 -0
package/server/src/services/oauth/signing-keys.ts +166 -0
package/server/src/services/oauth/tokens.ts +324 -0
package/server/src/services/permissions.ts +87 -0
package/server/src/services/proxy-client.ts +167 -0
package/server/src/services/rate-limiter.ts +180 -0
package/server/src/services/redis.ts +139 -0
package/server/src/services/session-directory.ts +121 -0
package/server/src/services/session-store.ts +216 -0
package/server/src/services/sso-cookie.ts +146 -0
package/server/src/services/tools/content.ts +284 -0
package/server/src/services/tools/index.ts +23 -0
package/server/src/services/tools/media.ts +170 -0

package/admin/src/pages/NewClient.tsx ADDED Viewed

@@ -0,0 +1,244 @@
+import { useState } from 'react';
+import { useNavigate } from 'react-router-dom';
+import {
+  Box,
+  Button,
+  Flex,
+  Typography,
+  TextInput,
+  Textarea,
+  Checkbox,
+  Grid,
+} from '@strapi/design-system';
+import { ArrowLeft } from '@strapi/icons';
+import { useMcpApi } from '../lib/api';
+import { PageHeader } from '../components/PageHeader';
+const ALL_SCOPES = [
+  { id: 'strapi:content:read', label: 'Read content (list types, schemas, entries)' },
+  { id: 'strapi:content:write', label: 'Create / update content entries (draft only)' },
+  { id: 'strapi:media:read', label: 'List media files' },
+  { id: 'strapi:media:write', label: 'Upload media files' },
+];
+interface CreatedResponse {
+  client: { clientId: string; clientName: string };
+  clientSecret?: string;
+}
+export function NewClient(): JSX.Element {
+  const api = useMcpApi();
+  const navigate = useNavigate();
+  const [name, setName] = useState('');
+  const [redirects, setRedirects] = useState('');
+  const [isConfidential, setIsConfidential] = useState(false);
+  const [scopes, setScopes] = useState<string[]>(ALL_SCOPES.map((s) => s.id));
+  const [error, setError] = useState<string | null>(null);
+  const [submitting, setSubmitting] = useState(false);
+  const [created, setCreated] = useState<CreatedResponse | null>(null);
+  async function submit(): Promise<void> {
+    if (!name.trim() || scopes.length === 0) {
+      setError('Name and at least one scope are required.');
+      return;
+    }
+    setSubmitting(true);
+    setError(null);
+    try {
+      // Empty redirect URIs → default to the CLI-friendly loopback URL.
+      // Port is ignored at match time, so a CLI on any free port matches.
+      const parsedRedirects = redirects
+        .split('\n')
+        .map((s) => s.trim())
+        .filter(Boolean);
+      const body = {
+        clientName: name.trim(),
+        redirectUris: parsedRedirects.length > 0 ? parsedRedirects : ['http://localhost/callback'],
+        scopes,
+        isConfidential,
+      };
+      const result = await api.createClient(body);
+      setCreated(result);
+    } catch (err) {
+      setError((err as Error).message);
+    } finally {
+      setSubmitting(false);
+    }
+  }
+  if (created) {
+    return (
+      <Box>
+        <PageHeader
+          title="Client created"
+          subtitle="Save the secret now — it cannot be retrieved later."
+          actions={
+            <Button variant="tertiary" onClick={() => navigate('/plugins/mcp-server/clients')}>
+              Back to clients
+            </Button>
+          }
+        />
+        <Box background="neutral0" padding={6} hasRadius shadow="tableShadow">
+          <Flex direction="column" gap={4} alignItems="stretch">
+            <Box>
+              <Typography variant="sigma" textColor="neutral600">
+                Client name
+              </Typography>
+              <Box paddingTop={1}>
+                <Typography variant="omega" fontWeight="semiBold">
+                  {created.client.clientName}
+                </Typography>
+              </Box>
+            </Box>
+            <Box>
+              <Typography variant="sigma" textColor="neutral600">
+                client_id
+              </Typography>
+              <Box paddingTop={1}>
+                <Typography variant="omega">{created.client.clientId}</Typography>
+              </Box>
+            </Box>
+            {created.clientSecret && (
+              <Box background="warning100" padding={4} hasRadius>
+                <Typography variant="sigma" textColor="warning700">
+                  client_secret (shown once)
+                </Typography>
+                <Box paddingTop={1}>
+                  <Typography variant="omega" fontWeight="semiBold" textColor="warning700">
+                    {created.clientSecret}
+                  </Typography>
+                </Box>
+              </Box>
+            )}
+          </Flex>
+        </Box>
+      </Box>
+    );
+  }
+  return (
+    <Box>
+      <PageHeader
+        title="New OAuth client"
+        subtitle="Register an MCP client that will obtain access tokens via OAuth 2.1 + PKCE"
+        actions={
+          <Button
+            variant="tertiary"
+            startIcon={<ArrowLeft />}
+            onClick={() => navigate('/plugins/mcp-server/clients')}
+          >
+            Back
+          </Button>
+        }
+      />
+      {error && (
+        <Box background="danger100" padding={4} hasRadius marginBottom={6}>
+          <Typography textColor="danger700">{error}</Typography>
+        </Box>
+      )}
+      <Box background="neutral0" padding={6} hasRadius shadow="tableShadow">
+        <Flex direction="column" gap={6} alignItems="stretch">
+          <Grid.Root gap={6}>
+            <Grid.Item col={6} s={12} direction="column" alignItems="stretch">
+              <Box>
+                <Typography variant="pi" fontWeight="bold" textColor="neutral800">
+                  Client name
+                </Typography>
+                <Box paddingTop={1}>
+                  <TextInput
+                    name="clientName"
+                    value={name}
+                    onChange={(e: React.ChangeEvent<HTMLInputElement>) =>
+                      setName(e.target.value)
+                    }
+                    placeholder="e.g. Claude Desktop"
+                  />
+                </Box>
+              </Box>
+            </Grid.Item>
+            <Grid.Item col={6} s={12} direction="column" alignItems="stretch">
+              <Box>
+                <Typography variant="pi" fontWeight="bold" textColor="neutral800">
+                  Client type
+                </Typography>
+                <Box paddingTop={3}>
+                  <Checkbox
+                    checked={isConfidential}
+                    onCheckedChange={(c: boolean | 'indeterminate') =>
+                      setIsConfidential(c === true)
+                    }
+                  >
+                    Confidential client (generates a client_secret)
+                  </Checkbox>
+                </Box>
+              </Box>
+            </Grid.Item>
+          </Grid.Root>
+          <Box>
+            <Typography variant="pi" fontWeight="bold" textColor="neutral800">
+              Redirect URIs (optional)
+            </Typography>
+            <Box paddingTop={1} paddingBottom={1}>
+              <Typography variant="pi" textColor="neutral600">
+                Leave blank for CLI clients (Claude Code, Cursor, Codex, etc.) — defaults to <code>http://localhost/callback</code>, any loopback port matches. One per line, exact match for non-loopback URIs.
+              </Typography>
+            </Box>
+            <Textarea
+              name="redirectUris"
+              value={redirects}
+              onChange={(e: React.ChangeEvent<HTMLTextAreaElement>) =>
+                setRedirects(e.target.value)
+              }
+              placeholder="http://localhost/callback"
+              rows={3}
+            />
+          </Box>
+          <Box>
+            <Typography variant="pi" fontWeight="bold" textColor="neutral800">
+              Scopes
+            </Typography>
+            <Box paddingTop={1} paddingBottom={2}>
+              <Typography variant="pi" textColor="neutral600">
+                Permissions the client will request at authorization time.
+              </Typography>
+            </Box>
+            <Flex direction="column" gap={2} alignItems="stretch">
+              {ALL_SCOPES.map((s) => (
+                <Checkbox
+                  key={s.id}
+                  checked={scopes.includes(s.id)}
+                  onCheckedChange={(c: boolean | 'indeterminate') => {
+                    if (c === true) setScopes((prev) => [...prev, s.id]);
+                    else setScopes((prev) => prev.filter((x) => x !== s.id));
+                  }}
+                >
+                  <Typography variant="omega">
+                    <code>{s.id}</code> — {s.label}
+                  </Typography>
+                </Checkbox>
+              ))}
+            </Flex>
+          </Box>
+          <Flex justifyContent="flex-end" gap={2}>
+            <Button
+              variant="tertiary"
+              onClick={() => navigate('/plugins/mcp-server/clients')}
+              disabled={submitting}
+            >
+              Cancel
+            </Button>
+            <Button loading={submitting} onClick={submit}>
+              Create client
+            </Button>
+          </Flex>
+        </Flex>
+      </Box>
+    </Box>
+  );
+}