strapi-oauth-mcp-manager 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/README.md +143 -0
  2. package/dist/_chunks/App-CjW3NftW.mjs +23 -0
  3. package/dist/_chunks/App-DsMhfKkM.js +23 -0
  4. package/dist/_chunks/en-B4KWt_jN.js +4 -0
  5. package/dist/_chunks/en-Byx4XI2L.mjs +4 -0
  6. package/dist/_chunks/index-B2ShbPnj.js +65 -0
  7. package/dist/_chunks/index-DzBaU9Fw.mjs +66 -0
  8. package/dist/admin/index.js +3 -0
  9. package/dist/admin/index.mjs +4 -0
  10. package/dist/admin/src/components/Initializer.d.ts +5 -0
  11. package/dist/admin/src/components/PluginIcon.d.ts +2 -0
  12. package/dist/admin/src/index.d.ts +10 -0
  13. package/dist/admin/src/pages/App.d.ts +2 -0
  14. package/dist/admin/src/pages/HomePage.d.ts +2 -0
  15. package/dist/admin/src/pluginId.d.ts +1 -0
  16. package/dist/admin/src/utils/getTranslation.d.ts +2 -0
  17. package/dist/server/index.js +800 -0
  18. package/dist/server/index.mjs +801 -0
  19. package/dist/server/src/bootstrap.d.ts +5 -0
  20. package/dist/server/src/config/index.d.ts +5 -0
  21. package/dist/server/src/content-types/index.d.ts +208 -0
  22. package/dist/server/src/controllers/index.d.ts +11 -0
  23. package/dist/server/src/controllers/oauth.d.ts +31 -0
  24. package/dist/server/src/destroy.d.ts +5 -0
  25. package/dist/server/src/index.d.ts +278 -0
  26. package/dist/server/src/middlewares/index.d.ts +6 -0
  27. package/dist/server/src/middlewares/mcp-oauth.d.ts +19 -0
  28. package/dist/server/src/pluginId.d.ts +1 -0
  29. package/dist/server/src/policies/index.d.ts +2 -0
  30. package/dist/server/src/register.d.ts +5 -0
  31. package/dist/server/src/routes/admin/index.d.ts +2 -0
  32. package/dist/server/src/routes/content-api/index.d.ts +10 -0
  33. package/dist/server/src/routes/index.d.ts +19 -0
  34. package/dist/server/src/services/endpoint.d.ts +37 -0
  35. package/dist/server/src/services/index.d.ts +22 -0
  36. package/dist/server/src/services/oauth.d.ts +32 -0
  37. package/package.json +88 -0
package/dist/server/src/bootstrap.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type { Core } from '@strapi/strapi';
2
+ declare const bootstrap: ({ strapi }: {
3
+ strapi: Core.Strapi;
4
+ }) => Promise<void>;
5
+ export default bootstrap;
package/dist/server/src/config/index.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ declare const _default: {
2
+ default: {};
3
+ validator(): void;
4
+ };
5
+ export default _default;
package/dist/server/src/content-types/index.d.ts ADDED
@@ -0,0 +1,208 @@
1
+ declare const _default: {
2
+ 'mcp-oauth-client': {
3
+ schema: {
4
+ kind: string;
5
+ collectionName: string;
6
+ info: {
7
+ singularName: string;
8
+ pluralName: string;
9
+ displayName: string;
10
+ description: string;
11
+ };
12
+ options: {
13
+ draftAndPublish: boolean;
14
+ };
15
+ pluginOptions: {
16
+ "content-manager": {
17
+ visible: boolean;
18
+ };
19
+ "content-type-builder": {
20
+ visible: boolean;
21
+ };
22
+ };
23
+ attributes: {
24
+ name: {
25
+ type: string;
26
+ required: boolean;
27
+ };
28
+ clientId: {
29
+ type: string;
30
+ required: boolean;
31
+ unique: boolean;
32
+ };
33
+ clientSecret: {
34
+ type: string;
35
+ required: boolean;
36
+ private: boolean;
37
+ };
38
+ redirectUris: {
39
+ type: string;
40
+ required: boolean;
41
+ };
42
+ strapiApiToken: {
43
+ type: string;
44
+ required: boolean;
45
+ private: boolean;
46
+ };
47
+ description: {
48
+ type: string;
49
+ };
50
+ active: {
51
+ type: string;
52
+ default: boolean;
53
+ };
54
+ };
55
+ };
56
+ };
57
+ 'mcp-oauth-code': {
58
+ schema: {
59
+ kind: string;
60
+ collectionName: string;
61
+ info: {
62
+ singularName: string;
63
+ pluralName: string;
64
+ displayName: string;
65
+ description: string;
66
+ };
67
+ options: {
68
+ draftAndPublish: boolean;
69
+ };
70
+ pluginOptions: {
71
+ "content-manager": {
72
+ visible: boolean;
73
+ };
74
+ "content-type-builder": {
75
+ visible: boolean;
76
+ };
77
+ };
78
+ attributes: {
79
+ code: {
80
+ type: string;
81
+ required: boolean;
82
+ unique: boolean;
83
+ };
84
+ clientId: {
85
+ type: string;
86
+ required: boolean;
87
+ };
88
+ redirectUri: {
89
+ type: string;
90
+ required: boolean;
91
+ };
92
+ codeChallenge: {
93
+ type: string;
94
+ };
95
+ codeChallengeMethod: {
96
+ type: string;
97
+ };
98
+ expiresAt: {
99
+ type: string;
100
+ required: boolean;
101
+ };
102
+ used: {
103
+ type: string;
104
+ default: boolean;
105
+ };
106
+ };
107
+ };
108
+ };
109
+ 'mcp-oauth-token': {
110
+ schema: {
111
+ kind: string;
112
+ collectionName: string;
113
+ info: {
114
+ singularName: string;
115
+ pluralName: string;
116
+ displayName: string;
117
+ description: string;
118
+ };
119
+ options: {
120
+ draftAndPublish: boolean;
121
+ };
122
+ pluginOptions: {
123
+ "content-manager": {
124
+ visible: boolean;
125
+ };
126
+ "content-type-builder": {
127
+ visible: boolean;
128
+ };
129
+ };
130
+ attributes: {
131
+ accessToken: {
132
+ type: string;
133
+ required: boolean;
134
+ unique: boolean;
135
+ private: boolean;
136
+ };
137
+ refreshToken: {
138
+ type: string;
139
+ required: boolean;
140
+ unique: boolean;
141
+ private: boolean;
142
+ };
143
+ clientId: {
144
+ type: string;
145
+ required: boolean;
146
+ };
147
+ expiresAt: {
148
+ type: string;
149
+ required: boolean;
150
+ };
151
+ refreshExpiresAt: {
152
+ type: string;
153
+ required: boolean;
154
+ };
155
+ revoked: {
156
+ type: string;
157
+ default: boolean;
158
+ };
159
+ };
160
+ };
161
+ };
162
+ 'mcp-endpoint': {
163
+ schema: {
164
+ kind: string;
165
+ collectionName: string;
166
+ info: {
167
+ singularName: string;
168
+ pluralName: string;
169
+ displayName: string;
170
+ description: string;
171
+ };
172
+ options: {
173
+ draftAndPublish: boolean;
174
+ };
175
+ pluginOptions: {
176
+ "content-manager": {
177
+ visible: boolean;
178
+ };
179
+ "content-type-builder": {
180
+ visible: boolean;
181
+ };
182
+ };
183
+ attributes: {
184
+ name: {
185
+ type: string;
186
+ required: boolean;
187
+ };
188
+ pluginId: {
189
+ type: string;
190
+ required: boolean;
191
+ };
192
+ path: {
193
+ type: string;
194
+ required: boolean;
195
+ unique: boolean;
196
+ };
197
+ description: {
198
+ type: string;
199
+ };
200
+ active: {
201
+ type: string;
202
+ default: boolean;
203
+ };
204
+ };
205
+ };
206
+ };
207
+ };
208
+ export default _default;
package/dist/server/src/controllers/index.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ declare const _default: {
2
+ oauth: ({ strapi }: {
3
+ strapi: import("@strapi/types/dist/core").Strapi;
4
+ }) => {
5
+ discovery(ctx: any): Promise<void>;
6
+ protectedResource(ctx: any): Promise<void>;
7
+ authorize(ctx: any): Promise<void>;
8
+ token(ctx: any): Promise<void>;
9
+ };
10
+ };
11
+ export default _default;
package/dist/server/src/controllers/oauth.d.ts ADDED
@@ -0,0 +1,31 @@
1
+ /**
2
+ * OAuth 2.0 Controller
3
+ *
4
+ * Handles OAuth authorization, token exchange, and discovery endpoints.
5
+ */
6
+ import type { Core } from '@strapi/strapi';
7
+ declare const oauthController: ({ strapi }: {
8
+ strapi: Core.Strapi;
9
+ }) => {
10
+ /**
11
+ * OAuth 2.0 Authorization Server Metadata (RFC 8414)
12
+ * GET /.well-known/oauth-authorization-server
13
+ */
14
+ discovery(ctx: any): Promise<void>;
15
+ /**
16
+ * OAuth 2.0 Protected Resource Metadata (RFC 9728)
17
+ * GET /.well-known/oauth-protected-resource
18
+ */
19
+ protectedResource(ctx: any): Promise<void>;
20
+ /**
21
+ * OAuth 2.0 Authorization Endpoint
22
+ * GET /oauth/authorize
23
+ */
24
+ authorize(ctx: any): Promise<void>;
25
+ /**
26
+ * OAuth 2.0 Token Endpoint
27
+ * POST /oauth/token
28
+ */
29
+ token(ctx: any): Promise<void>;
30
+ };
31
+ export default oauthController;
package/dist/server/src/destroy.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type { Core } from '@strapi/strapi';
2
+ declare const destroy: ({ strapi }: {
3
+ strapi: Core.Strapi;
4
+ }) => void;
5
+ export default destroy;
package/dist/server/src/index.d.ts ADDED
@@ -0,0 +1,278 @@
1
+ declare const _default: {
2
+ register: ({ strapi }: {
3
+ strapi: import("@strapi/types/dist/core").Strapi;
4
+ }) => void;
5
+ bootstrap: ({ strapi }: {
6
+ strapi: import("@strapi/types/dist/core").Strapi;
7
+ }) => Promise<void>;
8
+ destroy: ({ strapi }: {
9
+ strapi: import("@strapi/types/dist/core").Strapi;
10
+ }) => void;
11
+ config: {
12
+ default: {};
13
+ validator(): void;
14
+ };
15
+ controllers: {
16
+ oauth: ({ strapi }: {
17
+ strapi: import("@strapi/types/dist/core").Strapi;
18
+ }) => {
19
+ discovery(ctx: any): Promise<void>;
20
+ protectedResource(ctx: any): Promise<void>;
21
+ authorize(ctx: any): Promise<void>;
22
+ token(ctx: any): Promise<void>;
23
+ };
24
+ };
25
+ routes: {
26
+ 'content-api': {
27
+ type: string;
28
+ routes: {
29
+ method: string;
30
+ path: string;
31
+ handler: string;
32
+ config: {
33
+ auth: boolean;
34
+ policies: any[];
35
+ };
36
+ }[];
37
+ };
38
+ admin: {
39
+ type: string;
40
+ routes: any[];
41
+ };
42
+ };
43
+ services: {
44
+ oauth: ({ strapi }: {
45
+ strapi: import("@strapi/types/dist/core").Strapi;
46
+ }) => {
47
+ validateToken(accessToken: string): Promise<import("./services/oauth").TokenValidationResult>;
48
+ revokeClientTokens(clientId: string): Promise<number>;
49
+ cleanupExpired(): Promise<{
50
+ tokens: number;
51
+ codes: number;
52
+ }>;
53
+ };
54
+ endpoint: ({ strapi }: {
55
+ strapi: import("@strapi/types/dist/core").Strapi;
56
+ }) => {
57
+ register(endpoint: import("./services/endpoint").EndpointRegistration): Promise<any>;
58
+ unregister(path: string): Promise<boolean>;
59
+ getAll(activeOnly?: boolean): Promise<any[]>;
60
+ getByPlugin(pluginId: string, activeOnly?: boolean): Promise<any[]>;
61
+ isProtected(path: string): Promise<boolean>;
62
+ };
63
+ };
64
+ contentTypes: {
65
+ 'mcp-oauth-client': {
66
+ schema: {
67
+ kind: string;
68
+ collectionName: string;
69
+ info: {
70
+ singularName: string;
71
+ pluralName: string;
72
+ displayName: string;
73
+ description: string;
74
+ };
75
+ options: {
76
+ draftAndPublish: boolean;
77
+ };
78
+ pluginOptions: {
79
+ "content-manager": {
80
+ visible: boolean;
81
+ };
82
+ "content-type-builder": {
83
+ visible: boolean;
84
+ };
85
+ };
86
+ attributes: {
87
+ name: {
88
+ type: string;
89
+ required: boolean;
90
+ };
91
+ clientId: {
92
+ type: string;
93
+ required: boolean;
94
+ unique: boolean;
95
+ };
96
+ clientSecret: {
97
+ type: string;
98
+ required: boolean;
99
+ private: boolean;
100
+ };
101
+ redirectUris: {
102
+ type: string;
103
+ required: boolean;
104
+ };
105
+ strapiApiToken: {
106
+ type: string;
107
+ required: boolean;
108
+ private: boolean;
109
+ };
110
+ description: {
111
+ type: string;
112
+ };
113
+ active: {
114
+ type: string;
115
+ default: boolean;
116
+ };
117
+ };
118
+ };
119
+ };
120
+ 'mcp-oauth-code': {
121
+ schema: {
122
+ kind: string;
123
+ collectionName: string;
124
+ info: {
125
+ singularName: string;
126
+ pluralName: string;
127
+ displayName: string;
128
+ description: string;
129
+ };
130
+ options: {
131
+ draftAndPublish: boolean;
132
+ };
133
+ pluginOptions: {
134
+ "content-manager": {
135
+ visible: boolean;
136
+ };
137
+ "content-type-builder": {
138
+ visible: boolean;
139
+ };
140
+ };
141
+ attributes: {
142
+ code: {
143
+ type: string;
144
+ required: boolean;
145
+ unique: boolean;
146
+ };
147
+ clientId: {
148
+ type: string;
149
+ required: boolean;
150
+ };
151
+ redirectUri: {
152
+ type: string;
153
+ required: boolean;
154
+ };
155
+ codeChallenge: {
156
+ type: string;
157
+ };
158
+ codeChallengeMethod: {
159
+ type: string;
160
+ };
161
+ expiresAt: {
162
+ type: string;
163
+ required: boolean;
164
+ };
165
+ used: {
166
+ type: string;
167
+ default: boolean;
168
+ };
169
+ };
170
+ };
171
+ };
172
+ 'mcp-oauth-token': {
173
+ schema: {
174
+ kind: string;
175
+ collectionName: string;
176
+ info: {
177
+ singularName: string;
178
+ pluralName: string;
179
+ displayName: string;
180
+ description: string;
181
+ };
182
+ options: {
183
+ draftAndPublish: boolean;
184
+ };
185
+ pluginOptions: {
186
+ "content-manager": {
187
+ visible: boolean;
188
+ };
189
+ "content-type-builder": {
190
+ visible: boolean;
191
+ };
192
+ };
193
+ attributes: {
194
+ accessToken: {
195
+ type: string;
196
+ required: boolean;
197
+ unique: boolean;
198
+ private: boolean;
199
+ };
200
+ refreshToken: {
201
+ type: string;
202
+ required: boolean;
203
+ unique: boolean;
204
+ private: boolean;
205
+ };
206
+ clientId: {
207
+ type: string;
208
+ required: boolean;
209
+ };
210
+ expiresAt: {
211
+ type: string;
212
+ required: boolean;
213
+ };
214
+ refreshExpiresAt: {
215
+ type: string;
216
+ required: boolean;
217
+ };
218
+ revoked: {
219
+ type: string;
220
+ default: boolean;
221
+ };
222
+ };
223
+ };
224
+ };
225
+ 'mcp-endpoint': {
226
+ schema: {
227
+ kind: string;
228
+ collectionName: string;
229
+ info: {
230
+ singularName: string;
231
+ pluralName: string;
232
+ displayName: string;
233
+ description: string;
234
+ };
235
+ options: {
236
+ draftAndPublish: boolean;
237
+ };
238
+ pluginOptions: {
239
+ "content-manager": {
240
+ visible: boolean;
241
+ };
242
+ "content-type-builder": {
243
+ visible: boolean;
244
+ };
245
+ };
246
+ attributes: {
247
+ name: {
248
+ type: string;
249
+ required: boolean;
250
+ };
251
+ pluginId: {
252
+ type: string;
253
+ required: boolean;
254
+ };
255
+ path: {
256
+ type: string;
257
+ required: boolean;
258
+ unique: boolean;
259
+ };
260
+ description: {
261
+ type: string;
262
+ };
263
+ active: {
264
+ type: string;
265
+ default: boolean;
266
+ };
267
+ };
268
+ };
269
+ };
270
+ };
271
+ policies: {};
272
+ middlewares: {
273
+ 'mcp-oauth': (config: any, { strapi }: {
274
+ strapi: import("@strapi/types/dist/core").Strapi;
275
+ }) => (ctx: any, next: () => Promise<void>) => Promise<void>;
276
+ };
277
+ };
278
+ export default _default;
package/dist/server/src/middlewares/index.d.ts ADDED
@@ -0,0 +1,6 @@
1
+ declare const _default: {
2
+ 'mcp-oauth': (config: any, { strapi }: {
3
+ strapi: import("@strapi/types/dist/core").Strapi;
4
+ }) => (ctx: any, next: () => Promise<void>) => Promise<void>;
5
+ };
6
+ export default _default;
package/dist/server/src/middlewares/mcp-oauth.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ /**
2
+ * MCP OAuth Authentication Middleware
3
+ *
4
+ * This middleware provides OAuth 2.0 authentication for all registered MCP endpoints.
5
+ * It supports dual authentication:
6
+ * - OAuth 2.0 tokens (for ChatGPT and other OAuth clients)
7
+ * - Direct Strapi API tokens (for Claude Desktop and scripts)
8
+ *
9
+ * On success: Sets ctx.state.strapiToken for use in controllers
10
+ * On failure: Returns 401 with WWW-Authenticate header for OAuth discovery
11
+ */
12
+ import type { Core } from '@strapi/strapi';
13
+ /**
14
+ * MCP OAuth Authentication Middleware Factory
15
+ */
16
+ declare const mcpOauthMiddleware: (config: any, { strapi }: {
17
+ strapi: Core.Strapi;
18
+ }) => (ctx: any, next: () => Promise<void>) => Promise<void>;
19
+ export default mcpOauthMiddleware;
package/dist/server/src/pluginId.d.ts ADDED
@@ -0,0 +1 @@
1
+ export declare const PLUGIN_ID = "strapi-oauth-mcp-manager";
package/dist/server/src/policies/index.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ declare const _default: {};
2
+ export default _default;
package/dist/server/src/register.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type { Core } from '@strapi/strapi';
2
+ declare const register: ({ strapi }: {
3
+ strapi: Core.Strapi;
4
+ }) => void;
5
+ export default register;
package/dist/server/src/routes/admin/index.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ declare const _default: any[];
2
+ export default _default;
package/dist/server/src/routes/content-api/index.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ declare const _default: {
2
+ method: string;
3
+ path: string;
4
+ handler: string;
5
+ config: {
6
+ auth: boolean;
7
+ policies: any[];
8
+ };
9
+ }[];
10
+ export default _default;
package/dist/server/src/routes/index.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ declare const _default: {
2
+ 'content-api': {
3
+ type: string;
4
+ routes: {
5
+ method: string;
6
+ path: string;
7
+ handler: string;
8
+ config: {
9
+ auth: boolean;
10
+ policies: any[];
11
+ };
12
+ }[];
13
+ };
14
+ admin: {
15
+ type: string;
16
+ routes: any[];
17
+ };
18
+ };
19
+ export default _default;
package/dist/server/src/services/endpoint.d.ts ADDED
@@ -0,0 +1,37 @@
1
+ /**
2
+ * Endpoint Registration Service
3
+ *
4
+ * Allows MCP plugins to register their endpoints for OAuth protection.
5
+ */
6
+ import type { Core } from '@strapi/strapi';
7
+ export interface EndpointRegistration {
8
+ name: string;
9
+ pluginId: string;
10
+ path: string;
11
+ description?: string;
12
+ }
13
+ declare const endpointService: ({ strapi }: {
14
+ strapi: Core.Strapi;
15
+ }) => {
16
+ /**
17
+ * Register an MCP endpoint for OAuth protection
18
+ */
19
+ register(endpoint: EndpointRegistration): Promise<any>;
20
+ /**
21
+ * Unregister an MCP endpoint
22
+ */
23
+ unregister(path: string): Promise<boolean>;
24
+ /**
25
+ * Get all registered endpoints
26
+ */
27
+ getAll(activeOnly?: boolean): Promise<any[]>;
28
+ /**
29
+ * Get endpoints for a specific plugin
30
+ */
31
+ getByPlugin(pluginId: string, activeOnly?: boolean): Promise<any[]>;
32
+ /**
33
+ * Check if a path is a protected endpoint
34
+ */
35
+ isProtected(path: string): Promise<boolean>;
36
+ };
37
+ export default endpointService;
package/dist/server/src/services/index.d.ts ADDED
@@ -0,0 +1,22 @@
1
+ declare const _default: {
2
+ oauth: ({ strapi }: {
3
+ strapi: import("@strapi/types/dist/core").Strapi;
4
+ }) => {
5
+ validateToken(accessToken: string): Promise<import("./oauth").TokenValidationResult>;
6
+ revokeClientTokens(clientId: string): Promise<number>;
7
+ cleanupExpired(): Promise<{
8
+ tokens: number;
9
+ codes: number;
10
+ }>;
11
+ };
12
+ endpoint: ({ strapi }: {
13
+ strapi: import("@strapi/types/dist/core").Strapi;
14
+ }) => {
15
+ register(endpoint: import("./endpoint").EndpointRegistration): Promise<any>;
16
+ unregister(path: string): Promise<boolean>;
17
+ getAll(activeOnly?: boolean): Promise<any[]>;
18
+ getByPlugin(pluginId: string, activeOnly?: boolean): Promise<any[]>;
19
+ isProtected(path: string): Promise<boolean>;
20
+ };
21
+ };
22
+ export default _default;