mirrors/mcphub
1
0
Fork 0
mirror of https://github.com/samanhappy/mcphub.git synced 2026-01-04 05:38:43 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirrors:copilot/add-oauth2-oidc-login-support
Branches Tags
mirrors:main mirrors:copilot/add-oauth-oidc-support mirrors:copilot/add-activity-log-page mirrors:copilot/add-oauth2-oidc-login-support mirrors:copilot/implement-compression-mechanism mirrors:copilot/set-nonstream-response mirrors:copilot/fix-access-token-refresh-issue mirrors:copilot/fix-json-schema-export-import mirrors:cluster mirrors:copilot/upgrade-glob-to-10-5-0 mirrors:copilot/fix-password-change-issue mirrors:copilot/fix-servers-page-description mirrors:copilot/fix-path-matching-issue mirrors:copilot/fix-security-dependency-issue mirrors:copilot/fix-excessive-api-calls mirrors:copilot/create-authentication-bypass-tests mirrors:copilot/fix-authentication-bypass-issue mirrors:copilot/fix-login-issue-with-base-path mirrors:copilot/fix-2755122-957825149-90b80786-8395-4845-bd6d-1c18c49b8c86 mirrors:copilot/fix-mcp-pdf-reader-error mirrors:copilot/add-one-click-install-button mirrors:copilot/fix-server-status-update mirrors:copilot/fix-jira-cloud-connection mirrors:copilot/add-cluster-functionality mirrors:codex/implement-cluster-functionality-for-mcphub mirrors:copilot/fix-playwright-parallel-execution mirrors:copilot/fix-group-adding-issue
mirrors:v0.11.11 mirrors:v0.11.10 mirrors:v0.11.9 mirrors:v0.11.8 mirrors:v0.11.7 mirrors:v0.11.6 mirrors:v0.11.5 mirrors:v0.11.4 mirrors:v0.11.3 mirrors:v0.11.2 mirrors:v0.11.1 mirrors:v0.11.0 mirrors:v0.10.6 mirrors:v0.10.5 mirrors:v0.10.4 mirrors:v0.10.3 mirrors:v0.10.2 mirrors:v0.10.1 mirrors:v0.10.0 mirrors:v0.9.16 mirrors:v0.9.15 mirrors:v0.9.14 mirrors:v0.9.13 mirrors:v0.9.12 mirrors:v0.9.11 mirrors:v0.9.10 mirrors:v0.9.9 mirrors:v0.9.8 mirrors:v0.9.7 mirrors:v0.9.6 mirrors:v0.9.5 mirrors:v0.9.4 mirrors:v0.9.3 mirrors:v0.9.2 mirrors:v0.9.1 mirrors:v0.9.0 mirrors:v0.8.7 mirrors:v0.8.6 mirrors:v0.8.5 mirrors:v0.8.4 mirrors:v0.8.3 mirrors:v0.8.2 mirrors:v0.8.1 mirrors:v0.8.0 mirrors:v0.7.7 mirrors:v0.7.6 mirrors:v0.7.5 mirrors:v0.7.4 mirrors:v0.7.3 mirrors:v0.7.2 mirrors:v0.7.1 mirrors:v0.7.0 mirrors:v0.6.2 mirrors:v0.6.1 mirrors:v0.6.0 mirrors:v0.5.4 mirrors:v0.5.3 mirrors:v0.5.2 mirrors:v0.5.1 mirrors:v0.5.0 mirrors:v0.4.3 mirrors:v0.4.2 mirrors:v0.4.1 mirrors:v0.4.0 mirrors:v0.3.8 mirrors:v0.3.7 mirrors:v0.3.6 mirrors:v0.3.5 mirrors:v0.3.4 mirrors:v0.3.3 mirrors:v0.3.2 mirrors:v0.3.1 mirrors:v0.3.0 mirrors:v0.2.0 mirrors:v0.1.1 mirrors:v0.1.0
..
compare: mirrors:v0.11.11
Branches Tags
mirrors:main mirrors:copilot/add-oauth-oidc-support mirrors:copilot/add-activity-log-page mirrors:copilot/add-oauth2-oidc-login-support mirrors:copilot/implement-compression-mechanism mirrors:copilot/set-nonstream-response mirrors:copilot/fix-access-token-refresh-issue mirrors:copilot/fix-json-schema-export-import mirrors:cluster mirrors:copilot/upgrade-glob-to-10-5-0 mirrors:copilot/fix-password-change-issue mirrors:copilot/fix-servers-page-description mirrors:copilot/fix-path-matching-issue mirrors:copilot/fix-security-dependency-issue mirrors:copilot/fix-excessive-api-calls mirrors:copilot/create-authentication-bypass-tests mirrors:copilot/fix-authentication-bypass-issue mirrors:copilot/fix-login-issue-with-base-path mirrors:copilot/fix-2755122-957825149-90b80786-8395-4845-bd6d-1c18c49b8c86 mirrors:copilot/fix-mcp-pdf-reader-error mirrors:copilot/add-one-click-install-button mirrors:copilot/fix-server-status-update mirrors:copilot/fix-jira-cloud-connection mirrors:copilot/add-cluster-functionality mirrors:codex/implement-cluster-functionality-for-mcphub mirrors:copilot/fix-playwright-parallel-execution mirrors:copilot/fix-group-adding-issue
mirrors:v0.11.11 mirrors:v0.11.10 mirrors:v0.11.9 mirrors:v0.11.8 mirrors:v0.11.7 mirrors:v0.11.6 mirrors:v0.11.5 mirrors:v0.11.4 mirrors:v0.11.3 mirrors:v0.11.2 mirrors:v0.11.1 mirrors:v0.11.0 mirrors:v0.10.6 mirrors:v0.10.5 mirrors:v0.10.4 mirrors:v0.10.3 mirrors:v0.10.2 mirrors:v0.10.1 mirrors:v0.10.0 mirrors:v0.9.16 mirrors:v0.9.15 mirrors:v0.9.14 mirrors:v0.9.13 mirrors:v0.9.12 mirrors:v0.9.11 mirrors:v0.9.10 mirrors:v0.9.9 mirrors:v0.9.8 mirrors:v0.9.7 mirrors:v0.9.6 mirrors:v0.9.5 mirrors:v0.9.4 mirrors:v0.9.3 mirrors:v0.9.2 mirrors:v0.9.1 mirrors:v0.9.0 mirrors:v0.8.7 mirrors:v0.8.6 mirrors:v0.8.5 mirrors:v0.8.4 mirrors:v0.8.3 mirrors:v0.8.2 mirrors:v0.8.1 mirrors:v0.8.0 mirrors:v0.7.7 mirrors:v0.7.6 mirrors:v0.7.5 mirrors:v0.7.4 mirrors:v0.7.3 mirrors:v0.7.2 mirrors:v0.7.1 mirrors:v0.7.0 mirrors:v0.6.2 mirrors:v0.6.1 mirrors:v0.6.0 mirrors:v0.5.4 mirrors:v0.5.3 mirrors:v0.5.2 mirrors:v0.5.1 mirrors:v0.5.0 mirrors:v0.4.3 mirrors:v0.4.2 mirrors:v0.4.1 mirrors:v0.4.0 mirrors:v0.3.8 mirrors:v0.3.7 mirrors:v0.3.6 mirrors:v0.3.5 mirrors:v0.3.4 mirrors:v0.3.3 mirrors:v0.3.2 mirrors:v0.3.1 mirrors:v0.3.0 mirrors:v0.2.0 mirrors:v0.1.1 mirrors:v0.1.0

9 Commits
copilot/ad ... v0.11.11

Author SHA1 Message Date
samanhappy
b279a1a62c chore: update mcp sdk dependencies to latest versions (#546) 2026-01-01 22:41:46 +08:00
dependabot[bot]
760cc462b9 chore(deps-dev): bump tsx from 4.20.5 to 4.21.0 (#541) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 22:01:13 +08:00
dependabot[bot]
431bc8f6f8 chore(deps-dev): bump next from 15.5.9 to 16.1.1 (#543) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 22:00:51 +08:00
dependabot[bot]
fb6af75f5b chore(deps-dev): bump ts-jest from 29.4.1 to 29.4.6 (#540) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 22:00:17 +08:00
dependabot[bot]
33b440973f chore(deps): bump axios from 1.13.1 to 1.13.2 (#544) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 21:59:57 +08:00
dependabot[bot]
2d248e953e chore(deps): bump dotenv from 16.6.1 to 17.2.3 (#542) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 21:59:38 +08:00
samanhappy
d36c6ac5ad fix: rename DATABASE_URL to DB_URL for consistency across configurations (#545) 2026-01-01 21:58:11 +08:00
Zhyim
0be6c36e12 feat: implement pagination for server list with customizable items pe… (#534) 2026-01-01 13:36:09 +08:00
samanhappy
7f2fca9636 feat: add proxy configuration support for STDIO servers on Linux and macOS (#537) 2026-01-01 12:45:50 +08:00
50 changed files with 1301 additions and 1927 deletions
Expand all files Collapse all files

2
.github/workflows/ci.yml vendored
View File

@@ -106,7 +106,7 @@ jobs:
# - name: Run integration tests # - name: Run integration tests
# run: | # run: |
# export DATABASE_URL="postgresql://postgres:postgres@localhost:5432/mcphub_test" # export DB_URL="postgresql://postgres:postgres@localhost:5432/mcphub_test"
# node test-integration.ts # node test-integration.ts
# env: # env:
# NODE_ENV: test # NODE_ENV: test

6
docs/configuration/docker-setup.mdx
View File

@@ -106,7 +106,7 @@ services:
- NODE_ENV=production - NODE_ENV=production
- PORT=3000 - PORT=3000
- JWT_SECRET=${JWT_SECRET:-your-jwt-secret} - JWT_SECRET=${JWT_SECRET:-your-jwt-secret}
- DATABASE_URL=postgresql://mcphub:password@postgres:5432/mcphub - DB_URL=postgresql://mcphub:password@postgres:5432/mcphub
volumes: volumes:
- ./mcp_settings.json:/app/mcp_settings.json:ro - ./mcp_settings.json:/app/mcp_settings.json:ro
- ./servers.json:/app/servers.json:ro - ./servers.json:/app/servers.json:ro
@@ -180,7 +180,7 @@ services:
- PORT=3000 - PORT=3000
- JWT_SECRET=${JWT_SECRET} - JWT_SECRET=${JWT_SECRET}
- JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-24h} - JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-24h}
- DATABASE_URL=postgresql://mcphub:${POSTGRES_PASSWORD}@postgres:5432/mcphub - DB_URL=postgresql://mcphub:${POSTGRES_PASSWORD}@postgres:5432/mcphub
- OPENAI_API_KEY=${OPENAI_API_KEY} - OPENAI_API_KEY=${OPENAI_API_KEY}
- REDIS_URL=redis://redis:6379 - REDIS_URL=redis://redis:6379
volumes: volumes:
@@ -293,7 +293,7 @@ services:
environment: environment:
- NODE_ENV=development - NODE_ENV=development
- PORT=3000 - PORT=3000
- DATABASE_URL=postgresql://mcphub:password@postgres:5432/mcphub - DB_URL=postgresql://mcphub:password@postgres:5432/mcphub
volumes: volumes:
- .:/app - .:/app
- /app/node_modules - /app/node_modules

86
docs/configuration/mcp-settings.mdx
View File

@@ -259,6 +259,92 @@ MCPHub supports environment variable substitution using `${VAR_NAME}` syntax:
} }
``` ```
### Proxy Configuration (proxychains4)
MCPHub supports routing STDIO server network traffic through a proxy using **proxychains4**. This feature is available on **Linux and macOS only** (Windows is not supported).
<Note>
To use this feature, you must have `proxychains4` installed on your system:
- **Debian/Ubuntu**: `apt install proxychains4`
- **macOS**: `brew install proxychains-ng`
- **Arch Linux**: `pacman -S proxychains-ng`
</Note>
#### Basic Proxy Configuration
```json
{
"mcpServers": {
"fetch-via-proxy": {
"command": "uvx",
"args": ["mcp-server-fetch"],
"proxy": {
"enabled": true,
"type": "socks5",
"host": "127.0.0.1",
"port": 1080
}
}
}
}
```
#### Proxy Configuration Options
| Field | Type | Default | Description |
| ------------ | ------- | --------- | ------------------------------------------------ |
| `enabled` | boolean | `false` | Enable/disable proxy routing |
| `type` | string | `socks5` | Proxy protocol: `socks4`, `socks5`, or `http` |
| `host` | string | - | Proxy server hostname or IP address |
| `port` | number | - | Proxy server port |
| `username` | string | - | Proxy authentication username (optional) |
| `password` | string | - | Proxy authentication password (optional) |
| `configPath` | string | - | Path to custom proxychains4 config file |
#### Proxy with Authentication
```json
{
"mcpServers": {
"secure-server": {
"command": "npx",
"args": ["-y", "@example/mcp-server"],
"proxy": {
"enabled": true,
"type": "http",
"host": "proxy.example.com",
"port": 8080,
"username": "${PROXY_USER}",
"password": "${PROXY_PASSWORD}"
}
}
}
}
```
#### Using Custom proxychains4 Configuration
For advanced use cases, you can provide your own proxychains4 configuration file:
```json
{
"mcpServers": {
"custom-proxy-server": {
"command": "python",
"args": ["-m", "custom_mcp_server"],
"proxy": {
"enabled": true,
"configPath": "/etc/proxychains4/custom.conf"
}
}
}
}
```
<Tip>
When `configPath` is specified, all other proxy settings (`type`, `host`, `port`, etc.) are ignored, and the custom configuration file is used directly.
</Tip>
{/* ### Custom Server Scripts {/* ### Custom Server Scripts
#### Local Python Server #### Local Python Server

2
docs/development/getting-started.mdx
View File

@@ -47,7 +47,7 @@ PORT=3000
NODE_ENV=development NODE_ENV=development
# Database Configuration # Database Configuration
DATABASE_URL=postgresql://username:password@localhost:5432/mcphub DB_URL=postgresql://username:password@localhost:5432/mcphub
# JWT Configuration # JWT Configuration
JWT_SECRET=your-secret-key JWT_SECRET=your-secret-key

16
docs/features/smart-routing.mdx
View File

@@ -69,7 +69,7 @@ Smart Routing requires additional setup compared to basic MCPHub usage:
ports: ports:
- "3000:3000" - "3000:3000"
environment: environment:
- DATABASE_URL=postgresql://mcphub:password@postgres:5432/mcphub - DB_URL=postgresql://mcphub:password@postgres:5432/mcphub
- OPENAI_API_KEY=your_openai_api_key - OPENAI_API_KEY=your_openai_api_key
- ENABLE_SMART_ROUTING=true - ENABLE_SMART_ROUTING=true
depends_on: depends_on:
@@ -114,7 +114,7 @@ Smart Routing requires additional setup compared to basic MCPHub usage:
2. **Set Environment Variables**: 2. **Set Environment Variables**:
```bash ```bash
export DATABASE_URL="postgresql://mcphub:your_password@localhost:5432/mcphub" export DB_URL="postgresql://mcphub:your_password@localhost:5432/mcphub"
export OPENAI_API_KEY="your_openai_api_key" export OPENAI_API_KEY="your_openai_api_key"
export ENABLE_SMART_ROUTING="true" export ENABLE_SMART_ROUTING="true"
``` ```
@@ -178,7 +178,7 @@ Smart Routing requires additional setup compared to basic MCPHub usage:
- name: mcphub - name: mcphub
image: samanhappy/mcphub:latest image: samanhappy/mcphub:latest
env: env:
- name: DATABASE_URL - name: DB_URL
value: "postgresql://mcphub:password@postgres:5432/mcphub" value: "postgresql://mcphub:password@postgres:5432/mcphub"
- name: OPENAI_API_KEY - name: OPENAI_API_KEY
valueFrom: valueFrom:
@@ -202,7 +202,7 @@ Configure Smart Routing with these environment variables:
```bash ```bash
# Required # Required
DATABASE_URL=postgresql://user:password@host:5432/database DB_URL=postgresql://user:password@host:5432/database
OPENAI_API_KEY=your_openai_api_key OPENAI_API_KEY=your_openai_api_key
# Optional # Optional
@@ -219,10 +219,10 @@ EMBEDDING_BATCH_SIZE=100
<Accordion title="Database Configuration"> <Accordion title="Database Configuration">
```bash ```bash
# Full PostgreSQL connection string # Full PostgreSQL connection string
DATABASE_URL=postgresql://username:password@host:port/database?schema=public DB_URL=postgresql://username:password@host:port/database?schema=public
# SSL configuration for cloud databases # SSL configuration for cloud databases
DATABASE_URL=postgresql://user:pass@host:5432/db?sslmode=require DB_URL=postgresql://user:pass@host:5432/db?sslmode=require
# Connection pool settings # Connection pool settings
DATABASE_POOL_SIZE=20 DATABASE_POOL_SIZE=20
@@ -673,11 +673,11 @@ curl -X POST http://localhost:3000/api/smart-routing/feedback \
**Solutions:** **Solutions:**
1. Verify PostgreSQL is running 1. Verify PostgreSQL is running
2. Check DATABASE_URL format 2. Check DB_URL format
3. Ensure pgvector extension is installed 3. Ensure pgvector extension is installed
4. Test connection manually: 4. Test connection manually:
```bash ```bash
psql $DATABASE_URL -c "SELECT 1;" psql $DB_URL -c "SELECT 1;"
``` ```
</Accordion> </Accordion>

6
docs/installation.mdx
View File

@@ -445,7 +445,7 @@ Set the following environment variables:
```bash ```bash
# Database connection # Database connection
DATABASE_URL=postgresql://mcphub:your_password@localhost:5432/mcphub DB_URL=postgresql://mcphub:your_password@localhost:5432/mcphub
# OpenAI API for embeddings # OpenAI API for embeddings
OPENAI_API_KEY=your_openai_api_key OPENAI_API_KEY=your_openai_api_key
@@ -563,10 +563,10 @@ curl -X POST http://localhost:3000/mcp \
**Database connection failed:** **Database connection failed:**
```bash ```bash
# Test database connection # Test database connection
psql $DATABASE_URL -c "SELECT 1;" psql $DB_URL -c "SELECT 1;"
# Check if pgvector is installed # Check if pgvector is installed
psql $DATABASE_URL -c "CREATE EXTENSION IF NOT EXISTS vector;" psql $DB_URL -c "CREATE EXTENSION IF NOT EXISTS vector;"
``` ```
**Embedding service errors:** **Embedding service errors:**

6
docs/zh/configuration/docker-setup.mdx
View File

@@ -106,7 +106,7 @@ services:
- NODE_ENV=production - NODE_ENV=production
- PORT=3000 - PORT=3000
- JWT_SECRET=${JWT_SECRET:-your-jwt-secret} - JWT_SECRET=${JWT_SECRET:-your-jwt-secret}
- DATABASE_URL=postgresql://mcphub:password@postgres:5432/mcphub - DB_URL=postgresql://mcphub:password@postgres:5432/mcphub
volumes: volumes:
- ./mcp_settings.json:/app/mcp_settings.json:ro - ./mcp_settings.json:/app/mcp_settings.json:ro
- ./servers.json:/app/servers.json:ro - ./servers.json:/app/servers.json:ro
@@ -180,7 +180,7 @@ services:
- PORT=3000 - PORT=3000
- JWT_SECRET=${JWT_SECRET} - JWT_SECRET=${JWT_SECRET}
- JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-24h} - JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-24h}
- DATABASE_URL=postgresql://mcphub:${POSTGRES_PASSWORD}@postgres:5432/mcphub - DB_URL=postgresql://mcphub:${POSTGRES_PASSWORD}@postgres:5432/mcphub
- OPENAI_API_KEY=${OPENAI_API_KEY} - OPENAI_API_KEY=${OPENAI_API_KEY}
- REDIS_URL=redis://redis:6379 - REDIS_URL=redis://redis:6379
volumes: volumes:
@@ -293,7 +293,7 @@ services:
environment: environment:
- NODE_ENV=development - NODE_ENV=development
- PORT=3000 - PORT=3000
- DATABASE_URL=postgresql://mcphub:password@postgres:5432/mcphub - DB_URL=postgresql://mcphub:password@postgres:5432/mcphub
volumes: volumes:
- .:/app - .:/app
- /app/node_modules - /app/node_modules

2
docs/zh/configuration/mcp-settings.mdx
View File

@@ -290,7 +290,7 @@ MCPHub 支持使用 `${VAR_NAME}` 语法进行环境变量替换:
"command": "python", "command": "python",
"args": ["-m", "db_server"], "args": ["-m", "db_server"],
"env": { "env": {
"DB_URL": "${NODE_ENV:development == 'production' ? DATABASE_URL : DEV_DATABASE_URL}" "DB_URL": "${NODE_ENV:development == 'production' ? DB_URL : DEV_DB_URL}"
} }
} }
} }

2
docs/zh/development/getting-started.mdx
View File

@@ -47,7 +47,7 @@ PORT=3000
NODE_ENV=development NODE_ENV=development
# 数据库配置 # 数据库配置
DATABASE_URL=postgresql://username:password@localhost:5432/mcphub DB_URL=postgresql://username:password@localhost:5432/mcphub
# JWT 配置 # JWT 配置
JWT_SECRET=your-secret-key JWT_SECRET=your-secret-key

4
docs/zh/essentials/code.mdx
View File

@@ -480,7 +480,7 @@ docker run -d \
--name mcphub \ --name mcphub \
-p 3000:3000 \ -p 3000:3000 \
-e NODE_ENV=production \ -e NODE_ENV=production \
-e DATABASE_URL=postgresql://user:pass@host:5432/mcphub \ -e DB_URL=postgresql://user:pass@host:5432/mcphub \
-e JWT_SECRET=your-secret-key \ -e JWT_SECRET=your-secret-key \
mcphub/server:latest mcphub/server:latest
@@ -504,7 +504,7 @@ docker run -d \
--name mcphub \ --name mcphub \
-p 3000:3000 \ -p 3000:3000 \
-e NODE_ENV=production \ -e NODE_ENV=production \
-e DATABASE_URL=postgresql://user:pass@host:5432/mcphub \ -e DB_URL=postgresql://user:pass@host:5432/mcphub \
-e JWT_SECRET=your-secret-key \ -e JWT_SECRET=your-secret-key \
mcphub/server:latest mcphub/server:latest

4
docs/zh/essentials/markdown.mdx
View File

@@ -159,7 +159,7 @@ services:
- '3000:3000' - '3000:3000'
environment: environment:
- NODE_ENV=production - NODE_ENV=production
- DATABASE_URL=postgresql://user:pass@db:5432/mcphub - DB_URL=postgresql://user:pass@db:5432/mcphub
``` ```
```` ````
@@ -172,7 +172,7 @@ services:
- '3000:3000' - '3000:3000'
environment: environment:
- NODE_ENV=production - NODE_ENV=production
- DATABASE_URL=postgresql://user:pass@db:5432/mcphub - DB_URL=postgresql://user:pass@db:5432/mcphub
``` ```
### 终端命令 ### 终端命令

4
docs/zh/features/smart-routing.mdx
View File

@@ -245,11 +245,11 @@ curl -X POST http://localhost:3000/api/smart-routing/feedback \
**解决方案:** **解决方案:**
1. 验证 PostgreSQL 是否正在运行 1. 验证 PostgreSQL 是否正在运行
2. 检查 DATABASE_URL 格式 2. 检查 DB_URL 格式
3. 确保安装了 pgvector 扩展 3. 确保安装了 pgvector 扩展
4. 手动测试连接: 4. 手动测试连接:
```bash ```bash
psql $DATABASE_URL -c "SELECT 1;" psql $DB_URL -c "SELECT 1;"
``` ```
</Accordion> </Accordion>

6
docs/zh/installation.mdx
View File

@@ -420,7 +420,7 @@ description: '各种平台的详细安装说明'
```bash ```bash
# 数据库连接 # 数据库连接
DATABASE_URL=postgresql://mcphub:your_password@localhost:5432/mcphub DB_URL=postgresql://mcphub:your_password@localhost:5432/mcphub
# 用于嵌入的 OpenAI API # 用于嵌入的 OpenAI API
OPENAI_API_KEY=your_openai_api_key OPENAI_API_KEY=your_openai_api_key
@@ -538,10 +538,10 @@ curl -X POST http://localhost:3000/mcp \
**数据库连接失败:** **数据库连接失败:**
```bash ```bash
# 测试数据库连接 # 测试数据库连接
psql $DATABASE_URL -c "SELECT 1;" psql $DB_URL -c "SELECT 1;"
# 检查是否安装了 pgvector # 检查是否安装了 pgvector
psql $DATABASE_URL -c "CREATE EXTENSION IF NOT EXISTS vector;" psql $DB_URL -c "CREATE EXTENSION IF NOT EXISTS vector;"
``` ```
**嵌入服务错误:** **嵌入服务错误:**

50
examples/mcp_settings_with_env_vars.json
View File

@@ -28,7 +28,48 @@
"env": { "env": {
"API_KEY": "${MY_API_KEY}", "API_KEY": "${MY_API_KEY}",
"DEBUG": "${DEBUG_MODE}", "DEBUG": "${DEBUG_MODE}",
"DATABASE_URL": "${DATABASE_URL}" "DB_URL": "${DB_URL}"
}
},
"example-stdio-with-proxy": {
"type": "stdio",
"command": "uvx",
"args": [
"mcp-server-fetch"
],
"proxy": {
"enabled": true,
"type": "socks5",
"host": "${PROXY_HOST}",
"port": 1080
}
},
"example-stdio-with-auth-proxy": {
"type": "stdio",
"command": "npx",
"args": [
"-y",
"@example/mcp-server"
],
"proxy": {
"enabled": true,
"type": "http",
"host": "${HTTP_PROXY_HOST}",
"port": 8080,
"username": "${PROXY_USERNAME}",
"password": "${PROXY_PASSWORD}"
}
},
"example-stdio-with-custom-proxy-config": {
"type": "stdio",
"command": "python",
"args": [
"-m",
"custom_mcp_server"
],
"proxy": {
"enabled": true,
"configPath": "/etc/proxychains4/custom.conf"
} }
}, },
"example-openapi-server": { "example-openapi-server": {
@@ -55,7 +96,10 @@
"clientId": "${OAUTH_CLIENT_ID}", "clientId": "${OAUTH_CLIENT_ID}",
"clientSecret": "${OAUTH_CLIENT_SECRET}", "clientSecret": "${OAUTH_CLIENT_SECRET}",
"accessToken": "${OAUTH_ACCESS_TOKEN}", "accessToken": "${OAUTH_ACCESS_TOKEN}",
"scopes": ["read", "write"] "scopes": [
"read",
"write"
]
} }
} }
}, },
@@ -77,4 +121,4 @@
"baseUrl": "${MCPROUTER_BASE_URL}" "baseUrl": "${MCPROUTER_BASE_URL}"
} }
} }
} }

2
frontend/src/App.tsx
View File

@@ -8,7 +8,6 @@ import { SettingsProvider } from './contexts/SettingsContext';
import MainLayout from './layouts/MainLayout'; import MainLayout from './layouts/MainLayout';
import ProtectedRoute from './components/ProtectedRoute'; import ProtectedRoute from './components/ProtectedRoute';
import LoginPage from './pages/LoginPage'; import LoginPage from './pages/LoginPage';
import OAuthCallbackPage from './pages/OAuthCallbackPage';
import DashboardPage from './pages/Dashboard'; import DashboardPage from './pages/Dashboard';
import ServersPage from './pages/ServersPage'; import ServersPage from './pages/ServersPage';
import GroupsPage from './pages/GroupsPage'; import GroupsPage from './pages/GroupsPage';
@@ -36,7 +35,6 @@ function App() {
<Routes> <Routes>
{/* 公共路由 */} {/* 公共路由 */}
<Route path="/login" element={<LoginPage />} /> <Route path="/login" element={<LoginPage />} />
<Route path="/oauth-callback" element={<OAuthCallbackPage />} />
{/* 受保护的路由,使用 MainLayout 作为布局容器 */} {/* 受保护的路由,使用 MainLayout 作为布局容器 */}
<Route element={<ProtectedRoute />}> <Route element={<ProtectedRoute />}>

194
frontend/src/components/GroupCard.tsx
View File

@@ -1,99 +1,103 @@
import { useState, useRef, useEffect } from 'react' import { useState, useRef, useEffect } from 'react';
import { useTranslation } from 'react-i18next' import { useTranslation } from 'react-i18next';
import { Group, Server, IGroupServerConfig } from '@/types' import { Group, Server, IGroupServerConfig } from '@/types';
import { Edit, Trash, Copy, Check, Link, FileCode, DropdownIcon, Wrench } from '@/components/icons/LucideIcons' import {
import DeleteDialog from '@/components/ui/DeleteDialog' Edit,
import { useToast } from '@/contexts/ToastContext' Trash,
import { useSettingsData } from '@/hooks/useSettingsData' Copy,
Check,
Link,
FileCode,
DropdownIcon,
Wrench,
} from '@/components/icons/LucideIcons';
import DeleteDialog from '@/components/ui/DeleteDialog';
import { useToast } from '@/contexts/ToastContext';
import { useSettingsData } from '@/hooks/useSettingsData';
interface GroupCardProps { interface GroupCardProps {
group: Group group: Group;
servers: Server[] servers: Server[];
onEdit: (group: Group) => void onEdit: (group: Group) => void;
onDelete: (groupId: string) => void onDelete: (groupId: string) => void;
} }
const GroupCard = ({ const GroupCard = ({ group, servers, onEdit, onDelete }: GroupCardProps) => {
group, const { t } = useTranslation();
servers, const { showToast } = useToast();
onEdit, const { installConfig } = useSettingsData();
onDelete const [showDeleteDialog, setShowDeleteDialog] = useState(false);
}: GroupCardProps) => { const [copied, setCopied] = useState(false);
const { t } = useTranslation() const [showCopyDropdown, setShowCopyDropdown] = useState(false);
const { showToast } = useToast() const [expandedServer, setExpandedServer] = useState<string | null>(null);
const { installConfig } = useSettingsData() const dropdownRef = useRef<HTMLDivElement>(null);
const [showDeleteDialog, setShowDeleteDialog] = useState(false)
const [copied, setCopied] = useState(false)
const [showCopyDropdown, setShowCopyDropdown] = useState(false)
const [expandedServer, setExpandedServer] = useState<string | null>(null)
const dropdownRef = useRef<HTMLDivElement>(null)
// Close dropdown when clicking outside // Close dropdown when clicking outside
useEffect(() => { useEffect(() => {
const handleClickOutside = (event: MouseEvent) => { const handleClickOutside = (event: MouseEvent) => {
if (dropdownRef.current && !dropdownRef.current.contains(event.target as Node)) { if (dropdownRef.current && !dropdownRef.current.contains(event.target as Node)) {
setShowCopyDropdown(false) setShowCopyDropdown(false);
} }
} };
document.addEventListener('mousedown', handleClickOutside) document.addEventListener('mousedown', handleClickOutside);
return () => { return () => {
document.removeEventListener('mousedown', handleClickOutside) document.removeEventListener('mousedown', handleClickOutside);
} };
}, []) }, []);
const handleEdit = () => { const handleEdit = () => {
onEdit(group) onEdit(group);
} };
const handleDelete = () => { const handleDelete = () => {
setShowDeleteDialog(true) setShowDeleteDialog(true);
} };
const handleConfirmDelete = () => { const handleConfirmDelete = () => {
onDelete(group.id) onDelete(group.id);
setShowDeleteDialog(false) setShowDeleteDialog(false);
} };
const copyToClipboard = (text: string) => { const copyToClipboard = (text: string) => {
if (navigator.clipboard && window.isSecureContext) { if (navigator.clipboard && window.isSecureContext) {
navigator.clipboard.writeText(text).then(() => { navigator.clipboard.writeText(text).then(() => {
setCopied(true) setCopied(true);
setShowCopyDropdown(false) setShowCopyDropdown(false);
showToast(t('common.copySuccess'), 'success') showToast(t('common.copySuccess'), 'success');
setTimeout(() => setCopied(false), 2000) setTimeout(() => setCopied(false), 2000);
}) });
} else { } else {
// Fallback for HTTP or unsupported clipboard API // Fallback for HTTP or unsupported clipboard API
const textArea = document.createElement('textarea') const textArea = document.createElement('textarea');
textArea.value = text textArea.value = text;
// Avoid scrolling to bottom // Avoid scrolling to bottom
textArea.style.position = 'fixed' textArea.style.position = 'fixed';
textArea.style.left = '-9999px' textArea.style.left = '-9999px';
document.body.appendChild(textArea) document.body.appendChild(textArea);
textArea.focus() textArea.focus();
textArea.select() textArea.select();
try { try {
document.execCommand('copy') document.execCommand('copy');
setCopied(true) setCopied(true);
setShowCopyDropdown(false) setShowCopyDropdown(false);
showToast(t('common.copySuccess'), 'success') showToast(t('common.copySuccess'), 'success');
setTimeout(() => setCopied(false), 2000) setTimeout(() => setCopied(false), 2000);
} catch (err) { } catch (err) {
showToast(t('common.copyFailed') || 'Copy failed', 'error') showToast(t('common.copyFailed') || 'Copy failed', 'error');
console.error('Copy to clipboard failed:', err) console.error('Copy to clipboard failed:', err);
} }
document.body.removeChild(textArea) document.body.removeChild(textArea);
} }
} };
const handleCopyId = () => { const handleCopyId = () => {
copyToClipboard(group.id) copyToClipboard(group.id);
} };
const handleCopyUrl = () => { const handleCopyUrl = () => {
copyToClipboard(`${installConfig.baseUrl}/mcp/${group.id}`) copyToClipboard(`${installConfig.baseUrl}/mcp/${group.id}`);
} };
const handleCopyJson = () => { const handleCopyJson = () => {
const jsonConfig = { const jsonConfig = {
@@ -101,23 +105,23 @@ const GroupCard = ({
mcphub: { mcphub: {
url: `${installConfig.baseUrl}/mcp/${group.id}`, url: `${installConfig.baseUrl}/mcp/${group.id}`,
headers: { headers: {
Authorization: "Bearer <your-access-token>" Authorization: 'Bearer <your-access-token>',
} },
} },
} },
} };
copyToClipboard(JSON.stringify(jsonConfig, null, 2)) copyToClipboard(JSON.stringify(jsonConfig, null, 2));
} };
// Helper function to normalize group servers to get server names // Helper function to normalize group servers to get server names
const getServerNames = (servers: string[] | IGroupServerConfig[]): string[] => { const getServerNames = (servers: string[] | IGroupServerConfig[]): string[] => {
return servers.map(server => typeof server === 'string' ? server : server.name); return servers.map((server) => (typeof server === 'string' ? server : server.name));
}; };
// Helper function to get server configuration // Helper function to get server configuration
const getServerConfig = (serverName: string): IGroupServerConfig | undefined => { const getServerConfig = (serverName: string): IGroupServerConfig | undefined => {
const server = group.servers.find(s => const server = group.servers.find((s) =>
typeof s === 'string' ? s === serverName : s.name === serverName typeof s === 'string' ? s === serverName : s.name === serverName,
); );
if (typeof server === 'string') { if (typeof server === 'string') {
return { name: server, tools: 'all' }; return { name: server, tools: 'all' };
@@ -127,11 +131,11 @@ const GroupCard = ({
// Get servers that belong to this group // Get servers that belong to this group
const serverNames = getServerNames(group.servers); const serverNames = getServerNames(group.servers);
const groupServers = servers.filter(server => serverNames.includes(server.name)); const groupServers = servers.filter((server) => serverNames.includes(server.name));
return ( return (
<div className="bg-white shadow rounded-lg p-6 "> <div className="bg-white shadow rounded-lg p-4">
<div className="flex justify-between items-center mb-4"> <div className="flex justify-between items-center">
<div> <div>
<div className="flex items-center"> <div className="flex items-center">
<h2 className="text-xl font-semibold text-gray-800">{group.name}</h2> <h2 className="text-xl font-semibold text-gray-800">{group.name}</h2>
@@ -175,9 +179,7 @@ const GroupCard = ({
</div> </div>
</div> </div>
</div> </div>
{group.description && ( {group.description && <p className="text-gray-600 text-sm mt-1">{group.description}</p>}
<p className="text-gray-600 text-sm mt-1">{group.description}</p>
)}
</div> </div>
<div className="flex items-center space-x-3"> <div className="flex items-center space-x-3">
<div className="bg-blue-50 text-blue-700 px-3 py-1 rounded-full text-sm btn-secondary"> <div className="bg-blue-50 text-blue-700 px-3 py-1 rounded-full text-sm btn-secondary">
@@ -200,17 +202,19 @@ const GroupCard = ({
</div> </div>
</div> </div>
<div className="mt-4"> <div className="">
{groupServers.length === 0 ? ( {groupServers.length === 0 ? (
<p className="text-gray-500 italic">{t('groups.noServers')}</p> <p className="text-gray-500 italic">{t('groups.noServers')}</p>
) : ( ) : (
<div className="flex flex-wrap gap-2"> <div className="flex flex-wrap gap-2">
{groupServers.map(server => { {groupServers.map((server) => {
const serverConfig = getServerConfig(server.name); const serverConfig = getServerConfig(server.name);
const hasToolRestrictions = serverConfig && serverConfig.tools !== 'all' && Array.isArray(serverConfig.tools); const hasToolRestrictions =
const toolCount = hasToolRestrictions && Array.isArray(serverConfig?.tools) serverConfig && serverConfig.tools !== 'all' && Array.isArray(serverConfig.tools);
? serverConfig.tools.length const toolCount =
: (server.tools?.length || 0); // Show total tool count when all tools are selected hasToolRestrictions && Array.isArray(serverConfig?.tools)
? serverConfig.tools.length
: server.tools?.length || 0; // Show total tool count when all tools are selected
const isExpanded = expandedServer === server.name; const isExpanded = expandedServer === server.name;
@@ -219,7 +223,7 @@ const GroupCard = ({
if (hasToolRestrictions && Array.isArray(serverConfig?.tools)) { if (hasToolRestrictions && Array.isArray(serverConfig?.tools)) {
return serverConfig.tools; return serverConfig.tools;
} else if (server.tools && server.tools.length > 0) { } else if (server.tools && server.tools.length > 0) {
return server.tools.map(tool => tool.name); return server.tools.map((tool) => tool.name);
} }
return []; return [];
}; };
@@ -235,9 +239,15 @@ const GroupCard = ({
onClick={handleServerClick} onClick={handleServerClick}
> >
<span className="font-medium text-gray-700 text-sm">{server.name}</span> <span className="font-medium text-gray-700 text-sm">{server.name}</span>
<span className={`inline-block h-2 w-2 rounded-full ${server.status === 'connected' ? 'bg-green-500' : <span
server.status === 'connecting' ? 'bg-yellow-500' : 'bg-red-500' className={`inline-block h-2 w-2 rounded-full ${
}`}></span> server.status === 'connected'
? 'bg-green-500'
: server.status === 'connecting'
? 'bg-yellow-500'
: 'bg-red-500'
}`}
></span>
{toolCount > 0 && ( {toolCount > 0 && (
<span className="text-xs text-blue-600 bg-blue-100 px-2 py-0.5 rounded flex items-center gap-1"> <span className="text-xs text-blue-600 bg-blue-100 px-2 py-0.5 rounded flex items-center gap-1">
<Wrench size={12} /> <Wrench size={12} />
@@ -278,7 +288,7 @@ const GroupCard = ({
isGroup={true} isGroup={true}
/> />
</div> </div>
) );
} };
export default GroupCard export default GroupCard;

21
frontend/src/components/ServerCard.tsx
View File

@@ -18,7 +18,14 @@ interface ServerCardProps {
onReload?: (server: Server) => Promise<boolean>; onReload?: (server: Server) => Promise<boolean>;
} }
const ServerCard = ({ server, onRemove, onEdit, onToggle, onRefresh, onReload }: ServerCardProps) => { const ServerCard = ({
server,
onRemove,
onEdit,
onToggle,
onRefresh,
onReload,
}: ServerCardProps) => {
const { t } = useTranslation(); const { t } = useTranslation();
const { showToast } = useToast(); const { showToast } = useToast();
const [isExpanded, setIsExpanded] = useState(false); const [isExpanded, setIsExpanded] = useState(false);
@@ -232,10 +239,10 @@ const ServerCard = ({ server, onRemove, onEdit, onToggle, onRefresh, onReload }:
return ( return (
<> <>
<div <div
className={`bg-white shadow rounded-lg p-6 mb-6 page-card transition-all duration-200 ${server.enabled === false ? 'opacity-60' : ''}`} className={`bg-white shadow rounded-lg mb-6 page-card transition-all duration-200 ${server.enabled === false ? 'opacity-60' : ''}`}
> >
<div <div
className="flex justify-between items-center cursor-pointer" className="flex justify-between items-center cursor-pointer p-4"
onClick={() => setIsExpanded(!isExpanded)} onClick={() => setIsExpanded(!isExpanded)}
> >
<div className="flex items-center space-x-3"> <div className="flex items-center space-x-3">
@@ -385,9 +392,9 @@ const ServerCard = ({ server, onRemove, onEdit, onToggle, onRefresh, onReload }:
{isExpanded && ( {isExpanded && (
<> <>
{server.tools && ( {server.tools && (
<div className="mt-6"> <div className="px-4">
<h6 <h6
className={`font-medium ${server.enabled === false ? 'text-gray-600' : 'text-gray-900'} mb-4`} className={`font-medium ${server.enabled === false ? 'text-gray-600' : 'text-gray-900'} mb-2`}
> >
{t('server.tools')} {t('server.tools')}
</h6> </h6>
@@ -405,9 +412,9 @@ const ServerCard = ({ server, onRemove, onEdit, onToggle, onRefresh, onReload }:
)} )}
{server.prompts && ( {server.prompts && (
<div className="mt-6"> <div className="px-4 pb-2">
<h6 <h6
className={`font-medium ${server.enabled === false ? 'text-gray-600' : 'text-gray-900'} mb-4`} className={`font-medium ${server.enabled === false ? 'text-gray-600' : 'text-gray-900'}`}
> >
{t('server.prompts')} {t('server.prompts')}
</h6> </h6>

18
frontend/src/components/ui/Pagination.tsx
View File

@@ -1,16 +1,20 @@
import React from 'react'; import React from 'react';
import { useTranslation } from 'react-i18next';
interface PaginationProps { interface PaginationProps {
currentPage: number; currentPage: number;
totalPages: number; totalPages: number;
onPageChange: (page: number) => void; onPageChange: (page: number) => void;
disabled?: boolean;
} }
const Pagination: React.FC<PaginationProps> = ({ const Pagination: React.FC<PaginationProps> = ({
currentPage, currentPage,
totalPages, totalPages,
onPageChange onPageChange,
disabled = false
}) => { }) => {
const { t } = useTranslation();
// Generate page buttons // Generate page buttons
const getPageButtons = () => { const getPageButtons = () => {
const buttons = []; const buttons = [];
@@ -95,26 +99,26 @@ const Pagination: React.FC<PaginationProps> = ({
<div className="flex justify-center items-center my-6"> <div className="flex justify-center items-center my-6">
<button <button
onClick={() => onPageChange(Math.max(1, currentPage - 1))} onClick={() => onPageChange(Math.max(1, currentPage - 1))}
disabled={currentPage === 1} disabled={disabled || currentPage === 1}
className={`px-3 py-1 rounded mr-2 ${currentPage === 1 className={`px-3 py-1 rounded mr-2 ${disabled || currentPage === 1
? 'bg-gray-100 text-gray-400 cursor-not-allowed' ? 'bg-gray-100 text-gray-400 cursor-not-allowed'
: 'bg-gray-200 hover:bg-gray-300 text-gray-700 btn-secondary' : 'bg-gray-200 hover:bg-gray-300 text-gray-700 btn-secondary'
}`} }`}
> >
&laquo; Prev &laquo; {t('common.previous')}
</button> </button>
<div className="flex">{getPageButtons()}</div> <div className="flex">{getPageButtons()}</div>
<button <button
onClick={() => onPageChange(Math.min(totalPages, currentPage + 1))} onClick={() => onPageChange(Math.min(totalPages, currentPage + 1))}
disabled={currentPage === totalPages} disabled={disabled || currentPage === totalPages}
className={`px-3 py-1 rounded ml-2 ${currentPage === totalPages className={`px-3 py-1 rounded ml-2 ${disabled || currentPage === totalPages
? 'bg-gray-100 text-gray-400 cursor-not-allowed' ? 'bg-gray-100 text-gray-400 cursor-not-allowed'
: 'bg-gray-200 hover:bg-gray-300 text-gray-700 btn-secondary' : 'bg-gray-200 hover:bg-gray-300 text-gray-700 btn-secondary'
}`} }`}
> >
Next &raquo; {t('common.next')} &raquo;
</button> </button>
</div> </div>
); );

4
frontend/src/components/ui/PromptCard.tsx
View File

@@ -171,9 +171,9 @@ const PromptCard = ({ prompt, server, onToggle, onDescriptionUpdate }: PromptCar
}; };
return ( return (
<div className="bg-white border border-gray-200 shadow rounded-lg p-4 mb-4"> <div className="bg-white border border-gray-200 shadow rounded-lg mb-4">
<div <div
className="flex justify-between items-center cursor-pointer" className="flex justify-between items-center p-2 cursor-pointer"
onClick={() => setIsExpanded(!isExpanded)} onClick={() => setIsExpanded(!isExpanded)}
> >
<div className="flex-1"> <div className="flex-1">

259
frontend/src/components/ui/ToolCard.tsx
View File

@@ -1,19 +1,27 @@
import { useState, useCallback, useRef, useEffect } from 'react' import { useState, useCallback, useRef, useEffect } from 'react';
import { useTranslation } from 'react-i18next' import { useTranslation } from 'react-i18next';
import { Tool } from '@/types' import { Tool } from '@/types';
import { ChevronDown, ChevronRight, Play, Loader, Edit, Check, Copy } from '@/components/icons/LucideIcons' import {
import { callTool, ToolCallResult, updateToolDescription } from '@/services/toolService' ChevronDown,
import { useSettingsData } from '@/hooks/useSettingsData' ChevronRight,
import { useToast } from '@/contexts/ToastContext' Play,
import { Switch } from './ToggleGroup' Loader,
import DynamicForm from './DynamicForm' Edit,
import ToolResult from './ToolResult' Check,
Copy,
} from '@/components/icons/LucideIcons';
import { callTool, ToolCallResult, updateToolDescription } from '@/services/toolService';
import { useSettingsData } from '@/hooks/useSettingsData';
import { useToast } from '@/contexts/ToastContext';
import { Switch } from './ToggleGroup';
import DynamicForm from './DynamicForm';
import ToolResult from './ToolResult';
interface ToolCardProps { interface ToolCardProps {
server: string server: string;
tool: Tool tool: Tool;
onToggle?: (toolName: string, enabled: boolean) => void onToggle?: (toolName: string, enabled: boolean) => void;
onDescriptionUpdate?: (toolName: string, description: string) => void onDescriptionUpdate?: (toolName: string, description: string) => void;
} }
// Helper to check for "empty" values // Helper to check for "empty" values
@@ -26,165 +34,173 @@ function isEmptyValue(value: any): boolean {
} }
const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps) => { const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps) => {
const { t } = useTranslation() const { t } = useTranslation();
const { showToast } = useToast() const { showToast } = useToast();
const { nameSeparator } = useSettingsData() const { nameSeparator } = useSettingsData();
const [isExpanded, setIsExpanded] = useState(false) const [isExpanded, setIsExpanded] = useState(false);
const [showRunForm, setShowRunForm] = useState(false) const [showRunForm, setShowRunForm] = useState(false);
const [isRunning, setIsRunning] = useState(false) const [isRunning, setIsRunning] = useState(false);
const [result, setResult] = useState<ToolCallResult | null>(null) const [result, setResult] = useState<ToolCallResult | null>(null);
const [isEditingDescription, setIsEditingDescription] = useState(false) const [isEditingDescription, setIsEditingDescription] = useState(false);
const [customDescription, setCustomDescription] = useState(tool.description || '') const [customDescription, setCustomDescription] = useState(tool.description || '');
const descriptionInputRef = useRef<HTMLInputElement>(null) const descriptionInputRef = useRef<HTMLInputElement>(null);
const descriptionTextRef = useRef<HTMLSpanElement>(null) const descriptionTextRef = useRef<HTMLSpanElement>(null);
const [textWidth, setTextWidth] = useState<number>(0) const [textWidth, setTextWidth] = useState<number>(0);
const [copiedToolName, setCopiedToolName] = useState(false) const [copiedToolName, setCopiedToolName] = useState(false);
// Focus the input when editing mode is activated // Focus the input when editing mode is activated
useEffect(() => { useEffect(() => {
if (isEditingDescription && descriptionInputRef.current) { if (isEditingDescription && descriptionInputRef.current) {
descriptionInputRef.current.focus() descriptionInputRef.current.focus();
// Set input width to match text width // Set input width to match text width
if (textWidth > 0) { if (textWidth > 0) {
descriptionInputRef.current.style.width = `${textWidth + 20}px` // Add some padding descriptionInputRef.current.style.width = `${textWidth + 20}px`; // Add some padding
} }
} }
}, [isEditingDescription, textWidth]) }, [isEditingDescription, textWidth]);
// Measure text width when not editing // Measure text width when not editing
useEffect(() => { useEffect(() => {
if (!isEditingDescription && descriptionTextRef.current) { if (!isEditingDescription && descriptionTextRef.current) {
setTextWidth(descriptionTextRef.current.offsetWidth) setTextWidth(descriptionTextRef.current.offsetWidth);
} }
}, [isEditingDescription, customDescription]) }, [isEditingDescription, customDescription]);
// Generate a unique key for localStorage based on tool name and server // Generate a unique key for localStorage based on tool name and server
const getStorageKey = useCallback(() => { const getStorageKey = useCallback(() => {
return `mcphub_tool_form_${server ? `${server}_` : ''}${tool.name}` return `mcphub_tool_form_${server ? `${server}_` : ''}${tool.name}`;
}, [tool.name, server]) }, [tool.name, server]);
// Clear form data from localStorage // Clear form data from localStorage
const clearStoredFormData = useCallback(() => { const clearStoredFormData = useCallback(() => {
localStorage.removeItem(getStorageKey()) localStorage.removeItem(getStorageKey());
}, [getStorageKey]) }, [getStorageKey]);
const handleToggle = (enabled: boolean) => { const handleToggle = (enabled: boolean) => {
if (onToggle) { if (onToggle) {
onToggle(tool.name, enabled) onToggle(tool.name, enabled);
} }
} };
const handleDescriptionEdit = () => { const handleDescriptionEdit = () => {
setIsEditingDescription(true) setIsEditingDescription(true);
} };
const handleDescriptionSave = async () => { const handleDescriptionSave = async () => {
try { try {
const result = await updateToolDescription(server, tool.name, customDescription) const result = await updateToolDescription(server, tool.name, customDescription);
if (result.success) { if (result.success) {
setIsEditingDescription(false) setIsEditingDescription(false);
if (onDescriptionUpdate) { if (onDescriptionUpdate) {
onDescriptionUpdate(tool.name, customDescription) onDescriptionUpdate(tool.name, customDescription);
} }
} else { } else {
// Revert on error // Revert on error
setCustomDescription(tool.description || '') setCustomDescription(tool.description || '');
console.error('Failed to update tool description:', result.error) console.error('Failed to update tool description:', result.error);
} }
} catch (error) { } catch (error) {
console.error('Error updating tool description:', error) console.error('Error updating tool description:', error);
setCustomDescription(tool.description || '') setCustomDescription(tool.description || '');
setIsEditingDescription(false) setIsEditingDescription(false);
} }
} };
const handleDescriptionChange = (e: React.ChangeEvent<HTMLInputElement>) => { const handleDescriptionChange = (e: React.ChangeEvent<HTMLInputElement>) => {
setCustomDescription(e.target.value) setCustomDescription(e.target.value);
} };
const handleDescriptionKeyDown = (e: React.KeyboardEvent<HTMLInputElement>) => { const handleDescriptionKeyDown = (e: React.KeyboardEvent<HTMLInputElement>) => {
if (e.key === 'Enter') { if (e.key === 'Enter') {
handleDescriptionSave() handleDescriptionSave();
} else if (e.key === 'Escape') { } else if (e.key === 'Escape') {
setCustomDescription(tool.description || '') setCustomDescription(tool.description || '');
setIsEditingDescription(false) setIsEditingDescription(false);
} }
} };
const handleCopyToolName = async (e: React.MouseEvent) => { const handleCopyToolName = async (e: React.MouseEvent) => {
e.stopPropagation() e.stopPropagation();
try { try {
if (navigator.clipboard && window.isSecureContext) { if (navigator.clipboard && window.isSecureContext) {
await navigator.clipboard.writeText(tool.name) await navigator.clipboard.writeText(tool.name);
setCopiedToolName(true) setCopiedToolName(true);
showToast(t('common.copySuccess'), 'success') showToast(t('common.copySuccess'), 'success');
setTimeout(() => setCopiedToolName(false), 2000) setTimeout(() => setCopiedToolName(false), 2000);
} else { } else {
// Fallback for HTTP or unsupported clipboard API // Fallback for HTTP or unsupported clipboard API
const textArea = document.createElement('textarea') const textArea = document.createElement('textarea');
textArea.value = tool.name textArea.value = tool.name;
textArea.style.position = 'fixed' textArea.style.position = 'fixed';
textArea.style.left = '-9999px' textArea.style.left = '-9999px';
document.body.appendChild(textArea) document.body.appendChild(textArea);
textArea.focus() textArea.focus();
textArea.select() textArea.select();
try { try {
document.execCommand('copy') document.execCommand('copy');
setCopiedToolName(true) setCopiedToolName(true);
showToast(t('common.copySuccess'), 'success') showToast(t('common.copySuccess'), 'success');
setTimeout(() => setCopiedToolName(false), 2000) setTimeout(() => setCopiedToolName(false), 2000);
} catch (err) { } catch (err) {
showToast(t('common.copyFailed'), 'error') showToast(t('common.copyFailed'), 'error');
console.error('Copy to clipboard failed:', err) console.error('Copy to clipboard failed:', err);
} }
document.body.removeChild(textArea) document.body.removeChild(textArea);
} }
} catch (error) { } catch (error) {
showToast(t('common.copyFailed'), 'error') showToast(t('common.copyFailed'), 'error');
console.error('Copy to clipboard failed:', error) console.error('Copy to clipboard failed:', error);
} }
} };
const handleRunTool = async (arguments_: Record<string, any>) => { const handleRunTool = async (arguments_: Record<string, any>) => {
setIsRunning(true) setIsRunning(true);
try { try {
// filter empty values // filter empty values
arguments_ = Object.fromEntries(Object.entries(arguments_).filter(([_, v]) => !isEmptyValue(v))) arguments_ = Object.fromEntries(
const result = await callTool({ Object.entries(arguments_).filter(([_, v]) => !isEmptyValue(v)),
toolName: tool.name, );
arguments: arguments_, const result = await callTool(
}, server) {
toolName: tool.name,
arguments: arguments_,
},
server,
);
setResult(result) setResult(result);
// Clear form data on successful submission // Clear form data on successful submission
// clearStoredFormData() // clearStoredFormData()
} catch (error) { } catch (error) {
setResult({ setResult({
success: false, success: false,
error: error instanceof Error ? error.message : 'Unknown error occurred', error: error instanceof Error ? error.message : 'Unknown error occurred',
}) });
} finally { } finally {
setIsRunning(false) setIsRunning(false);
} }
} };
const handleCancelRun = () => { const handleCancelRun = () => {
setShowRunForm(false) setShowRunForm(false);
// Clear form data when cancelled // Clear form data when cancelled
clearStoredFormData() clearStoredFormData();
setResult(null) setResult(null);
} };
const handleCloseResult = () => { const handleCloseResult = () => {
setResult(null) setResult(null);
} };
return ( return (
<div className="bg-white border border-gray-200 shadow rounded-lg p-4 mb-4"> <div className="bg-white border border-gray-200 shadow rounded-lg mb-4">
<div <div
className="flex justify-between items-center cursor-pointer" className="flex justify-between items-center cursor-pointer p-2"
onClick={() => setIsExpanded(!isExpanded)} onClick={(e) => {
e.stopPropagation();
setIsExpanded(!isExpanded);
}}
> >
<div className="flex-1"> <div className="flex-1">
<h3 className="text-lg font-medium text-gray-900 inline-flex items-center"> <h3 className="text-lg font-medium text-gray-900 inline-flex items-center">
@@ -194,11 +210,7 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
onClick={handleCopyToolName} onClick={handleCopyToolName}
title={t('common.copy')} title={t('common.copy')}
> >
{copiedToolName ? ( {copiedToolName ? <Check size={16} className="text-green-500" /> : <Copy size={16} />}
<Check size={16} className="text-green-500" />
) : (
<Copy size={16} />
)}
</button> </button>
<span className="ml-2 text-sm font-normal text-gray-600 inline-flex items-center"> <span className="ml-2 text-sm font-normal text-gray-600 inline-flex items-center">
{isEditingDescription ? ( {isEditingDescription ? (
@@ -213,14 +225,14 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
onClick={(e) => e.stopPropagation()} onClick={(e) => e.stopPropagation()}
style={{ style={{
minWidth: '100px', minWidth: '100px',
width: textWidth > 0 ? `${textWidth + 20}px` : 'auto' width: textWidth > 0 ? `${textWidth + 20}px` : 'auto',
}} }}
/> />
<button <button
className="ml-2 p-1 text-green-600 hover:text-green-800 cursor-pointer transition-colors" className="ml-2 p-1 text-green-600 hover:text-green-800 cursor-pointer transition-colors"
onClick={(e) => { onClick={(e) => {
e.stopPropagation() e.stopPropagation();
handleDescriptionSave() handleDescriptionSave();
}} }}
> >
<Check size={16} /> <Check size={16} />
@@ -228,12 +240,14 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
</> </>
) : ( ) : (
<> <>
<span ref={descriptionTextRef}>{customDescription || t('tool.noDescription')}</span> <span ref={descriptionTextRef}>
{customDescription || t('tool.noDescription')}
</span>
<button <button
className="ml-2 p-1 text-gray-500 hover:text-blue-600 cursor-pointer transition-colors" className="ml-2 p-1 text-gray-500 hover:text-blue-600 cursor-pointer transition-colors"
onClick={(e) => { onClick={(e) => {
e.stopPropagation() e.stopPropagation();
handleDescriptionEdit() handleDescriptionEdit();
}} }}
> >
<Edit size={14} /> <Edit size={14} />
@@ -244,10 +258,7 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
</h3> </h3>
</div> </div>
<div className="flex items-center space-x-2"> <div className="flex items-center space-x-2">
<div <div className="flex items-center space-x-2" onClick={(e) => e.stopPropagation()}>
className="flex items-center space-x-2"
onClick={(e) => e.stopPropagation()}
>
<Switch <Switch
checked={tool.enabled ?? true} checked={tool.enabled ?? true}
onCheckedChange={handleToggle} onCheckedChange={handleToggle}
@@ -256,18 +267,14 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
</div> </div>
<button <button
onClick={(e) => { onClick={(e) => {
e.stopPropagation() e.stopPropagation();
setIsExpanded(true) // Ensure card is expanded when showing run form setIsExpanded(true); // Ensure card is expanded when showing run form
setShowRunForm(true) setShowRunForm(true);
}} }}
className="flex items-center space-x-1 px-3 py-1 text-sm text-blue-600 bg-blue-50 hover:bg-blue-100 rounded-md transition-colors btn-primary" className="flex items-center space-x-1 px-3 py-1 text-sm text-blue-600 bg-blue-50 hover:bg-blue-100 rounded-md transition-colors btn-primary"
disabled={isRunning || !tool.enabled} disabled={isRunning || !tool.enabled}
> >
{isRunning ? ( {isRunning ? <Loader size={14} className="animate-spin" /> : <Play size={14} />}
<Loader size={14} className="animate-spin" />
) : (
<Play size={14} />
)}
<span>{isRunning ? t('tool.running') : t('tool.run')}</span> <span>{isRunning ? t('tool.running') : t('tool.run')}</span>
</button> </button>
<button className="text-gray-400 hover:text-gray-600"> <button className="text-gray-400 hover:text-gray-600">
@@ -297,7 +304,9 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
onCancel={handleCancelRun} onCancel={handleCancelRun}
loading={isRunning} loading={isRunning}
storageKey={getStorageKey()} storageKey={getStorageKey()}
title={t('tool.runToolWithName', { name: tool.name.replace(server + nameSeparator, '') })} title={t('tool.runToolWithName', {
name: tool.name.replace(server + nameSeparator, ''),
})}
/> />
{/* Tool Result */} {/* Tool Result */}
{result && ( {result && (
@@ -307,12 +316,10 @@ const ToolCard = ({ tool, server, onToggle, onDescriptionUpdate }: ToolCardProps
)} )}
</div> </div>
)} )}
</div> </div>
)} )}
</div> </div>
) );
} };
export default ToolCard export default ToolCard;

67
frontend/src/contexts/ServerContext.tsx
View File

@@ -17,6 +17,16 @@ const CONFIG = {
}, },
}; };
// Pagination info type
interface PaginationInfo {
page: number;
limit: number;
total: number;
totalPages: number;
hasNextPage: boolean;
hasPrevPage: boolean;
}
// Context type definition // Context type definition
interface ServerContextType { interface ServerContextType {
servers: Server[]; servers: Server[];
@@ -24,6 +34,11 @@ interface ServerContextType {
setError: (error: string | null) => void; setError: (error: string | null) => void;
isLoading: boolean; isLoading: boolean;
fetchAttempts: number; fetchAttempts: number;
pagination: PaginationInfo | null;
currentPage: number;
serversPerPage: number;
setCurrentPage: (page: number) => void;
setServersPerPage: (limit: number) => void;
triggerRefresh: () => void; triggerRefresh: () => void;
refreshIfNeeded: () => void; // Smart refresh with debounce refreshIfNeeded: () => void; // Smart refresh with debounce
handleServerAdd: () => void; handleServerAdd: () => void;
@@ -45,6 +60,9 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
const [refreshKey, setRefreshKey] = useState(0); const [refreshKey, setRefreshKey] = useState(0);
const [isInitialLoading, setIsInitialLoading] = useState(true); const [isInitialLoading, setIsInitialLoading] = useState(true);
const [fetchAttempts, setFetchAttempts] = useState(0); const [fetchAttempts, setFetchAttempts] = useState(0);
const [pagination, setPagination] = useState<PaginationInfo | null>(null);
const [currentPage, setCurrentPage] = useState(1);
const [serversPerPage, setServersPerPage] = useState(10);
// Timer reference for polling // Timer reference for polling
const intervalRef = useRef<NodeJS.Timeout | null>(null); const intervalRef = useRef<NodeJS.Timeout | null>(null);
@@ -73,18 +91,31 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
const fetchServers = async () => { const fetchServers = async () => {
try { try {
console.log('[ServerContext] Fetching servers from API...'); console.log('[ServerContext] Fetching servers from API...');
const data = await apiGet('/servers'); // Build query parameters for pagination
const params = new URLSearchParams();
params.append('page', currentPage.toString());
params.append('limit', serversPerPage.toString());
const data = await apiGet(`/servers?${params.toString()}`);
// Update last fetch time // Update last fetch time
lastFetchTimeRef.current = Date.now(); lastFetchTimeRef.current = Date.now();
if (data && data.success && Array.isArray(data.data)) { if (data && data.success && Array.isArray(data.data)) {
setServers(data.data); setServers(data.data);
// Update pagination info if available
if (data.pagination) {
setPagination(data.pagination);
} else {
setPagination(null);
}
} else if (data && Array.isArray(data)) { } else if (data && Array.isArray(data)) {
// Compatibility handling for non-paginated responses
setServers(data); setServers(data);
setPagination(null);
} else { } else {
console.error('Invalid server data format:', data); console.error('Invalid server data format:', data);
setServers([]); setServers([]);
setPagination(null);
} }
// Reset error state // Reset error state
@@ -114,7 +145,7 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
// Set up regular polling // Set up regular polling
intervalRef.current = setInterval(fetchServers, CONFIG.normal.pollingInterval); intervalRef.current = setInterval(fetchServers, CONFIG.normal.pollingInterval);
}, },
[t], [t, currentPage, serversPerPage],
); );
// Watch for authentication status changes // Watch for authentication status changes
@@ -150,7 +181,11 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
const fetchInitialData = async () => { const fetchInitialData = async () => {
try { try {
console.log('[ServerContext] Initial fetch - attempt', attemptsRef.current + 1); console.log('[ServerContext] Initial fetch - attempt', attemptsRef.current + 1);
const data = await apiGet('/servers'); // Build query parameters for pagination
const params = new URLSearchParams();
params.append('page', currentPage.toString());
params.append('limit', serversPerPage.toString());
const data = await apiGet(`/servers?${params.toString()}`);
// Update last fetch time // Update last fetch time
lastFetchTimeRef.current = Date.now(); lastFetchTimeRef.current = Date.now();
@@ -158,6 +193,12 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
// Handle API response wrapper object, extract data field // Handle API response wrapper object, extract data field
if (data && data.success && Array.isArray(data.data)) { if (data && data.success && Array.isArray(data.data)) {
setServers(data.data); setServers(data.data);
// Update pagination info if available
if (data.pagination) {
setPagination(data.pagination);
} else {
setPagination(null);
}
setIsInitialLoading(false); setIsInitialLoading(false);
// Initialization successful, start normal polling (skip immediate to avoid duplicate fetch) // Initialization successful, start normal polling (skip immediate to avoid duplicate fetch)
startNormalPolling({ immediate: false }); startNormalPolling({ immediate: false });
@@ -165,6 +206,7 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
} else if (data && Array.isArray(data)) { } else if (data && Array.isArray(data)) {
// Compatibility handling, if API directly returns array // Compatibility handling, if API directly returns array
setServers(data); setServers(data);
setPagination(null);
setIsInitialLoading(false); setIsInitialLoading(false);
// Initialization successful, start normal polling (skip immediate to avoid duplicate fetch) // Initialization successful, start normal polling (skip immediate to avoid duplicate fetch)
startNormalPolling({ immediate: false }); startNormalPolling({ immediate: false });
@@ -173,6 +215,7 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
// If data format is not as expected, set to empty array // If data format is not as expected, set to empty array
console.error('Invalid server data format:', data); console.error('Invalid server data format:', data);
setServers([]); setServers([]);
setPagination(null);
setIsInitialLoading(false); setIsInitialLoading(false);
// Initialization successful but data is empty, start normal polling (skip immediate) // Initialization successful but data is empty, start normal polling (skip immediate)
startNormalPolling({ immediate: false }); startNormalPolling({ immediate: false });
@@ -227,7 +270,7 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
return () => { return () => {
clearTimer(); clearTimer();
}; };
}, [refreshKey, t, isInitialLoading, startNormalPolling]); }, [refreshKey, t, isInitialLoading, startNormalPolling, currentPage, serversPerPage]);
// Manually trigger refresh (always refreshes) // Manually trigger refresh (always refreshes)
const triggerRefresh = useCallback(() => { const triggerRefresh = useCallback(() => {
@@ -383,12 +426,28 @@ export const ServerProvider: React.FC<{ children: React.ReactNode }> = ({ childr
[t, triggerRefresh], [t, triggerRefresh],
); );
// Handle page change
const handlePageChange = useCallback((page: number) => {
setCurrentPage(page);
}, []);
// Handle servers per page change
const handleServersPerPageChange = useCallback((limit: number) => {
setServersPerPage(limit);
setCurrentPage(1); // Reset to first page when changing page size
}, []);
const value: ServerContextType = { const value: ServerContextType = {
servers, servers,
error, error,
setError, setError,
isLoading: isInitialLoading, isLoading: isInitialLoading,
fetchAttempts, fetchAttempts,
pagination,
currentPage,
serversPerPage,
setCurrentPage: handlePageChange,
setServersPerPage: handleServersPerPageChange,
triggerRefresh, triggerRefresh,
refreshIfNeeded, refreshIfNeeded,
handleServerAdd, handleServerAdd,

210
frontend/src/pages/LoginPage.tsx
View File

@@ -1,12 +1,11 @@
import React, { useState, useMemo, useCallback, useEffect } from 'react'; import React, { useState, useMemo, useCallback } from 'react';
import { useLocation, useNavigate } from 'react-router-dom'; import { useLocation, useNavigate } from 'react-router-dom';
import { useTranslation } from 'react-i18next'; import { useTranslation } from 'react-i18next';
import { useAuth } from '../contexts/AuthContext'; import { useAuth } from '../contexts/AuthContext';
import { getToken, getOAuthSsoConfig, initiateOAuthSsoLogin } from '../services/authService'; import { getToken } from '../services/authService';
import ThemeSwitch from '@/components/ui/ThemeSwitch'; import ThemeSwitch from '@/components/ui/ThemeSwitch';
import LanguageSwitch from '@/components/ui/LanguageSwitch'; import LanguageSwitch from '@/components/ui/LanguageSwitch';
import DefaultPasswordWarningModal from '@/components/ui/DefaultPasswordWarningModal'; import DefaultPasswordWarningModal from '@/components/ui/DefaultPasswordWarningModal';
import { OAuthSsoConfig, OAuthSsoProvider } from '../types';
const sanitizeReturnUrl = (value: string | null): string | null => { const sanitizeReturnUrl = (value: string | null): string | null => {
if (!value) { if (!value) {
@@ -30,44 +29,6 @@ const sanitizeReturnUrl = (value: string | null): string | null => {
} }
}; };
// Provider icon component
const ProviderIcon: React.FC<{ type: string; className?: string }> = ({ type, className = 'w-5 h-5' }) => {
switch (type) {
case 'google':
return (
<svg className={className} viewBox="0 0 24 24" fill="currentColor">
<path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z" fill="#4285F4"/>
<path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/>
<path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/>
<path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/>
</svg>
);
case 'microsoft':
return (
<svg className={className} viewBox="0 0 24 24" fill="currentColor">
<path d="M11.4 11.4H2V2h9.4v9.4z" fill="#F25022"/>
<path d="M22 11.4h-9.4V2H22v9.4z" fill="#7FBA00"/>
<path d="M11.4 22H2v-9.4h9.4V22z" fill="#00A4EF"/>
<path d="M22 22h-9.4v-9.4H22V22z" fill="#FFB900"/>
</svg>
);
case 'github':
return (
<svg className={className} viewBox="0 0 24 24" fill="currentColor">
<path fillRule="evenodd" clipRule="evenodd" d="M12 2C6.477 2 2 6.477 2 12c0 4.42 2.865 8.17 6.839 9.49.5.092.682-.217.682-.482 0-.237-.009-.866-.013-1.7-2.782.604-3.369-1.34-3.369-1.34-.454-1.156-1.11-1.464-1.11-1.464-.908-.62.069-.608.069-.608 1.003.07 1.531 1.03 1.531 1.03.892 1.529 2.341 1.087 2.91.831.092-.646.35-1.086.636-1.336-2.22-.253-4.555-1.11-4.555-4.943 0-1.091.39-1.984 1.029-2.683-.103-.253-.446-1.27.098-2.647 0 0 .84-.269 2.75 1.025A9.578 9.578 0 0112 6.836c.85.004 1.705.115 2.504.337 1.909-1.294 2.747-1.025 2.747-1.025.546 1.377.203 2.394.1 2.647.64.699 1.028 1.592 1.028 2.683 0 3.842-2.339 4.687-4.566 4.935.359.309.678.919.678 1.852 0 1.336-.012 2.415-.012 2.743 0 .267.18.579.688.481C19.137 20.167 22 16.418 22 12c0-5.523-4.477-10-10-10z"/>
</svg>
);
default:
return (
<svg className={className} viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2">
<path d="M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4"/>
<polyline points="10 17 15 12 10 7"/>
<line x1="15" y1="12" x2="3" y2="12"/>
</svg>
);
}
};
const LoginPage: React.FC = () => { const LoginPage: React.FC = () => {
const { t } = useTranslation(); const { t } = useTranslation();
const [username, setUsername] = useState(''); const [username, setUsername] = useState('');
@@ -75,7 +36,6 @@ const LoginPage: React.FC = () => {
const [error, setError] = useState<string | null>(null); const [error, setError] = useState<string | null>(null);
const [loading, setLoading] = useState(false); const [loading, setLoading] = useState(false);
const [showDefaultPasswordWarning, setShowDefaultPasswordWarning] = useState(false); const [showDefaultPasswordWarning, setShowDefaultPasswordWarning] = useState(false);
const [ssoConfig, setSsoConfig] = useState<OAuthSsoConfig | null>(null);
const { login } = useAuth(); const { login } = useAuth();
const location = useLocation(); const location = useLocation();
const navigate = useNavigate(); const navigate = useNavigate();
@@ -84,25 +44,6 @@ const LoginPage: React.FC = () => {
return sanitizeReturnUrl(params.get('returnUrl')); return sanitizeReturnUrl(params.get('returnUrl'));
}, [location.search]); }, [location.search]);
// Check for OAuth error in URL params
useEffect(() => {
const params = new URLSearchParams(location.search);
const oauthError = params.get('error');
const oauthMessage = params.get('message');
if (oauthError === 'oauth_failed' && oauthMessage) {
setError(oauthMessage);
}
}, [location.search]);
// Load OAuth SSO configuration
useEffect(() => {
const loadSsoConfig = async () => {
const config = await getOAuthSsoConfig();
setSsoConfig(config);
};
loadSsoConfig();
}, []);
const isServerUnavailableError = useCallback((message?: string) => { const isServerUnavailableError = useCallback((message?: string) => {
if (!message) return false; if (!message) return false;
const normalized = message.toLowerCase(); const normalized = message.toLowerCase();
@@ -196,18 +137,11 @@ const LoginPage: React.FC = () => {
} }
}; };
const handleSsoLogin = (provider: OAuthSsoProvider) => {
initiateOAuthSsoLogin(provider.id, returnUrl || undefined);
};
const handleCloseWarning = () => { const handleCloseWarning = () => {
setShowDefaultPasswordWarning(false); setShowDefaultPasswordWarning(false);
redirectAfterLogin(); redirectAfterLogin();
}; };
const showLocalAuth = !ssoConfig?.enabled || ssoConfig.localAuthAllowed;
const showSsoProviders = ssoConfig?.enabled && ssoConfig.providers.length > 0;
return ( return (
<div className="relative min-h-screen w-full overflow-hidden bg-gray-50 dark:bg-gray-950"> <div className="relative min-h-screen w-full overflow-hidden bg-gray-50 dark:bg-gray-950">
{/* Top-right controls */} {/* Top-right controls */}
@@ -259,100 +193,58 @@ const LoginPage: React.FC = () => {
<div className="login-card relative w-full rounded-2xl border border-white/10 bg-white/60 p-8 shadow-xl backdrop-blur-md transition dark:border-white/10 dark:bg-gray-900/60"> <div className="login-card relative w-full rounded-2xl border border-white/10 bg-white/60 p-8 shadow-xl backdrop-blur-md transition dark:border-white/10 dark:bg-gray-900/60">
<div className="absolute -top-24 right-12 h-40 w-40 -translate-y-6 rounded-full bg-indigo-500/30 blur-3xl" /> <div className="absolute -top-24 right-12 h-40 w-40 -translate-y-6 rounded-full bg-indigo-500/30 blur-3xl" />
<div className="absolute -bottom-24 -left-12 h-40 w-40 translate-y-6 rounded-full bg-cyan-500/20 blur-3xl" /> <div className="absolute -bottom-24 -left-12 h-40 w-40 translate-y-6 rounded-full bg-cyan-500/20 blur-3xl" />
<form className="mt-4 space-y-4" onSubmit={handleSubmit}>
{/* SSO Providers */} <div className="space-y-4">
{showSsoProviders && (
<div className="mt-4 space-y-3">
{ssoConfig.providers.map((provider) => (
<button
key={provider.id}
type="button"
onClick={() => handleSsoLogin(provider)}
className="group relative flex w-full items-center justify-center gap-3 rounded-md border border-gray-300/60 bg-white/80 px-4 py-3 text-sm font-medium text-gray-700 shadow-sm transition-all hover:bg-gray-50 hover:shadow focus:outline-none focus:ring-2 focus:ring-indigo-500 focus:ring-offset-2 dark:border-gray-600/60 dark:bg-gray-800/80 dark:text-gray-200 dark:hover:bg-gray-700/80"
>
<ProviderIcon type={provider.icon || provider.type} />
<span>{provider.buttonText || t('oauthSso.signInWith', { provider: provider.name })}</span>
</button>
))}
</div>
)}
{/* Divider between SSO and local auth */}
{showSsoProviders && showLocalAuth && (
<div className="relative my-6">
<div className="absolute inset-0 flex items-center">
<div className="w-full border-t border-gray-300/60 dark:border-gray-600/60" />
</div>
<div className="relative flex justify-center text-sm">
<span className="bg-white/60 px-4 text-gray-500 dark:bg-gray-900/60 dark:text-gray-400">
{t('oauthSso.orContinueWith')}
</span>
</div>
</div>
)}
{/* Local auth form */}
{showLocalAuth && (
<form className="mt-4 space-y-4" onSubmit={handleSubmit}>
<div className="space-y-4">
<div>
<label htmlFor="username" className="sr-only">
{t('auth.username')}
</label>
<input
id="username"
name="username"
type="text"
autoComplete="username"
required
className="login-input appearance-none relative block w-full rounded-md border border-gray-300/60 bg-white/70 px-3 py-3 text-gray-900 shadow-sm outline-none ring-0 transition-all placeholder:text-gray-500 focus:border-indigo-500 focus:ring-2 focus:ring-indigo-500 dark:border-gray-700/60 dark:bg-gray-800/70 dark:text-white dark:placeholder:text-gray-400"
placeholder={t('auth.username')}
value={username}
onChange={(e) => setUsername(e.target.value)}
/>
</div>
<div>
<label htmlFor="password" className="sr-only">
{t('auth.password')}
</label>
<input
id="password"
name="password"
type="password"
autoComplete="current-password"
required
className="login-input appearance-none relative block w-full rounded-md border border-gray-300/60 bg-white/70 px-3 py-3 text-gray-900 shadow-sm outline-none ring-0 transition-all placeholder:text-gray-500 focus:border-indigo-500 focus:ring-2 focus:ring-indigo-500 dark:border-gray-700/60 dark:bg-gray-800/70 dark:text-white dark:placeholder:text-gray-400"
placeholder={t('auth.password')}
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div>
</div>
{error && (
<div className="error-box rounded border border-red-500/20 bg-red-500/10 p-2 text-center text-sm text-red-600 dark:text-red-400">
{error}
</div>
)}
<div> <div>
<button <label htmlFor="username" className="sr-only">
type="submit" {t('auth.username')}
disabled={loading} </label>
className="login-button btn-primary group relative flex w-full items-center justify-center rounded-md border border-transparent bg-indigo-600 px-4 py-2 text-sm font-medium text-white transition-all hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-indigo-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-70" <input
> id="username"
{loading ? t('auth.loggingIn') : t('auth.login')} name="username"
</button> type="text"
autoComplete="username"
required
className="login-input appearance-none relative block w-full rounded-md border border-gray-300/60 bg-white/70 px-3 py-3 text-gray-900 shadow-sm outline-none ring-0 transition-all placeholder:text-gray-500 focus:border-indigo-500 focus:ring-2 focus:ring-indigo-500 dark:border-gray-700/60 dark:bg-gray-800/70 dark:text-white dark:placeholder:text-gray-400"
placeholder={t('auth.username')}
value={username}
onChange={(e) => setUsername(e.target.value)}
/>
</div>
<div>
<label htmlFor="password" className="sr-only">
{t('auth.password')}
</label>
<input
id="password"
name="password"
type="password"
autoComplete="current-password"
required
className="login-input appearance-none relative block w-full rounded-md border border-gray-300/60 bg-white/70 px-3 py-3 text-gray-900 shadow-sm outline-none ring-0 transition-all placeholder:text-gray-500 focus:border-indigo-500 focus:ring-2 focus:ring-indigo-500 dark:border-gray-700/60 dark:bg-gray-800/70 dark:text-white dark:placeholder:text-gray-400"
placeholder={t('auth.password')}
value={password}
onChange={(e) => setPassword(e.target.value)}
/>
</div> </div>
</form>
)}
{/* Error display for SSO-only mode */}
{!showLocalAuth && error && (
<div className="mt-4 error-box rounded border border-red-500/20 bg-red-500/10 p-2 text-center text-sm text-red-600 dark:text-red-400">
{error}
</div> </div>
)}
{error && (
<div className="error-box rounded border border-red-500/20 bg-red-500/10 p-2 text-center text-sm text-red-600 dark:text-red-400">
{error}
</div>
)}
<div>
<button
type="submit"
disabled={loading}
className="login-button btn-primary group relative flex w-full items-center justify-center rounded-md border border-transparent bg-indigo-600 px-4 py-2 text-sm font-medium text-white transition-all hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-indigo-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-70"
>
{loading ? t('auth.loggingIn') : t('auth.login')}
</button>
</div>
</form>
</div> </div>
</div> </div>
</div> </div>

42
frontend/src/pages/OAuthCallbackPage.tsx
View File

@@ -1,42 +0,0 @@
import React, { useEffect } from 'react';
import { useNavigate, useSearchParams } from 'react-router-dom';
import { setToken } from '../services/authService';
/**
* OAuth Callback Page
*
* This page handles the callback from OAuth SSO providers.
* It receives the JWT token as a query parameter, stores it, and redirects to the app.
*/
const OAuthCallbackPage: React.FC = () => {
const navigate = useNavigate();
const [searchParams] = useSearchParams();
useEffect(() => {
const token = searchParams.get('token');
const returnUrl = searchParams.get('returnUrl') || '/';
if (token) {
// Store the token
setToken(token);
// Redirect to the return URL
navigate(returnUrl, { replace: true });
} else {
// No token - redirect to login with error
navigate('/login?error=oauth_failed&message=No+token+received', { replace: true });
}
}, [searchParams, navigate]);
// Show loading state while processing
return (
<div className="min-h-screen flex items-center justify-center bg-gray-50 dark:bg-gray-950">
<div className="text-center">
<div className="animate-spin rounded-full h-12 w-12 border-t-2 border-b-2 border-indigo-500 mx-auto"></div>
<p className="mt-4 text-gray-600 dark:text-gray-400">Completing authentication...</p>
</div>
</div>
);
};
export default OAuthCallbackPage;

79
frontend/src/pages/ServersPage.tsx
View File

@@ -8,6 +8,7 @@ import EditServerForm from '@/components/EditServerForm';
import { useServerData } from '@/hooks/useServerData'; import { useServerData } from '@/hooks/useServerData';
import DxtUploadForm from '@/components/DxtUploadForm'; import DxtUploadForm from '@/components/DxtUploadForm';
import JSONImportForm from '@/components/JSONImportForm'; import JSONImportForm from '@/components/JSONImportForm';
import Pagination from '@/components/ui/Pagination';
const ServersPage: React.FC = () => { const ServersPage: React.FC = () => {
const { t } = useTranslation(); const { t } = useTranslation();
@@ -17,6 +18,11 @@ const ServersPage: React.FC = () => {
error, error,
setError, setError,
isLoading, isLoading,
pagination,
currentPage,
serversPerPage,
setCurrentPage,
setServersPerPage,
handleServerAdd, handleServerAdd,
handleServerEdit, handleServerEdit,
handleServerRemove, handleServerRemove,
@@ -151,19 +157,66 @@ const ServersPage: React.FC = () => {
<p className="text-gray-600">{t('app.noServers')}</p> <p className="text-gray-600">{t('app.noServers')}</p>
</div> </div>
) : ( ) : (
<div className="space-y-6"> <>
{servers.map((server, index) => ( <div className="space-y-6">
<ServerCard {servers.map((server, index) => (
key={index} <ServerCard
server={server} key={index}
onRemove={handleServerRemove} server={server}
onEdit={handleEditClick} onRemove={handleServerRemove}
onToggle={handleServerToggle} onEdit={handleEditClick}
onRefresh={triggerRefresh} onToggle={handleServerToggle}
onReload={handleServerReload} onRefresh={triggerRefresh}
/> onReload={handleServerReload}
))} />
</div> ))}
</div>
<div className="flex items-center mb-4">
<div className="flex-[2] text-sm text-gray-500">
{pagination ? (
t('common.showing', {
start: (pagination.page - 1) * pagination.limit + 1,
end: Math.min(pagination.page * pagination.limit, pagination.total),
total: pagination.total
})
) : (
t('common.showing', {
start: 1,
end: servers.length,
total: servers.length
})
)}
</div>
<div className="flex-[4] flex justify-center">
{pagination && pagination.totalPages > 1 && (
<Pagination
currentPage={currentPage}
totalPages={pagination.totalPages}
onPageChange={setCurrentPage}
disabled={isLoading}
/>
)}
</div>
<div className="flex-[2] flex items-center justify-end space-x-2">
<label htmlFor="perPage" className="text-sm text-gray-600">
{t('common.itemsPerPage')}:
</label>
<select
id="perPage"
value={serversPerPage}
onChange={(e) => setServersPerPage(Number(e.target.value))}
disabled={isLoading}
className="border rounded p-1 text-sm btn-secondary outline-none disabled:opacity-50 disabled:cursor-not-allowed"
>
<option value={5}>5</option>
<option value={10}>10</option>
<option value={20}>20</option>
<option value={50}>50</option>
</select>
</div>
</div>
</>
)} )}
{editingServer && ( {editingServer && (

25
frontend/src/services/authService.ts
View File

@@ -3,7 +3,6 @@ import {
LoginCredentials, LoginCredentials,
RegisterCredentials, RegisterCredentials,
ChangePasswordCredentials, ChangePasswordCredentials,
OAuthSsoConfig,
} from '../types'; } from '../types';
import { apiPost, apiGet } from '../utils/fetchInterceptor'; import { apiPost, apiGet } from '../utils/fetchInterceptor';
import { getToken, setToken, removeToken } from '../utils/interceptors'; import { getToken, setToken, removeToken } from '../utils/interceptors';
@@ -106,30 +105,6 @@ export const changePassword = async (
} }
}; };
// Get OAuth SSO configuration
export const getOAuthSsoConfig = async (): Promise<OAuthSsoConfig | null> => {
try {
const response = await apiGet<{ success: boolean; data: OAuthSsoConfig }>('/auth/sso/config');
if (response.success && response.data) {
return response.data;
}
return null;
} catch (error) {
console.error('Get OAuth SSO config error:', error);
return null;
}
};
// Initiate OAuth SSO login (redirects to provider)
export const initiateOAuthSsoLogin = (providerId: string, returnUrl?: string): void => {
const basePath = import.meta.env.VITE_BASE_PATH || '';
let url = `${basePath}/api/auth/sso/${providerId}`;
if (returnUrl) {
url += `?returnUrl=${encodeURIComponent(returnUrl)}`;
}
window.location.href = url;
};
// Logout user // Logout user
export const logout = (): void => { export const logout = (): void => {
removeToken(); removeToken();

28
frontend/src/types/index.ts
View File

@@ -105,6 +105,17 @@ export interface Prompt {
enabled?: boolean; enabled?: boolean;
} }
// Proxychains4 configuration for STDIO servers (Linux/macOS only)
export interface ProxychainsConfig {
enabled?: boolean; // Enable/disable proxychains4 proxy routing
type?: 'socks4' | 'socks5' | 'http'; // Proxy protocol type
host?: string; // Proxy server hostname or IP address
port?: number; // Proxy server port
username?: string; // Proxy authentication username (optional)
password?: string; // Proxy authentication password (optional)
configPath?: string; // Path to custom proxychains4 configuration file (optional)
}
// Server config types // Server config types
export interface ServerConfig { export interface ServerConfig {
type?: 'stdio' | 'sse' | 'streamable-http' | 'openapi'; type?: 'stdio' | 'sse' | 'streamable-http' | 'openapi';
@@ -123,6 +134,8 @@ export interface ServerConfig {
resetTimeoutOnProgress?: boolean; // Reset timeout on progress notifications resetTimeoutOnProgress?: boolean; // Reset timeout on progress notifications
maxTotalTimeout?: number; // Maximum total timeout in milliseconds maxTotalTimeout?: number; // Maximum total timeout in milliseconds
}; // MCP request options configuration }; // MCP request options configuration
// Proxychains4 proxy configuration for STDIO servers (Linux/macOS only, Windows not supported)
proxy?: ProxychainsConfig;
// OAuth authentication for upstream MCP servers // OAuth authentication for upstream MCP servers
oauth?: { oauth?: {
clientId?: string; // OAuth client ID clientId?: string; // OAuth client ID
@@ -381,21 +394,6 @@ export interface AuthResponse {
isUsingDefaultPassword?: boolean; isUsingDefaultPassword?: boolean;
} }
// OAuth SSO types
export interface OAuthSsoProvider {
id: string;
name: string;
type: string;
icon?: string;
buttonText?: string;
}
export interface OAuthSsoConfig {
enabled: boolean;
providers: OAuthSsoProvider[];
localAuthAllowed: boolean;
}
// Official Registry types (from registry.modelcontextprotocol.io) // Official Registry types (from registry.modelcontextprotocol.io)
export interface RegistryVariable { export interface RegistryVariable {
choices?: string[]; choices?: string[];

24
locales/en.json
View File

@@ -248,6 +248,10 @@
"wechat": "WeChat", "wechat": "WeChat",
"discord": "Discord", "discord": "Discord",
"required": "Required", "required": "Required",
"itemsPerPage": "Items per page",
"showing": "Showing {{start}}-{{end}} of {{total}}",
"previous": "Previous",
"next": "Next",
"secret": "Secret", "secret": "Secret",
"default": "Default", "default": "Default",
"value": "Value", "value": "Value",
@@ -840,25 +844,5 @@
"internalError": "Internal Error", "internalError": "Internal Error",
"internalErrorMessage": "An unexpected error occurred while processing the OAuth callback.", "internalErrorMessage": "An unexpected error occurred while processing the OAuth callback.",
"closeWindow": "Close Window" "closeWindow": "Close Window"
},
"oauthSso": {
"errors": {
"providerIdRequired": "Provider ID is required",
"providerNotFound": "OAuth provider not found",
"missingState": "Missing OAuth state parameter",
"missingCode": "Missing authorization code",
"invalidState": "Invalid or expired OAuth state",
"authFailed": "OAuth authentication failed",
"userNotProvisioned": "User not found and auto-provisioning is disabled"
},
"signInWith": "Sign in with {{provider}}",
"orContinueWith": "Or continue with",
"continueWithProvider": "Continue with {{provider}}",
"loginWithSso": "Login with SSO",
"providers": {
"google": "Google",
"microsoft": "Microsoft",
"github": "GitHub"
}
} }
} }

4
locales/fr.json
View File

@@ -248,6 +248,10 @@
"github": "GitHub", "github": "GitHub",
"wechat": "WeChat", "wechat": "WeChat",
"discord": "Discord", "discord": "Discord",
"itemsPerPage": "Éléments par page",
"showing": "Affichage de {{start}}-{{end}} sur {{total}}",
"previous": "Précédent",
"next": "Suivant",
"required": "Requis", "required": "Requis",
"secret": "Secret", "secret": "Secret",
"default": "Défaut", "default": "Défaut",

4
locales/tr.json
View File

@@ -248,6 +248,10 @@
"github": "GitHub", "github": "GitHub",
"wechat": "WeChat", "wechat": "WeChat",
"discord": "Discord", "discord": "Discord",
"itemsPerPage": "Sayfa başına öğe",
"showing": "{{total}} öğeden {{start}}-{{end}} gösteriliyor",
"previous": "Önceki",
"next": "Sonraki",
"required": "Gerekli", "required": "Gerekli",
"secret": "Gizli", "secret": "Gizli",
"default": "Varsayılan", "default": "Varsayılan",

24
locales/zh.json
View File

@@ -248,6 +248,10 @@
"dismiss": "忽略", "dismiss": "忽略",
"github": "GitHub", "github": "GitHub",
"wechat": "微信", "wechat": "微信",
"itemsPerPage": "每页显示",
"showing": "显示第 {{start}}-{{end}} 条,共 {{total}} 条",
"previous": "上一页",
"next": "下一页",
"discord": "Discord", "discord": "Discord",
"required": "必填", "required": "必填",
"secret": "敏感", "secret": "敏感",
@@ -842,25 +846,5 @@
"internalError": "内部错误", "internalError": "内部错误",
"internalErrorMessage": "处理 OAuth 回调时发生意外错误。", "internalErrorMessage": "处理 OAuth 回调时发生意外错误。",
"closeWindow": "关闭窗口" "closeWindow": "关闭窗口"
},
"oauthSso": {
"errors": {
"providerIdRequired": "需要提供身份验证提供商 ID",
"providerNotFound": "未找到 OAuth 身份验证提供商",
"missingState": "缺少 OAuth 状态参数",
"missingCode": "缺少授权码",
"invalidState": "OAuth 状态无效或已过期",
"authFailed": "OAuth 身份验证失败",
"userNotProvisioned": "用户未找到且自动创建用户已禁用"
},
"signInWith": "使用 {{provider}} 登录",
"orContinueWith": "或使用以下方式继续",
"continueWithProvider": "使用 {{provider}} 继续",
"loginWithSso": "使用 SSO 登录",
"providers": {
"google": "Google",
"microsoft": "Microsoft",
"github": "GitHub"
}
} }
} }

6
package.json
View File

@@ -46,7 +46,7 @@
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"@apidevtools/swagger-parser": "^12.0.0", "@apidevtools/swagger-parser": "^12.0.0",
"@modelcontextprotocol/sdk": "^1.20.2", "@modelcontextprotocol/sdk": "^1.25.1",
"@node-oauth/oauth2-server": "^5.2.1", "@node-oauth/oauth2-server": "^5.2.1",
"@types/adm-zip": "^0.5.7", "@types/adm-zip": "^0.5.7",
"@types/bcrypt": "^6.0.0", "@types/bcrypt": "^6.0.0",
@@ -57,7 +57,7 @@
"bcrypt": "^6.0.0", "bcrypt": "^6.0.0",
"bcryptjs": "^3.0.2", "bcryptjs": "^3.0.2",
"cors": "^2.8.5", "cors": "^2.8.5",
"dotenv": "^16.6.1", "dotenv": "^17.2.3",
"dotenv-expand": "^12.0.2", "dotenv-expand": "^12.0.2",
"express": "^4.21.2", "express": "^4.21.2",
"express-validator": "^7.3.1", "express-validator": "^7.3.1",
@@ -108,7 +108,7 @@
"jest-environment-node": "^30.0.5", "jest-environment-node": "^30.0.5",
"jest-mock-extended": "4.0.0", "jest-mock-extended": "4.0.0",
"lucide-react": "^0.552.0", "lucide-react": "^0.552.0",
"next": "^15.5.0", "next": "^16.1.1",
"postcss": "^8.5.6", "postcss": "^8.5.6",
"prettier": "^3.6.2", "prettier": "^3.6.2",
"react": "19.2.1", "react": "19.2.1",

425
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff

245
src/controllers/oauthSsoController.ts
View File

@@ -1,245 +0,0 @@
/**
* OAuth SSO Controller
*
* Handles OAuth SSO authentication endpoints.
*/
import { Request, Response } from 'express';
import jwt from 'jsonwebtoken';
import {
generateAuthorizationUrl,
handleCallback,
getPublicProviderInfo,
isLocalAuthAllowed,
isOAuthSsoEnabled,
getOAuthSsoConfig as getSsoConfigFromService,
} from '../services/oauthSsoService.js';
import { JWT_SECRET } from '../config/jwt.js';
import config from '../config/index.js';
const TOKEN_EXPIRY = '24h';
/**
* Get the base URL for OAuth callbacks
* Uses configured callbackBaseUrl if available, otherwise derives from request
* This approach is more secure than blindly trusting forwarded headers
*/
async function getCallbackBaseUrl(req: Request): Promise<string> {
// First, check if a callback base URL is configured (most secure option)
const ssoConfig = await getSsoConfigFromService();
if (ssoConfig?.callbackBaseUrl) {
return ssoConfig.callbackBaseUrl;
}
// Fall back to deriving from request (less secure, but works in simpler setups)
// Only trust forwarded headers if app is configured to trust proxy
if (req.app.get('trust proxy') && req.headers['x-forwarded-proto'] && req.headers['x-forwarded-host']) {
const proto = Array.isArray(req.headers['x-forwarded-proto'])
? req.headers['x-forwarded-proto'][0]
: req.headers['x-forwarded-proto'];
const host = Array.isArray(req.headers['x-forwarded-host'])
? req.headers['x-forwarded-host'][0]
: req.headers['x-forwarded-host'];
return `${proto}://${host}`;
}
return `${req.protocol}://${req.get('host')}`;
}
/**
* Get OAuth SSO configuration for frontend
* Returns enabled providers and whether local auth is allowed
*/
export const getOAuthSsoConfig = async (req: Request, res: Response): Promise<void> => {
try {
const enabled = await isOAuthSsoEnabled();
const providers = await getPublicProviderInfo();
const localAuthAllowed = await isLocalAuthAllowed();
res.json({
success: true,
data: {
enabled,
providers,
localAuthAllowed,
},
});
} catch (error) {
console.error('Error getting OAuth SSO config:', error);
res.status(500).json({
success: false,
message: 'Failed to get OAuth SSO configuration',
});
}
};
/**
* Initiate OAuth SSO login
* Redirects user to the OAuth provider's authorization page
*/
export const initiateOAuthLogin = async (req: Request, res: Response): Promise<void> => {
const t = (req as any).t || ((key: string) => key);
try {
const { providerId } = req.params;
const { returnUrl } = req.query;
if (!providerId) {
res.status(400).json({
success: false,
message: t('oauthSso.errors.providerIdRequired'),
});
return;
}
// Build callback URL
// Note: Use configured callback base URL from oauthSso config if available
// This avoids relying on potentially untrusted forwarded headers
const baseUrl = await getCallbackBaseUrl(req);
const callbackUrl = `${baseUrl}${config.basePath}/api/auth/sso/${providerId}/callback`;
// Generate authorization URL
const { url } = await generateAuthorizationUrl(
providerId,
callbackUrl,
typeof returnUrl === 'string' ? returnUrl : undefined,
);
// Redirect to OAuth provider
res.redirect(url);
} catch (error) {
console.error('Error initiating OAuth login:', error);
const errorMessage = error instanceof Error ? error.message : 'Failed to initiate OAuth login';
res.status(500).json({
success: false,
message: errorMessage,
});
}
};
/**
* Handle OAuth callback from provider
* Exchanges code for tokens and creates/updates user
*/
export const handleOAuthCallback = async (req: Request, res: Response): Promise<void> => {
const t = (req as any).t || ((key: string) => key);
try {
const { providerId } = req.params;
const { code, state, error, error_description } = req.query;
// Handle OAuth errors
if (error) {
console.error(`OAuth error from provider ${providerId}:`, error, error_description);
const errorUrl = buildErrorRedirectUrl(String(error_description || error), req);
return res.redirect(errorUrl);
}
// Validate required parameters
if (!state) {
const errorUrl = buildErrorRedirectUrl(t('oauthSso.errors.missingState'), req);
return res.redirect(errorUrl);
}
if (!code) {
const errorUrl = buildErrorRedirectUrl(t('oauthSso.errors.missingCode'), req);
return res.redirect(errorUrl);
}
// Build callback URL (same as used in initiate)
const baseUrl = await getCallbackBaseUrl(req);
const callbackUrl = `${baseUrl}${config.basePath}/api/auth/sso/${providerId}/callback`;
// Full current URL with query params
const currentUrl = `${callbackUrl}?${new URLSearchParams(req.query as Record<string, string>).toString()}`;
// Exchange code for tokens and get user
const { user, returnUrl } = await handleCallback(
callbackUrl,
currentUrl,
String(state),
);
// Generate JWT token
const payload = {
user: {
username: user.username,
isAdmin: user.isAdmin || false,
},
};
const token = jwt.sign(payload, JWT_SECRET, { expiresIn: TOKEN_EXPIRY });
// Redirect to frontend with token
const redirectUrl = buildSuccessRedirectUrl(token, returnUrl, req);
res.redirect(redirectUrl);
} catch (error) {
console.error('Error handling OAuth callback:', error);
const errorMessage =
error instanceof Error ? error.message : 'Authentication failed';
const errorUrl = buildErrorRedirectUrl(errorMessage, req);
res.redirect(errorUrl);
}
};
/**
* Get list of available OAuth providers
*/
export const listOAuthProviders = async (req: Request, res: Response): Promise<void> => {
try {
const providers = await getPublicProviderInfo();
res.json({
success: true,
data: providers,
});
} catch (error) {
console.error('Error listing OAuth providers:', error);
res.status(500).json({
success: false,
message: 'Failed to list OAuth providers',
});
}
};
/**
* Build redirect URL for successful authentication
*/
function buildSuccessRedirectUrl(token: string, returnUrl: string | undefined, req: Request): string {
const baseUrl = getBaseUrl(req);
const targetPath = returnUrl || '/';
// Use a special OAuth callback page that stores the token
const callbackPath = `${config.basePath}/oauth-callback`;
const params = new URLSearchParams({
token,
returnUrl: targetPath,
});
return `${baseUrl}${callbackPath}?${params.toString()}`;
}
/**
* Build redirect URL for authentication errors
*/
function buildErrorRedirectUrl(error: string, req: Request): string {
const baseUrl = getBaseUrl(req);
const loginPath = `${config.basePath}/login`;
const params = new URLSearchParams({
error: 'oauth_failed',
message: error,
});
return `${baseUrl}${loginPath}?${params.toString()}`;
}
/**
* Get base URL from request
*/
function getBaseUrl(req: Request): string {
if (req.headers['x-forwarded-proto'] && req.headers['x-forwarded-host']) {
return `${req.headers['x-forwarded-proto']}://${req.headers['x-forwarded-host']}`;
}
return `${req.protocol}://${req.get('host')}`;
}

61
src/controllers/serverController.ts
View File

@@ -7,6 +7,7 @@ import {
BatchCreateServersResponse, BatchCreateServersResponse,
BatchServerResult, BatchServerResult,
ServerConfig, ServerConfig,
ServerInfo,
} from '../types/index.js'; } from '../types/index.js';
import { import {
getServersInfo, getServersInfo,
@@ -24,13 +25,66 @@ import { createSafeJSON } from '../utils/serialization.js';
import { cloneDefaultOAuthServerConfig } from '../constants/oauthServerDefaults.js'; import { cloneDefaultOAuthServerConfig } from '../constants/oauthServerDefaults.js';
import { getServerDao, getGroupDao, getSystemConfigDao } from '../dao/DaoFactory.js'; import { getServerDao, getGroupDao, getSystemConfigDao } from '../dao/DaoFactory.js';
import { getBearerKeyDao } from '../dao/DaoFactory.js'; import { getBearerKeyDao } from '../dao/DaoFactory.js';
import { UserContextService } from '../services/userContextService.js';
export const getAllServers = async (_: Request, res: Response): Promise<void> => { export const getAllServers = async (req: Request, res: Response): Promise<void> => {
try { try {
const serversInfo = await getServersInfo(); // Parse pagination parameters from query string
const page = req.query.page ? parseInt(req.query.page as string, 10) : 1;
const limit = req.query.limit ? parseInt(req.query.limit as string, 10) : undefined;
// Validate pagination parameters
if (page < 1) {
res.status(400).json({
success: false,
message: 'Page number must be greater than 0',
});
return;
}
if (limit !== undefined && (limit < 1 || limit > 1000)) {
res.status(400).json({
success: false,
message: 'Limit must be between 1 and 1000',
});
return;
}
// Get current user for filtering
const currentUser = UserContextService.getInstance().getCurrentUser();
const isAdmin = !currentUser || currentUser.isAdmin;
// Get servers info with pagination if limit is specified
let serversInfo: Omit<ServerInfo, 'client' | 'transport'>[];
let pagination = undefined;
if (limit !== undefined) {
// Use DAO layer pagination with proper filtering
const serverDao = getServerDao();
const paginatedResult = isAdmin
? await serverDao.findAllPaginated(page, limit)
: await serverDao.findByOwnerPaginated(currentUser!.username, page, limit);
// Get runtime info for paginated servers
serversInfo = await getServersInfo(page, limit, currentUser);
pagination = {
page: paginatedResult.page,
limit: paginatedResult.limit,
total: paginatedResult.total,
totalPages: paginatedResult.totalPages,
hasNextPage: paginatedResult.page < paginatedResult.totalPages,
hasPrevPage: paginatedResult.page > 1,
};
} else {
// No pagination, get all servers (will be filtered by mcpService)
serversInfo = await getServersInfo();
}
const response: ApiResponse = { const response: ApiResponse = {
success: true, success: true,
data: createSafeJSON(serversInfo), data: createSafeJSON(serversInfo),
...(pagination && { pagination }),
}; };
res.json(response); res.json(response);
} catch (error) { } catch (error) {
@@ -564,10 +618,9 @@ export const updateServer = async (req: Request, res: Response): Promise<void> =
}); });
} }
} catch (error) { } catch (error) {
console.error('Failed to update server:', error);
res.status(500).json({ res.status(500).json({
success: false, success: false,
message: error instanceof Error ? error.message : 'Internal server error', message: 'Internal server error',
}); });
} }
}; };

76
src/dao/ServerDao.ts
View File

@@ -2,10 +2,31 @@ import { ServerConfig } from '../types/index.js';
import { BaseDao } from './base/BaseDao.js'; import { BaseDao } from './base/BaseDao.js';
import { JsonFileBaseDao } from './base/JsonFileBaseDao.js'; import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
/**
* Pagination result interface
*/
export interface PaginatedResult<T> {
data: T[];
total: number;
page: number;
limit: number;
totalPages: number;
}
/** /**
* Server DAO interface with server-specific operations * Server DAO interface with server-specific operations
*/ */
export interface ServerDao extends BaseDao<ServerConfigWithName, string> { export interface ServerDao extends BaseDao<ServerConfigWithName, string> {
/**
* Find all servers with pagination
*/
findAllPaginated(page: number, limit: number): Promise<PaginatedResult<ServerConfigWithName>>;
/**
* Find servers by owner with pagination
*/
findByOwnerPaginated(owner: string, page: number, limit: number): Promise<PaginatedResult<ServerConfigWithName>>;
/** /**
* Find servers by owner * Find servers by owner
*/ */
@@ -176,6 +197,61 @@ export class ServerDaoImpl extends JsonFileBaseDao implements ServerDao {
return servers.length; return servers.length;
} }
async findAllPaginated(page: number, limit: number): Promise<PaginatedResult<ServerConfigWithName>> {
const allServers = await this.getAll();
// Sort: enabled servers first, then by creation time
const sortedServers = allServers.sort((a, b) => {
const aEnabled = a.enabled !== false;
const bEnabled = b.enabled !== false;
if (aEnabled !== bEnabled) {
return aEnabled ? -1 : 1;
}
return 0; // Keep original order for same enabled status
});
const total = sortedServers.length;
const totalPages = Math.ceil(total / limit);
const startIndex = (page - 1) * limit;
const endIndex = startIndex + limit;
const data = sortedServers.slice(startIndex, endIndex);
return {
data,
total,
page,
limit,
totalPages,
};
}
async findByOwnerPaginated(owner: string, page: number, limit: number): Promise<PaginatedResult<ServerConfigWithName>> {
const allServers = await this.getAll();
const filteredServers = allServers.filter((server) => server.owner === owner);
// Sort: enabled servers first, then by creation time
const sortedServers = filteredServers.sort((a, b) => {
const aEnabled = a.enabled !== false;
const bEnabled = b.enabled !== false;
if (aEnabled !== bEnabled) {
return aEnabled ? -1 : 1;
}
return 0; // Keep original order for same enabled status
});
const total = sortedServers.length;
const totalPages = Math.ceil(total / limit);
const startIndex = (page - 1) * limit;
const endIndex = startIndex + limit;
const data = sortedServers.slice(startIndex, endIndex);
return {
data,
total,
page,
limit,
totalPages,
};
}
async findByOwner(owner: string): Promise<ServerConfigWithName[]> { async findByOwner(owner: string): Promise<ServerConfigWithName[]> {
const servers = await this.getAll(); const servers = await this.getAll();
return servers.filter((server) => server.owner === owner); return servers.filter((server) => server.owner === owner);

32
src/dao/ServerDaoDbImpl.ts
View File

@@ -1,4 +1,4 @@
import { ServerDao, ServerConfigWithName } from './index.js'; import { ServerDao, ServerConfigWithName, PaginatedResult } from './index.js';
import { ServerRepository } from '../db/repositories/ServerRepository.js'; import { ServerRepository } from '../db/repositories/ServerRepository.js';
/** /**
@@ -16,6 +16,32 @@ export class ServerDaoDbImpl implements ServerDao {
return servers.map((s) => this.mapToServerConfig(s)); return servers.map((s) => this.mapToServerConfig(s));
} }
async findAllPaginated(page: number, limit: number): Promise<PaginatedResult<ServerConfigWithName>> {
const { data, total } = await this.repository.findAllPaginated(page, limit);
const totalPages = Math.ceil(total / limit);
return {
data: data.map((s) => this.mapToServerConfig(s)),
total,
page,
limit,
totalPages,
};
}
async findByOwnerPaginated(owner: string, page: number, limit: number): Promise<PaginatedResult<ServerConfigWithName>> {
const { data, total } = await this.repository.findByOwnerPaginated(owner, page, limit);
const totalPages = Math.ceil(total / limit);
return {
data: data.map((s) => this.mapToServerConfig(s)),
total,
page,
limit,
totalPages,
};
}
async findById(name: string): Promise<ServerConfigWithName | null> { async findById(name: string): Promise<ServerConfigWithName | null> {
const server = await this.repository.findByName(name); const server = await this.repository.findByName(name);
return server ? this.mapToServerConfig(server) : null; return server ? this.mapToServerConfig(server) : null;
@@ -38,6 +64,7 @@ export class ServerDaoDbImpl implements ServerDao {
prompts: entity.prompts, prompts: entity.prompts,
options: entity.options, options: entity.options,
oauth: entity.oauth, oauth: entity.oauth,
proxy: entity.proxy,
openapi: entity.openapi, openapi: entity.openapi,
}); });
return this.mapToServerConfig(server); return this.mapToServerConfig(server);
@@ -62,6 +89,7 @@ export class ServerDaoDbImpl implements ServerDao {
prompts: entity.prompts, prompts: entity.prompts,
options: entity.options, options: entity.options,
oauth: entity.oauth, oauth: entity.oauth,
proxy: entity.proxy,
openapi: entity.openapi, openapi: entity.openapi,
}); });
return server ? this.mapToServerConfig(server) : null; return server ? this.mapToServerConfig(server) : null;
@@ -140,6 +168,7 @@ export class ServerDaoDbImpl implements ServerDao {
prompts?: Record<string, { enabled: boolean; description?: string }>; prompts?: Record<string, { enabled: boolean; description?: string }>;
options?: Record<string, any>; options?: Record<string, any>;
oauth?: Record<string, any>; oauth?: Record<string, any>;
proxy?: Record<string, any>;
openapi?: Record<string, any>; openapi?: Record<string, any>;
}): ServerConfigWithName { }): ServerConfigWithName {
return { return {
@@ -158,6 +187,7 @@ export class ServerDaoDbImpl implements ServerDao {
prompts: server.prompts, prompts: server.prompts,
options: server.options, options: server.options,
oauth: server.oauth, oauth: server.oauth,
proxy: server.proxy,
openapi: server.openapi, openapi: server.openapi,
}; };
} }

3
src/dao/SystemConfigDaoDbImpl.ts
View File

@@ -22,7 +22,6 @@ export class SystemConfigDaoDbImpl implements SystemConfigDao {
nameSeparator: config.nameSeparator, nameSeparator: config.nameSeparator,
oauth: config.oauth as any, oauth: config.oauth as any,
oauthServer: config.oauthServer as any, oauthServer: config.oauthServer as any,
oauthSso: config.oauthSso as any,
enableSessionRebuild: config.enableSessionRebuild, enableSessionRebuild: config.enableSessionRebuild,
}; };
} }
@@ -37,7 +36,6 @@ export class SystemConfigDaoDbImpl implements SystemConfigDao {
nameSeparator: updated.nameSeparator, nameSeparator: updated.nameSeparator,
oauth: updated.oauth as any, oauth: updated.oauth as any,
oauthServer: updated.oauthServer as any, oauthServer: updated.oauthServer as any,
oauthSso: updated.oauthSso as any,
enableSessionRebuild: updated.enableSessionRebuild, enableSessionRebuild: updated.enableSessionRebuild,
}; };
} }
@@ -52,7 +50,6 @@ export class SystemConfigDaoDbImpl implements SystemConfigDao {
nameSeparator: config.nameSeparator, nameSeparator: config.nameSeparator,
oauth: config.oauth as any, oauth: config.oauth as any,
oauthServer: config.oauthServer as any, oauthServer: config.oauthServer as any,
oauthSso: config.oauthSso as any,
enableSessionRebuild: config.enableSessionRebuild, enableSessionRebuild: config.enableSessionRebuild,
}; };
} }

51
src/dao/UserDaoDbImpl.ts
View File

@@ -13,28 +13,23 @@ export class UserDaoDbImpl implements UserDao {
this.repository = new UserRepository(); this.repository = new UserRepository();
} }
private mapToIUser(u: any): IUser { async findAll(): Promise<IUser[]> {
return { const users = await this.repository.findAll();
return users.map((u) => ({
username: u.username, username: u.username,
password: u.password, password: u.password,
isAdmin: u.isAdmin, isAdmin: u.isAdmin,
oauthProvider: u.oauthProvider, }));
oauthSubject: u.oauthSubject,
email: u.email,
displayName: u.displayName,
avatarUrl: u.avatarUrl,
};
}
async findAll(): Promise<IUser[]> {
const users = await this.repository.findAll();
return users.map(this.mapToIUser);
} }
async findById(username: string): Promise<IUser | null> { async findById(username: string): Promise<IUser | null> {
const user = await this.repository.findByUsername(username); const user = await this.repository.findByUsername(username);
if (!user) return null; if (!user) return null;
return this.mapToIUser(user); return {
username: user.username,
password: user.password,
isAdmin: user.isAdmin,
};
} }
async findByUsername(username: string): Promise<IUser | null> { async findByUsername(username: string): Promise<IUser | null> {
@@ -46,13 +41,12 @@ export class UserDaoDbImpl implements UserDao {
username: entity.username, username: entity.username,
password: entity.password, password: entity.password,
isAdmin: entity.isAdmin || false, isAdmin: entity.isAdmin || false,
oauthProvider: entity.oauthProvider,
oauthSubject: entity.oauthSubject,
email: entity.email,
displayName: entity.displayName,
avatarUrl: entity.avatarUrl,
}); });
return this.mapToIUser(user); return {
username: user.username,
password: user.password,
isAdmin: user.isAdmin,
};
} }
async createWithHashedPassword( async createWithHashedPassword(
@@ -68,14 +62,13 @@ export class UserDaoDbImpl implements UserDao {
const user = await this.repository.update(username, { const user = await this.repository.update(username, {
password: entity.password, password: entity.password,
isAdmin: entity.isAdmin, isAdmin: entity.isAdmin,
oauthProvider: entity.oauthProvider,
oauthSubject: entity.oauthSubject,
email: entity.email,
displayName: entity.displayName,
avatarUrl: entity.avatarUrl,
}); });
if (!user) return null; if (!user) return null;
return this.mapToIUser(user); return {
username: user.username,
password: user.password,
isAdmin: user.isAdmin,
};
} }
async delete(username: string): Promise<boolean> { async delete(username: string): Promise<boolean> {
@@ -106,6 +99,10 @@ export class UserDaoDbImpl implements UserDao {
async findAdmins(): Promise<IUser[]> { async findAdmins(): Promise<IUser[]> {
const users = await this.repository.findAdmins(); const users = await this.repository.findAdmins();
return users.map(this.mapToIUser); return users.map((u) => ({
username: u.username,
password: u.password,
isAdmin: u.isAdmin,
}));
} }
} }

3
src/db/entities/Server.ts
View File

@@ -59,6 +59,9 @@ export class Server {
@Column({ type: 'simple-json', nullable: true }) @Column({ type: 'simple-json', nullable: true })
oauth?: Record<string, any>; oauth?: Record<string, any>;
@Column({ type: 'simple-json', nullable: true })
proxy?: Record<string, any>;
@Column({ type: 'simple-json', nullable: true }) @Column({ type: 'simple-json', nullable: true })
openapi?: Record<string, any>; openapi?: Record<string, any>;

3
src/db/entities/SystemConfig.ts
View File

@@ -30,9 +30,6 @@ export class SystemConfig {
@Column({ type: 'simple-json', nullable: true }) @Column({ type: 'simple-json', nullable: true })
oauthServer?: Record<string, any>; oauthServer?: Record<string, any>;
@Column({ name: 'oauth_sso', type: 'simple-json', nullable: true })
oauthSso?: Record<string, any>;
@Column({ type: 'boolean', nullable: true }) @Column({ type: 'boolean', nullable: true })
enableSessionRebuild?: boolean; enableSessionRebuild?: boolean;

16
src/db/entities/User.ts
View File

@@ -23,22 +23,6 @@ export class User {
@Column({ type: 'boolean', default: false }) @Column({ type: 'boolean', default: false })
isAdmin: boolean; isAdmin: boolean;
// OAuth SSO fields
@Column({ name: 'oauth_provider', type: 'varchar', length: 100, nullable: true })
oauthProvider?: string;
@Column({ name: 'oauth_subject', type: 'varchar', length: 255, nullable: true })
oauthSubject?: string;
@Column({ type: 'varchar', length: 255, nullable: true })
email?: string;
@Column({ name: 'display_name', type: 'varchar', length: 255, nullable: true })
displayName?: string;
@Column({ name: 'avatar_url', type: 'text', nullable: true })
avatarUrl?: string;
@CreateDateColumn({ name: 'created_at', type: 'timestamp' }) @CreateDateColumn({ name: 'created_at', type: 'timestamp' })
createdAt: Date; createdAt: Date;

35
src/db/repositories/ServerRepository.ts
View File

@@ -69,6 +69,41 @@ export class ServerRepository {
return await this.repository.count(); return await this.repository.count();
} }
/**
* Find servers with pagination
*/
async findAllPaginated(page: number, limit: number): Promise<{ data: Server[]; total: number }> {
const skip = (page - 1) * limit;
const [data, total] = await this.repository.findAndCount({
order: {
enabled: 'DESC', // Enabled servers first
createdAt: 'ASC' // Then by creation time
},
skip,
take: limit,
});
return { data, total };
}
/**
* Find servers by owner with pagination
*/
async findByOwnerPaginated(owner: string, page: number, limit: number): Promise<{ data: Server[]; total: number }> {
const skip = (page - 1) * limit;
const [data, total] = await this.repository.findAndCount({
where: { owner },
order: {
enabled: 'DESC', // Enabled servers first
createdAt: 'ASC' // Then by creation time
},
skip,
take: limit,
});
return { data, total };
}
/** /**
* Find servers by owner * Find servers by owner
*/ */

12
src/routes/index.ts
View File

@@ -112,12 +112,6 @@ import {
updateBearerKey, updateBearerKey,
deleteBearerKey, deleteBearerKey,
} from '../controllers/bearerKeyController.js'; } from '../controllers/bearerKeyController.js';
import {
getOAuthSsoConfig,
initiateOAuthLogin,
handleOAuthCallback as handleOAuthSsoCallback,
listOAuthProviders,
} from '../controllers/oauthSsoController.js';
import { auth } from '../middlewares/auth.js'; import { auth } from '../middlewares/auth.js';
const router = express.Router(); const router = express.Router();
@@ -279,12 +273,6 @@ export const initRoutes = (app: express.Application): void => {
changePassword, changePassword,
); );
// OAuth SSO routes (no auth required - these are for logging in)
router.get('/auth/sso/config', getOAuthSsoConfig);
router.get('/auth/sso/providers', listOAuthProviders);
router.get('/auth/sso/:providerId', initiateOAuthLogin);
router.get('/auth/sso/:providerId/callback', handleOAuthSsoCallback);
// Runtime configuration endpoint (no auth required for frontend initialization) // Runtime configuration endpoint (no auth required for frontend initialization)
app.get(`${config.basePath}/config`, getRuntimeConfig); app.get(`${config.basePath}/config`, getRuntimeConfig);

209
src/services/mcpService.ts
View File

@@ -1,4 +1,6 @@
import os from 'os'; import os from 'os';
import path from 'path';
import fs from 'fs';
import { Server } from '@modelcontextprotocol/sdk/server/index.js'; import { Server } from '@modelcontextprotocol/sdk/server/index.js';
import { import {
CallToolRequestSchema, CallToolRequestSchema,
@@ -15,7 +17,7 @@ import {
StreamableHTTPClientTransportOptions, StreamableHTTPClientTransportOptions,
} from '@modelcontextprotocol/sdk/client/streamableHttp.js'; } from '@modelcontextprotocol/sdk/client/streamableHttp.js';
import { createFetchWithProxy, getProxyConfigFromEnv } from './proxy.js'; import { createFetchWithProxy, getProxyConfigFromEnv } from './proxy.js';
import { ServerInfo, ServerConfig, Tool } from '../types/index.js'; import { ServerInfo, ServerConfig, Tool, ProxychainsConfig } from '../types/index.js';
import { expandEnvVars, replaceEnvVars, getNameSeparator } from '../config/index.js'; import { expandEnvVars, replaceEnvVars, getNameSeparator } from '../config/index.js';
import config from '../config/index.js'; import config from '../config/index.js';
import { getGroup } from './sseService.js'; import { getGroup } from './sseService.js';
@@ -32,6 +34,150 @@ const servers: { [sessionId: string]: Server } = {};
import { setupClientKeepAlive } from './keepAliveService.js'; import { setupClientKeepAlive } from './keepAliveService.js';
/**
* Check if proxychains4 is available on the system (Linux/macOS only).
* Returns the path to proxychains4 if found, null otherwise.
*/
const findProxychains4 = (): string | null => {
// Windows is not supported
if (process.platform === 'win32') {
return null;
}
// Common proxychains4 binary paths
const possiblePaths = [
'/usr/bin/proxychains4',
'/usr/local/bin/proxychains4',
'/opt/homebrew/bin/proxychains4', // macOS Homebrew ARM
'/usr/local/Cellar/proxychains-ng/*/bin/proxychains4', // macOS Homebrew Intel
];
for (const p of possiblePaths) {
if (fs.existsSync(p)) {
return p;
}
}
// Try to find in PATH
const pathEnv = process.env.PATH || '';
const pathDirs = pathEnv.split(path.delimiter);
for (const dir of pathDirs) {
const fullPath = path.join(dir, 'proxychains4');
if (fs.existsSync(fullPath)) {
return fullPath;
}
}
return null;
};
/**
* Generate a temporary proxychains4 configuration file.
* Returns the path to the generated config file.
*/
const generateProxychainsConfig = (
serverName: string,
proxyConfig: ProxychainsConfig,
): string | null => {
// If a custom config path is provided, use it directly
if (proxyConfig.configPath) {
if (fs.existsSync(proxyConfig.configPath)) {
return proxyConfig.configPath;
}
console.warn(
`[${serverName}] Custom proxychains config not found: ${proxyConfig.configPath}`,
);
return null;
}
// Validate required fields
if (!proxyConfig.host || !proxyConfig.port) {
console.warn(`[${serverName}] Proxy host and port are required for proxychains4`);
return null;
}
const proxyType = proxyConfig.type || 'socks5';
const proxyLine = proxyConfig.username && proxyConfig.password
? `${proxyType} ${proxyConfig.host} ${proxyConfig.port} ${proxyConfig.username} ${proxyConfig.password}`
: `${proxyType} ${proxyConfig.host} ${proxyConfig.port}`;
const configContent = `# Proxychains4 configuration for MCP server: ${serverName}
# Generated by MCPHub
strict_chain
proxy_dns
remote_dns_subnet 224
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
${proxyLine}
`;
// Create temp directory if needed
const tempDir = path.join(os.tmpdir(), 'mcphub-proxychains');
if (!fs.existsSync(tempDir)) {
fs.mkdirSync(tempDir, { recursive: true });
}
// Write config file
const configPath = path.join(tempDir, `${serverName.replace(/[^a-zA-Z0-9-_]/g, '_')}.conf`);
fs.writeFileSync(configPath, configContent, 'utf-8');
console.log(`[${serverName}] Generated proxychains4 config: ${configPath}`);
return configPath;
};
/**
* Wrap a command with proxychains4 if proxy is configured and available.
* Returns modified command and args if proxychains4 is used, original values otherwise.
*/
const wrapWithProxychains = (
serverName: string,
command: string,
args: string[],
proxyConfig?: ProxychainsConfig,
): { command: string; args: string[] } => {
// Skip if proxy is not enabled or not configured
if (!proxyConfig?.enabled) {
return { command, args };
}
// Check platform - Windows is not supported
if (process.platform === 'win32') {
console.warn(
`[${serverName}] proxychains4 proxy is not supported on Windows, ignoring proxy configuration`,
);
return { command, args };
}
// Find proxychains4 binary
const proxychains4Path = findProxychains4();
if (!proxychains4Path) {
console.warn(
`[${serverName}] proxychains4 not found on system, install it with: apt install proxychains4 (Debian/Ubuntu) or brew install proxychains-ng (macOS)`,
);
return { command, args };
}
// Generate or get config file
const configPath = generateProxychainsConfig(serverName, proxyConfig);
if (!configPath) {
console.warn(`[${serverName}] Failed to setup proxychains4 configuration, skipping proxy`);
return { command, args };
}
// Wrap command with proxychains4
console.log(
`[${serverName}] Using proxychains4 proxy: ${proxyConfig.type || 'socks5'}://${proxyConfig.host}:${proxyConfig.port}`,
);
return {
command: proxychains4Path,
args: ['-f', configPath, command, ...args],
};
};
export const initUpstreamServers = async (): Promise<void> => { export const initUpstreamServers = async (): Promise<void> => {
// Initialize OAuth clients for servers with dynamic registration // Initialize OAuth clients for servers with dynamic registration
await initializeAllOAuthClients(); await initializeAllOAuthClients();
@@ -209,11 +355,19 @@ export const createTransportFromConfig = async (name: string, conf: ServerConfig
env['npm_config_registry'] = systemConfig.install.npmRegistry; env['npm_config_registry'] = systemConfig.install.npmRegistry;
} }
// Expand environment variables in command // Apply proxychains4 wrapper if proxy is configured (Linux/macOS only)
const { command: finalCommand, args: finalArgs } = wrapWithProxychains(
name,
conf.command,
replaceEnvVars(conf.args) as string[],
conf.proxy,
);
// Create STDIO transport with potentially wrapped command
transport = new StdioClientTransport({ transport = new StdioClientTransport({
cwd: os.homedir(), cwd: os.homedir(),
command: conf.command, command: finalCommand,
args: replaceEnvVars(conf.args) as string[], args: finalArgs,
env: env, env: env,
stderr: 'pipe', stderr: 'pipe',
}); });
@@ -618,9 +772,19 @@ export const registerAllTools = async (isInit: boolean, serverName?: string): Pr
}; };
// Get all server information // Get all server information
export const getServersInfo = async (): Promise<Omit<ServerInfo, 'client' | 'transport'>[]> => { export const getServersInfo = async (
const allServers: ServerConfigWithName[] = await getServerDao().findAll(); page?: number,
limit?: number,
user?: any,
): Promise<Omit<ServerInfo, 'client' | 'transport'>[]> => {
const dataService = getDataService(); const dataService = getDataService();
// Get paginated or all server configurations from DAO
// If pagination is used with a non-admin user, filtering is already done at DAO level
const isPaginated = limit !== undefined && page !== undefined;
const allServers: ServerConfigWithName[] = isPaginated
? (await getServerDao().findAllPaginated(page, limit)).data
: await getServerDao().findAll();
// Ensure that servers recently added via DAO but not yet initialized in serverInfos // Ensure that servers recently added via DAO but not yet initialized in serverInfos
// are still visible in the servers list. This avoids a race condition where // are still visible in the servers list. This avoids a race condition where
@@ -629,10 +793,19 @@ export const getServersInfo = async (): Promise<Omit<ServerInfo, 'client' | 'tra
const combinedServerInfos: ServerInfo[] = [...serverInfos]; const combinedServerInfos: ServerInfo[] = [...serverInfos];
const existingNames = new Set(combinedServerInfos.map((s) => s.name)); const existingNames = new Set(combinedServerInfos.map((s) => s.name));
// Create a set of server names we're interested in (for pagination)
const requestedServerNames = new Set(allServers.map((s) => s.name));
// Filter serverInfos to only include requested servers if pagination is used
const filteredServerInfos = isPaginated
? combinedServerInfos.filter((s) => requestedServerNames.has(s.name))
: combinedServerInfos;
// Add servers from DAO that don't have runtime info yet
for (const server of allServers) { for (const server of allServers) {
if (!existingNames.has(server.name)) { if (!existingNames.has(server.name)) {
const isEnabled = server.enabled === undefined ? true : server.enabled; const isEnabled = server.enabled === undefined ? true : server.enabled;
combinedServerInfos.push({ filteredServerInfos.push({
name: server.name, name: server.name,
owner: server.owner, owner: server.owner,
// Newly created servers that are enabled should appear as "connecting" // Newly created servers that are enabled should appear as "connecting"
@@ -648,12 +821,16 @@ export const getServersInfo = async (): Promise<Omit<ServerInfo, 'client' | 'tra
} }
} }
const filterServerInfos: ServerInfo[] = dataService.filterData // Apply user filtering only when NOT using pagination (pagination already filtered at DAO level)
? dataService.filterData(combinedServerInfos) // Or when no pagination parameters provided (backward compatibility)
: combinedServerInfos; const shouldApplyUserFilter = !isPaginated;
const filterServerInfos: ServerInfo[] = shouldApplyUserFilter && dataService.filterData
? dataService.filterData(filteredServerInfos, user)
: filteredServerInfos;
const infos = filterServerInfos.map( const infos = filterServerInfos
({ name, status, tools, prompts, createTime, error, oauth }) => { .filter((info) => requestedServerNames.has(info.name)) // Only include requested servers
.map(({ name, status, tools, prompts, createTime, error, oauth }) => {
const serverConfig = allServers.find((server) => server.name === name); const serverConfig = allServers.find((server) => server.name === name);
const enabled = serverConfig ? serverConfig.enabled !== false : true; const enabled = serverConfig ? serverConfig.enabled !== false : true;
@@ -692,12 +869,8 @@ export const getServersInfo = async (): Promise<Omit<ServerInfo, 'client' | 'tra
} }
: undefined, : undefined,
}; };
}, });
); // Sorting is now handled at DAO layer for consistent pagination results
infos.sort((a, b) => {
if (a.enabled === b.enabled) return 0;
return a.enabled ? -1 : 1;
});
return infos; return infos;
}; };

546
src/services/oauthSsoService.ts
View File

@@ -1,546 +0,0 @@
/**
* OAuth SSO Service
*
* Handles OAuth 2.0 / OIDC SSO authentication for user login.
* Supports Google, Microsoft, GitHub, and custom OIDC providers.
*/
import * as client from 'openid-client';
import crypto from 'crypto';
import { getSystemConfigDao, getUserDao } from '../dao/index.js';
import { IUser, OAuthSsoProviderConfig, OAuthSsoConfig } from '../types/index.js';
// In-memory store for OAuth state (code verifier, state, etc.)
// NOTE: This implementation uses in-memory storage which is suitable for single-instance deployments.
// For multi-instance/scaled deployments, implement Redis or database-backed state storage
// to ensure OAuth callbacks reach the correct instance where the state was stored.
interface OAuthStateEntry {
codeVerifier: string;
providerId: string;
returnUrl?: string;
createdAt: number;
}
const stateStore = new Map<string, OAuthStateEntry>();
const STATE_TTL_MS = 10 * 60 * 1000; // 10 minutes
// Cleanup old state entries periodically
let cleanupInterval: ReturnType<typeof setInterval> | null = null;
function startStateCleanup(): void {
if (cleanupInterval) return;
cleanupInterval = setInterval(() => {
const now = Date.now();
for (const [state, entry] of stateStore.entries()) {
if (now - entry.createdAt > STATE_TTL_MS) {
stateStore.delete(state);
}
}
}, 60 * 1000); // Cleanup every minute
}
// Start cleanup on module load
startStateCleanup();
/**
* Stop the state cleanup interval (useful for tests and graceful shutdown)
*/
export function stopStateCleanup(): void {
if (cleanupInterval) {
clearInterval(cleanupInterval);
cleanupInterval = null;
}
}
// GitHub API response types for type safety
interface GitHubUserResponse {
id: number;
login: string;
name?: string;
email?: string;
avatar_url?: string;
}
interface GitHubEmailResponse {
email: string;
primary: boolean;
verified: boolean;
visibility?: string;
}
// Provider configurations cache
const providerConfigsCache = new Map<
string,
{
config: client.Configuration;
provider: OAuthSsoProviderConfig;
}
>();
/**
* Get OAuth SSO configuration from system config
*/
export async function getOAuthSsoConfig(): Promise<OAuthSsoConfig | undefined> {
const systemConfigDao = getSystemConfigDao();
const systemConfig = await systemConfigDao.get();
return systemConfig?.oauthSso;
}
/**
* Check if OAuth SSO is enabled
*/
export async function isOAuthSsoEnabled(): Promise<boolean> {
const config = await getOAuthSsoConfig();
return config?.enabled === true && (config.providers?.length ?? 0) > 0;
}
/**
* Get enabled OAuth SSO providers
*/
export async function getEnabledProviders(): Promise<OAuthSsoProviderConfig[]> {
const config = await getOAuthSsoConfig();
if (!config?.enabled || !config.providers) {
return [];
}
return config.providers.filter((p) => p.enabled !== false);
}
/**
* Get a specific provider by ID
*/
export async function getProviderById(providerId: string): Promise<OAuthSsoProviderConfig | undefined> {
const providers = await getEnabledProviders();
return providers.find((p) => p.id === providerId);
}
/**
* Get default scopes for a provider type
*/
function getDefaultScopes(type: OAuthSsoProviderConfig['type']): string[] {
switch (type) {
case 'google':
return ['openid', 'email', 'profile'];
case 'microsoft':
return ['openid', 'email', 'profile', 'User.Read'];
case 'github':
return ['read:user', 'user:email'];
case 'oidc':
default:
return ['openid', 'email', 'profile'];
}
}
/**
* Get provider discovery URL
*/
function getDiscoveryUrl(provider: OAuthSsoProviderConfig): string | undefined {
if (provider.issuerUrl) {
return provider.issuerUrl;
}
switch (provider.type) {
case 'google':
return 'https://accounts.google.com';
case 'microsoft':
// Using common endpoint for multi-tenant
return 'https://login.microsoftonline.com/common/v2.0';
case 'github':
// GitHub doesn't support OIDC discovery, we'll use explicit endpoints
return undefined;
default:
return undefined;
}
}
/**
* Get explicit OAuth endpoints for providers without OIDC discovery
*/
function getExplicitEndpoints(provider: OAuthSsoProviderConfig): {
authorizationUrl: string;
tokenUrl: string;
userInfoUrl: string;
} | undefined {
if (provider.type === 'github') {
return {
authorizationUrl: provider.authorizationUrl || 'https://github.com/login/oauth/authorize',
tokenUrl: provider.tokenUrl || 'https://github.com/login/oauth/access_token',
userInfoUrl: provider.userInfoUrl || 'https://api.github.com/user',
};
}
// For custom providers with explicit endpoints
if (provider.authorizationUrl && provider.tokenUrl && provider.userInfoUrl) {
return {
authorizationUrl: provider.authorizationUrl,
tokenUrl: provider.tokenUrl,
userInfoUrl: provider.userInfoUrl,
};
}
return undefined;
}
/**
* Initialize and cache openid-client configuration for a provider
*/
async function getClientConfig(
provider: OAuthSsoProviderConfig,
_callbackUrl: string,
): Promise<client.Configuration> {
const cacheKey = provider.id;
const cached = providerConfigsCache.get(cacheKey);
if (cached) {
return cached.config;
}
let config: client.Configuration;
const discoveryUrl = getDiscoveryUrl(provider);
if (discoveryUrl) {
// Use OIDC discovery
config = await client.discovery(new URL(discoveryUrl), provider.clientId, provider.clientSecret);
} else {
// Use explicit endpoints for providers like GitHub
const endpoints = getExplicitEndpoints(provider);
if (!endpoints) {
throw new Error(
`Provider ${provider.id} requires either issuerUrl for OIDC discovery or explicit endpoints`,
);
}
// Create a manual server metadata configuration
const serverMetadata: client.ServerMetadata = {
issuer: provider.issuerUrl || `https://${provider.type}.oauth`,
authorization_endpoint: endpoints.authorizationUrl,
token_endpoint: endpoints.tokenUrl,
userinfo_endpoint: endpoints.userInfoUrl,
};
config = new client.Configuration(serverMetadata, provider.clientId, provider.clientSecret);
}
providerConfigsCache.set(cacheKey, { config, provider });
return config;
}
/**
* Generate the authorization URL for a provider
*/
export async function generateAuthorizationUrl(
providerId: string,
callbackUrl: string,
returnUrl?: string,
): Promise<{ url: string; state: string }> {
const provider = await getProviderById(providerId);
if (!provider) {
throw new Error(`OAuth SSO provider not found: ${providerId}`);
}
const config = await getClientConfig(provider, callbackUrl);
const scopes = provider.scopes || getDefaultScopes(provider.type);
// Generate PKCE code verifier and challenge
const codeVerifier = client.randomPKCECodeVerifier();
const codeChallenge = await client.calculatePKCECodeChallenge(codeVerifier);
// Generate state
const state = crypto.randomBytes(32).toString('base64url');
// Store state for callback verification
stateStore.set(state, {
codeVerifier,
providerId,
returnUrl,
createdAt: Date.now(),
});
// Build authorization URL parameters
const parameters: Record<string, string> = {
redirect_uri: callbackUrl,
scope: scopes.join(' '),
state,
code_challenge: codeChallenge,
code_challenge_method: 'S256',
};
// GitHub-specific: request user email access
if (provider.type === 'github') {
// GitHub doesn't use PKCE, but we'll still store the state
delete parameters.code_challenge;
delete parameters.code_challenge_method;
}
const url = client.buildAuthorizationUrl(config, parameters);
return { url: url.toString(), state };
}
/**
* Exchange authorization code for tokens and user info
*/
export async function handleCallback(
callbackUrl: string,
currentUrl: string,
state: string,
): Promise<{
user: IUser;
isNewUser: boolean;
returnUrl?: string;
}> {
// Verify and retrieve state
const stateEntry = stateStore.get(state);
if (!stateEntry) {
throw new Error('Invalid or expired OAuth state');
}
// Remove used state
stateStore.delete(state);
const provider = await getProviderById(stateEntry.providerId);
if (!provider) {
throw new Error(`OAuth SSO provider not found: ${stateEntry.providerId}`);
}
const config = await getClientConfig(provider, callbackUrl);
// Exchange code for tokens
let tokens: client.TokenEndpointResponse;
if (provider.type === 'github') {
// GitHub doesn't use PKCE
tokens = await client.authorizationCodeGrant(config, new URL(currentUrl), {
expectedState: state,
});
} else {
// OIDC providers with PKCE
tokens = await client.authorizationCodeGrant(config, new URL(currentUrl), {
pkceCodeVerifier: stateEntry.codeVerifier,
expectedState: state,
});
}
// Get user info
const userInfo = await getUserInfo(provider, config, tokens);
// Find or create user
const { user, isNewUser } = await findOrCreateUser(provider, userInfo);
return {
user,
isNewUser,
returnUrl: stateEntry.returnUrl,
};
}
/**
* Fetch user info from the provider
*/
async function getUserInfo(
provider: OAuthSsoProviderConfig,
config: client.Configuration,
tokens: client.TokenEndpointResponse,
): Promise<{
sub: string;
email?: string;
name?: string;
picture?: string;
groups?: string[];
roles?: string[];
[key: string]: unknown;
}> {
if (provider.type === 'github') {
// GitHub uses a different API for user info
const response = await fetch('https://api.github.com/user', {
headers: {
Authorization: `Bearer ${tokens.access_token}`,
Accept: 'application/json',
},
});
if (!response.ok) {
throw new Error(`Failed to fetch GitHub user info: ${response.statusText}`);
}
const data = (await response.json()) as GitHubUserResponse;
// Fetch email separately if not public
let email = data.email;
if (!email) {
const emailResponse = await fetch('https://api.github.com/user/emails', {
headers: {
Authorization: `Bearer ${tokens.access_token}`,
Accept: 'application/json',
},
});
if (emailResponse.ok) {
const emails = (await emailResponse.json()) as GitHubEmailResponse[];
const primaryEmail = emails.find((e) => e.primary);
email = primaryEmail?.email || emails[0]?.email;
}
}
return {
sub: String(data.id),
email,
name: data.name || data.login,
picture: data.avatar_url,
};
}
// Standard OIDC userinfo endpoint
const userInfoResponse = await client.fetchUserInfo(config, tokens.access_token!, client.skipSubjectCheck);
return {
sub: userInfoResponse.sub,
email: userInfoResponse.email as string | undefined,
name: userInfoResponse.name as string | undefined,
picture: userInfoResponse.picture as string | undefined,
groups: userInfoResponse.groups as string[] | undefined,
roles: userInfoResponse.roles as string[] | undefined,
};
}
/**
* Find existing user or create new one based on OAuth profile
*/
async function findOrCreateUser(
provider: OAuthSsoProviderConfig,
userInfo: {
sub: string;
email?: string;
name?: string;
picture?: string;
groups?: string[];
roles?: string[];
[key: string]: unknown;
},
): Promise<{ user: IUser; isNewUser: boolean }> {
const userDao = getUserDao();
// Generate a unique username based on provider and subject
const oauthUsername = `${provider.id}:${userInfo.sub}`;
// Try to find existing user by OAuth identity
let user = await userDao.findByUsername(oauthUsername);
if (user) {
// Update user info if changed
const updates: Partial<IUser> = {};
if (userInfo.email && userInfo.email !== user.email) {
updates.email = userInfo.email;
}
if (userInfo.name && userInfo.name !== user.displayName) {
updates.displayName = userInfo.name;
}
if (userInfo.picture && userInfo.picture !== user.avatarUrl) {
updates.avatarUrl = userInfo.picture;
}
// Check admin status based on claims
const isAdmin = checkAdminClaim(provider, userInfo);
if (isAdmin !== user.isAdmin) {
updates.isAdmin = isAdmin;
}
if (Object.keys(updates).length > 0) {
await userDao.update(oauthUsername, updates);
user = { ...user, ...updates };
}
return { user, isNewUser: false };
}
// Check if auto-provisioning is enabled
if (provider.autoProvision === false) {
throw new Error(
`User not found and auto-provisioning is disabled for provider: ${provider.name}`,
);
}
// Create new user
const isAdmin = checkAdminClaim(provider, userInfo) || provider.defaultAdmin === true;
// Generate a random password for OAuth users (they won't use it)
const randomPassword = crypto.randomBytes(32).toString('hex');
const newUser = await userDao.createWithHashedPassword(oauthUsername, randomPassword, isAdmin);
// Update with OAuth-specific fields
const updatedUser = await userDao.update(oauthUsername, {
oauthProvider: provider.id,
oauthSubject: userInfo.sub,
email: userInfo.email,
displayName: userInfo.name,
avatarUrl: userInfo.picture,
});
return { user: updatedUser || newUser, isNewUser: true };
}
/**
* Check if user should be granted admin based on provider claims
*/
function checkAdminClaim(
provider: OAuthSsoProviderConfig,
userInfo: { groups?: string[]; roles?: string[]; [key: string]: unknown },
): boolean {
if (!provider.adminClaim || !provider.adminClaimValues?.length) {
return false;
}
const claimValue = userInfo[provider.adminClaim];
if (!claimValue) {
return false;
}
// Handle array claims (groups, roles)
if (Array.isArray(claimValue)) {
return claimValue.some((v) => provider.adminClaimValues!.includes(String(v)));
}
// Handle string claims
return provider.adminClaimValues.includes(String(claimValue));
}
/**
* Get public provider info for frontend
*/
export async function getPublicProviderInfo(): Promise<
Array<{
id: string;
name: string;
type: string;
icon?: string;
buttonText?: string;
}>
> {
const providers = await getEnabledProviders();
return providers.map((p) => ({
id: p.id,
name: p.name,
type: p.type,
icon: p.icon || p.type,
buttonText: p.buttonText,
}));
}
/**
* Check if local auth is allowed
*/
export async function isLocalAuthAllowed(): Promise<boolean> {
const config = await getOAuthSsoConfig();
// Default to true if not configured or SSO is disabled
if (!config?.enabled) {
return true;
}
return config.allowLocalAuth !== false;
}
/**
* Clear provider configuration cache
*/
export function clearProviderCache(): void {
providerConfigsCache.clear();
}

57
src/types/index.ts
View File

@@ -10,12 +10,6 @@ export interface IUser {
username: string; username: string;
password: string; password: string;
isAdmin?: boolean; isAdmin?: boolean;
// OAuth SSO fields
oauthProvider?: string; // OAuth provider ID (e.g., 'google', 'microsoft', 'github')
oauthSubject?: string; // OAuth subject (unique user ID from provider)
email?: string; // User email (from OAuth profile)
displayName?: string; // Display name (from OAuth profile)
avatarUrl?: string; // Avatar URL (from OAuth profile)
} }
// Group interface for server grouping // Group interface for server grouping
@@ -130,43 +124,6 @@ export interface MCPRouterCallToolResponse {
isError: boolean; isError: boolean;
} }
// OAuth SSO Provider Configuration for user authentication
export type OAuthSsoProviderType = 'google' | 'microsoft' | 'github' | 'oidc';
export interface OAuthSsoProviderConfig {
id: string; // Unique identifier for this provider (e.g., 'google', 'my-company-sso')
type: OAuthSsoProviderType; // Provider type
name: string; // Display name (e.g., 'Google', 'Microsoft', 'Company SSO')
enabled?: boolean; // Whether this provider is enabled (default: true)
clientId: string; // OAuth client ID
clientSecret: string; // OAuth client secret
// For OIDC providers, discovery URL or explicit endpoints
issuerUrl?: string; // OIDC issuer URL for auto-discovery (e.g., 'https://accounts.google.com')
// Explicit endpoints (optional, can be auto-discovered for OIDC)
authorizationUrl?: string; // OAuth authorization endpoint
tokenUrl?: string; // OAuth token endpoint
userInfoUrl?: string; // OAuth userinfo endpoint
// Scope configuration
scopes?: string[]; // OAuth scopes to request (default varies by provider)
// Role/admin mapping
adminClaim?: string; // Claim name to check for admin role (e.g., 'groups', 'roles')
adminClaimValues?: string[]; // Values that grant admin access (e.g., ['admin', 'mcphub-admins'])
// Auto-provisioning options
autoProvision?: boolean; // Auto-create users on first login (default: true)
defaultAdmin?: boolean; // Whether auto-provisioned users are admins by default (default: false)
// UI options
icon?: string; // Icon identifier for UI (e.g., 'google', 'microsoft', 'github', 'key')
buttonText?: string; // Custom button text (e.g., 'Sign in with Google')
}
// OAuth SSO configuration in SystemConfig
export interface OAuthSsoConfig {
enabled?: boolean; // Enable/disable OAuth SSO globally
providers?: OAuthSsoProviderConfig[]; // List of configured SSO providers
allowLocalAuth?: boolean; // Allow local username/password auth alongside SSO (default: true)
callbackBaseUrl?: string; // Base URL for OAuth callbacks (auto-detected if not set)
}
// OAuth Provider Configuration for MCP Authorization Server // OAuth Provider Configuration for MCP Authorization Server
export interface OAuthProviderConfig { export interface OAuthProviderConfig {
enabled?: boolean; // Enable/disable OAuth provider enabled?: boolean; // Enable/disable OAuth provider
@@ -215,7 +172,6 @@ export interface SystemConfig {
nameSeparator?: string; // Separator used between server name and tool/prompt name (default: '-') nameSeparator?: string; // Separator used between server name and tool/prompt name (default: '-')
oauth?: OAuthProviderConfig; // OAuth provider configuration for upstream MCP servers oauth?: OAuthProviderConfig; // OAuth provider configuration for upstream MCP servers
oauthServer?: OAuthServerConfig; // OAuth authorization server configuration for MCPHub itself oauthServer?: OAuthServerConfig; // OAuth authorization server configuration for MCPHub itself
oauthSso?: OAuthSsoConfig; // OAuth SSO configuration for user authentication
enableSessionRebuild?: boolean; // Controls whether server session rebuild is enabled enableSessionRebuild?: boolean; // Controls whether server session rebuild is enabled
} }
@@ -314,6 +270,17 @@ export interface McpSettings {
bearerKeys?: BearerKey[]; // Bearer authentication keys (multi-key configuration) bearerKeys?: BearerKey[]; // Bearer authentication keys (multi-key configuration)
} }
// Proxychains4 configuration for STDIO servers (Linux/macOS only)
export interface ProxychainsConfig {
enabled?: boolean; // Enable/disable proxychains4 proxy routing
type?: 'socks4' | 'socks5' | 'http'; // Proxy protocol type
host?: string; // Proxy server hostname or IP address
port?: number; // Proxy server port
username?: string; // Proxy authentication username (optional)
password?: string; // Proxy authentication password (optional)
configPath?: string; // Path to custom proxychains4 configuration file (optional, overrides above settings)
}
// Configuration details for an individual server // Configuration details for an individual server
export interface ServerConfig { export interface ServerConfig {
type?: 'stdio' | 'sse' | 'streamable-http' | 'openapi'; // Type of server type?: 'stdio' | 'sse' | 'streamable-http' | 'openapi'; // Type of server
@@ -329,6 +296,8 @@ export interface ServerConfig {
tools?: Record<string, { enabled: boolean; description?: string }>; // Tool-specific configurations with enable/disable state and custom descriptions tools?: Record<string, { enabled: boolean; description?: string }>; // Tool-specific configurations with enable/disable state and custom descriptions
prompts?: Record<string, { enabled: boolean; description?: string }>; // Prompt-specific configurations with enable/disable state and custom descriptions prompts?: Record<string, { enabled: boolean; description?: string }>; // Prompt-specific configurations with enable/disable state and custom descriptions
options?: Partial<Pick<RequestOptions, 'timeout' | 'resetTimeoutOnProgress' | 'maxTotalTimeout'>>; // MCP request options configuration options?: Partial<Pick<RequestOptions, 'timeout' | 'resetTimeoutOnProgress' | 'maxTotalTimeout'>>; // MCP request options configuration
// Proxychains4 proxy configuration for STDIO servers (Linux/macOS only, Windows not supported)
proxy?: ProxychainsConfig;
// OAuth authentication for upstream MCP servers // OAuth authentication for upstream MCP servers
oauth?: { oauth?: {
// Static client configuration (traditional OAuth flow) // Static client configuration (traditional OAuth flow)

6
src/utils/migration.ts
View File

@@ -46,11 +46,6 @@ export async function migrateToDatabase(): Promise<boolean> {
username: user.username, username: user.username,
password: user.password, password: user.password,
isAdmin: user.isAdmin || false, isAdmin: user.isAdmin || false,
oauthProvider: user.oauthProvider,
oauthSubject: user.oauthSubject,
email: user.email,
displayName: user.displayName,
avatarUrl: user.avatarUrl,
}); });
console.log(` - Created user: ${user.username}`); console.log(` - Created user: ${user.username}`);
} else { } else {
@@ -121,7 +116,6 @@ export async function migrateToDatabase(): Promise<boolean> {
nameSeparator: settings.systemConfig.nameSeparator, nameSeparator: settings.systemConfig.nameSeparator,
oauth: settings.systemConfig.oauth || {}, oauth: settings.systemConfig.oauth || {},
oauthServer: settings.systemConfig.oauthServer || {}, oauthServer: settings.systemConfig.oauthServer || {},
oauthSso: settings.systemConfig.oauthSso || {},
enableSessionRebuild: settings.systemConfig.enableSessionRebuild, enableSessionRebuild: settings.systemConfig.enableSessionRebuild,
}; };
await systemConfigRepo.update(systemConfig); await systemConfigRepo.update(systemConfig);

2
src/utils/smartRouting.ts
View File

@@ -17,7 +17,7 @@ export interface SmartRoutingConfig {
* *
* Priority order for each setting: * Priority order for each setting:
* 1. Specific environment variables (ENABLE_SMART_ROUTING, SMART_ROUTING_ENABLED, etc.) * 1. Specific environment variables (ENABLE_SMART_ROUTING, SMART_ROUTING_ENABLED, etc.)
* 2. Generic environment variables (OPENAI_API_KEY, DATABASE_URL, etc.) * 2. Generic environment variables (OPENAI_API_KEY, DB_URL, etc.)
* 3. Settings configuration (systemConfig.smartRouting) * 3. Settings configuration (systemConfig.smartRouting)
* 4. Default values * 4. Default values
* *

235
tests/services/oauthSsoService.test.ts
View File

@@ -1,235 +0,0 @@
// Mock openid-client before importing services
jest.mock('openid-client', () => ({
discovery: jest.fn(),
Configuration: jest.fn(),
randomPKCECodeVerifier: jest.fn(() => 'test-verifier'),
calculatePKCECodeChallenge: jest.fn(() => Promise.resolve('test-challenge')),
buildAuthorizationUrl: jest.fn(() => new URL('https://example.com/authorize')),
authorizationCodeGrant: jest.fn(),
fetchUserInfo: jest.fn(),
skipSubjectCheck: Symbol('skipSubjectCheck'),
}));
// Mock the DAO module
jest.mock('../../src/dao/index.js', () => ({
getSystemConfigDao: jest.fn(),
getUserDao: jest.fn(),
}));
import * as daoModule from '../../src/dao/index.js';
import {
isOAuthSsoEnabled,
getEnabledProviders,
getProviderById,
isLocalAuthAllowed,
getPublicProviderInfo,
clearProviderCache,
stopStateCleanup,
} from '../../src/services/oauthSsoService.js';
describe('OAuth SSO Service', () => {
const mockGetSystemConfigDao = daoModule.getSystemConfigDao as jest.MockedFunction<
typeof daoModule.getSystemConfigDao
>;
const mockGetUserDao = daoModule.getUserDao as jest.MockedFunction<typeof daoModule.getUserDao>;
// Stop the cleanup interval to prevent Jest from hanging
afterAll(() => {
stopStateCleanup();
});
const defaultSsoConfig = {
enabled: true,
allowLocalAuth: true,
providers: [
{
id: 'google',
type: 'google' as const,
name: 'Google',
enabled: true,
clientId: 'test-client-id',
clientSecret: 'test-client-secret',
scopes: ['openid', 'email', 'profile'],
},
{
id: 'github',
type: 'github' as const,
name: 'GitHub',
enabled: true,
clientId: 'test-github-client',
clientSecret: 'test-github-secret',
},
{
id: 'disabled-provider',
type: 'oidc' as const,
name: 'Disabled',
enabled: false,
clientId: 'disabled-client',
clientSecret: 'disabled-secret',
},
],
};
beforeEach(() => {
jest.clearAllMocks();
clearProviderCache();
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: defaultSsoConfig,
}),
} as any);
mockGetUserDao.mockReturnValue({
findByUsername: jest.fn().mockResolvedValue(null),
createWithHashedPassword: jest.fn().mockResolvedValue({
username: 'google:12345',
password: 'hashed',
isAdmin: false,
}),
update: jest.fn().mockImplementation((username: string, data: any) =>
Promise.resolve({
username,
password: 'hashed',
isAdmin: false,
...data,
})
),
} as any);
});
describe('isOAuthSsoEnabled', () => {
it('should return true when OAuth SSO is enabled with providers', async () => {
const enabled = await isOAuthSsoEnabled();
expect(enabled).toBe(true);
});
it('should return false when OAuth SSO is disabled', async () => {
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: { ...defaultSsoConfig, enabled: false },
}),
} as any);
const enabled = await isOAuthSsoEnabled();
expect(enabled).toBe(false);
});
it('should return false when no providers are configured', async () => {
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: { ...defaultSsoConfig, providers: [] },
}),
} as any);
const enabled = await isOAuthSsoEnabled();
expect(enabled).toBe(false);
});
});
describe('getEnabledProviders', () => {
it('should return only enabled providers', async () => {
const providers = await getEnabledProviders();
expect(providers).toHaveLength(2);
expect(providers.map((p) => p.id)).toContain('google');
expect(providers.map((p) => p.id)).toContain('github');
expect(providers.map((p) => p.id)).not.toContain('disabled-provider');
});
it('should return empty array when SSO is disabled', async () => {
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: { ...defaultSsoConfig, enabled: false },
}),
} as any);
const providers = await getEnabledProviders();
expect(providers).toHaveLength(0);
});
});
describe('getProviderById', () => {
it('should return the correct provider by ID', async () => {
const provider = await getProviderById('google');
expect(provider).toBeDefined();
expect(provider?.id).toBe('google');
expect(provider?.type).toBe('google');
expect(provider?.name).toBe('Google');
});
it('should return undefined for non-existent provider', async () => {
const provider = await getProviderById('non-existent');
expect(provider).toBeUndefined();
});
it('should return undefined for disabled provider', async () => {
const provider = await getProviderById('disabled-provider');
expect(provider).toBeUndefined();
});
});
describe('isLocalAuthAllowed', () => {
it('should return true when local auth is allowed', async () => {
const allowed = await isLocalAuthAllowed();
expect(allowed).toBe(true);
});
it('should return false when local auth is disabled', async () => {
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: { ...defaultSsoConfig, allowLocalAuth: false },
}),
} as any);
const allowed = await isLocalAuthAllowed();
expect(allowed).toBe(false);
});
it('should return true when SSO is disabled (fallback)', async () => {
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: undefined,
}),
} as any);
const allowed = await isLocalAuthAllowed();
expect(allowed).toBe(true);
});
});
describe('getPublicProviderInfo', () => {
it('should return public info for enabled providers only', async () => {
const info = await getPublicProviderInfo();
expect(info).toHaveLength(2);
const googleInfo = info.find((p) => p.id === 'google');
expect(googleInfo).toBeDefined();
expect(googleInfo?.name).toBe('Google');
expect(googleInfo?.type).toBe('google');
expect(googleInfo?.icon).toBe('google');
// Ensure sensitive data is not exposed
expect((googleInfo as any)?.clientSecret).toBeUndefined();
expect((googleInfo as any)?.clientId).toBeUndefined();
});
it('should include buttonText when specified', async () => {
mockGetSystemConfigDao.mockReturnValue({
get: jest.fn().mockResolvedValue({
oauthSso: {
...defaultSsoConfig,
providers: [
{
...defaultSsoConfig.providers[0],
buttonText: 'Login with Google',
},
],
},
}),
} as any);
const info = await getPublicProviderInfo();
expect(info[0].buttonText).toBe('Login with Google');
});
});
});

4
tests/setup.ts
View File

@@ -5,7 +5,7 @@ import 'reflect-metadata';
Object.assign(process.env, { Object.assign(process.env, {
NODE_ENV: 'test', NODE_ENV: 'test',
JWT_SECRET: 'test-jwt-secret-key', JWT_SECRET: 'test-jwt-secret-key',
DATABASE_URL: 'sqlite::memory:', DB_URL: 'sqlite::memory:',
}); });
// Mock moduleDir to avoid import.meta parsing issues in Jest // Mock moduleDir to avoid import.meta parsing issues in Jest
@@ -40,7 +40,7 @@ expect.extend({
}; };
} }
}, },
toBeValidUUID(received: any) { toBeValidUUID(received: any) {
const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i; const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
const pass = typeof received === 'string' && uuidRegex.test(received); const pass = typeof received === 'string' && uuidRegex.test(received);