hzhang/inspector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Redirect into OAuth flow upon receiving 401

Browse Source
This commit is contained in:
Justin Spahr-Summers
2025-01-24 11:34:07 +00:00
parent 8a20f7711a
commit 1c4ad60354
4 changed files with 77 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
client/package.json
View File

@@ -30,6 +30,7 @@
"class-variance-authority": "^0.7.0", "class-variance-authority": "^0.7.0",
"clsx": "^2.1.1", "clsx": "^2.1.1",
"lucide-react": "^0.447.0", "lucide-react": "^0.447.0",
"pkce-challenge": "^4.1.0",
"react": "^18.3.1", "react": "^18.3.1",
"react-dom": "^18.3.1", "react-dom": "^18.3.1",
"react-toastify": "^10.0.6", "react-toastify": "^10.0.6",

52
client/src/lib/auth.ts Normal file
View File

@@ -0,0 +1,52 @@
import pkceChallenge from 'pkce-challenge';
export interface OAuthMetadata {
authorization_endpoint: string;
token_endpoint: string;
}
export async function discoverOAuthMetadata(serverUrl: string): Promise<OAuthMetadata> {
try {
const url = new URL('/.well-known/oauth-authorization-server', serverUrl);
const response = await fetch(url.toString());
if (response.ok) {
const metadata = await response.json();
return {
authorization_endpoint: metadata.authorization_endpoint,
token_endpoint: metadata.token_endpoint
};
}
} catch (error) {
console.warn('OAuth metadata discovery failed:', error);
}
// Fall back to default endpoints
const baseUrl = new URL(serverUrl);
return {
authorization_endpoint: new URL('/authorize', baseUrl).toString(),
token_endpoint: new URL('/token', baseUrl).toString()
};
}
export async function startOAuthFlow(serverUrl: string): Promise<string> {
// Generate PKCE challenge
const challenge = await pkceChallenge();
const codeVerifier = challenge.code_verifier;
const codeChallenge = challenge.code_challenge;
// Store code verifier for later use
sessionStorage.setItem('mcp_code_verifier', codeVerifier);
// Discover OAuth endpoints
const metadata = await discoverOAuthMetadata(serverUrl);
// Build authorization URL
const authUrl = new URL(metadata.authorization_endpoint);
authUrl.searchParams.set('response_type', 'code');
authUrl.searchParams.set('code_challenge', codeChallenge);
authUrl.searchParams.set('code_challenge_method', 'S256');
authUrl.searchParams.set('redirect_uri', window.location.origin + '/oauth/callback');
return authUrl.toString();
}

15
client/src/lib/hooks/useConnection.ts
View File

@@ -1,5 +1,5 @@
import { Client } from "@modelcontextprotocol/sdk/client/index.js"; import { Client } from "@modelcontextprotocol/sdk/client/index.js";
import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js"; import { SSEClientTransport, SseError } from "@modelcontextprotocol/sdk/client/sse.js";
import { import {
ClientNotification, ClientNotification,
ClientRequest, ClientRequest,
@@ -12,8 +12,9 @@ import {
} from "@modelcontextprotocol/sdk/types.js"; } from "@modelcontextprotocol/sdk/types.js";
import { useState } from "react"; import { useState } from "react";
import { toast } from "react-toastify"; import { toast } from "react-toastify";
import { Notification, StdErrNotificationSchema } from "../notificationTypes";
import { z } from "zod"; import { z } from "zod";
import { startOAuthFlow } from "../auth";
import { Notification, StdErrNotificationSchema } from "../notificationTypes";
const DEFAULT_REQUEST_TIMEOUT_MSEC = 10000; const DEFAULT_REQUEST_TIMEOUT_MSEC = 10000;
@@ -160,7 +161,17 @@ export function useConnection({
); );
} }
try {
await client.connect(clientTransport); await client.connect(clientTransport);
} catch (error) {
console.error("Failed to connect to MCP server:", error);
if (error instanceof SseError && error.code === 401) {
const redirectUrl = await startOAuthFlow(sseUrl);
window.location.href = redirectUrl;
}
throw error;
}
const capabilities = client.getServerCapabilities(); const capabilities = client.getServerCapabilities();
setServerCapabilities(capabilities ?? null); setServerCapabilities(capabilities ?? null);

10
package-lock.json generated
View File

@@ -43,6 +43,7 @@
"class-variance-authority": "^0.7.0", "class-variance-authority": "^0.7.0",
"clsx": "^2.1.1", "clsx": "^2.1.1",
"lucide-react": "^0.447.0", "lucide-react": "^0.447.0",
"pkce-challenge": "^4.1.0",
"react": "^18.3.1", "react": "^18.3.1",
"react-dom": "^18.3.1", "react-dom": "^18.3.1",
"react-toastify": "^10.0.6", "react-toastify": "^10.0.6",
@@ -4946,6 +4947,15 @@
"node": ">= 6" "node": ">= 6"
} }
}, },
"node_modules/pkce-challenge": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/pkce-challenge/-/pkce-challenge-4.1.0.tgz",
"integrity": "sha512-ZBmhE1C9LcPoH9XZSdwiPtbPHZROwAnMy+kIFQVrnMCxY4Cudlz3gBOpzilgc0jOgRaiT3sIWfpMomW2ar2orQ==",
"license": "MIT",
"engines": {
"node": ">=16.20.0"
}
},
"node_modules/postcss": { "node_modules/postcss": {
"version": "8.4.49", "version": "8.4.49",
"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz", "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz",