UNPKG

@access-mcp/shared

Version:

Shared utilities for ACCESS-CI MCP servers

github.com/necyberteam/access-mcp

necyberteam/access-mcp

189 lines (188 loc) 6.45 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
import axios from "axios"; /** * Authentication provider for Drupal JSON:API using cookie-based auth. * * This is a temporary implementation for development/testing. * Production should use Key Auth with the access_mcp_author module. * * @see ../../../access-qa-planning/06-mcp-authentication.md */ export class DrupalAuthProvider { baseUrl; username; password; sessionCookie; csrfToken; logoutToken; userUuid; httpClient; isAuthenticated = false; constructor(baseUrl, username, password) { this.baseUrl = baseUrl; this.username = username; this.password = password; this.httpClient = axios.create({ baseURL: this.baseUrl, timeout: 30000, validateStatus: () => true, }); } /** * Ensure we have a valid session, logging in if necessary */ async ensureAuthenticated() { if (!this.isAuthenticated) { await this.login(); } } /** * Login to Drupal and store session cookie + CSRF token */ async login() { const response = await this.httpClient.post("/user/login?_format=json", { name: this.username, pass: this.password, }, { headers: { "Content-Type": "application/json", }, }); if (response.status !== 200) { throw new Error(`Drupal login failed: ${response.status} ${response.statusText}`); } // Extract session cookie from Set-Cookie header const setCookie = response.headers["set-cookie"]; if (setCookie && setCookie.length > 0) { // Parse the session cookie (format: SESS...=value; path=/; ...) const cookieParts = setCookie[0].split(";")[0]; this.sessionCookie = cookieParts; } // Store CSRF token and logout token from response this.csrfToken = response.data.csrf_token; this.logoutToken = response.data.logout_token; this.userUuid = response.data.current_user?.uuid; if (!this.sessionCookie || !this.csrfToken) { throw new Error("Login succeeded but missing session cookie or CSRF token"); } this.isAuthenticated = true; } /** * Get headers required for authenticated JSON:API requests */ getAuthHeaders() { if (!this.isAuthenticated || !this.sessionCookie || !this.csrfToken) { throw new Error("Not authenticated. Call ensureAuthenticated() first."); } return { Cookie: this.sessionCookie, "X-CSRF-Token": this.csrfToken, "Content-Type": "application/vnd.api+json", Accept: "application/vnd.api+json", }; } /** * Get the authenticated user's UUID */ getUserUuid() { return this.userUuid; } /** * Invalidate the current session */ invalidate() { this.sessionCookie = undefined; this.csrfToken = undefined; this.logoutToken = undefined; this.userUuid = undefined; this.isAuthenticated = false; } /** * Make an authenticated GET request to JSON:API */ async get(path) { await this.ensureAuthenticated(); const response = await this.httpClient.get(path, { headers: this.getAuthHeaders(), }); if (response.status === 401 || response.status === 403) { // Session may have expired, try re-authenticating this.invalidate(); await this.ensureAuthenticated(); const retryResponse = await this.httpClient.get(path, { headers: this.getAuthHeaders(), }); return this.handleResponse(retryResponse); } return this.handleResponse(response); } /** * Make an authenticated POST request to JSON:API */ async post(path, data) { await this.ensureAuthenticated(); const response = await this.httpClient.post(path, data, { headers: this.getAuthHeaders(), }); if (response.status === 401 || response.status === 403) { this.invalidate(); await this.ensureAuthenticated(); const retryResponse = await this.httpClient.post(path, data, { headers: this.getAuthHeaders(), }); return this.handleResponse(retryResponse); } return this.handleResponse(response); } /** * Make an authenticated PATCH request to JSON:API */ async patch(path, data) { await this.ensureAuthenticated(); const response = await this.httpClient.patch(path, data, { headers: this.getAuthHeaders(), }); if (response.status === 401 || response.status === 403) { this.invalidate(); await this.ensureAuthenticated(); const retryResponse = await this.httpClient.patch(path, data, { headers: this.getAuthHeaders(), }); return this.handleResponse(retryResponse); } return this.handleResponse(response); } /** * Make an authenticated DELETE request to JSON:API */ async delete(path) { await this.ensureAuthenticated(); const response = await this.httpClient.delete(path, { headers: this.getAuthHeaders(), }); if (response.status === 401 || response.status === 403) { this.invalidate(); await this.ensureAuthenticated(); const retryResponse = await this.httpClient.delete(path, { headers: this.getAuthHeaders(), }); return this.handleResponse(retryResponse); } return this.handleResponse(response); } /** * Handle JSON:API response, throwing on errors */ handleResponse(response) { if (response.status >= 200 && response.status < 300) { return response.data; } // JSON:API error format if (response.data?.errors) { const errors = response.data.errors .map((e) => e.detail || e.title || "Unknown error") .join("; "); throw new Error(`Drupal API error (${response.status}): ${errors}`); } throw new Error(`Drupal API error: ${response.status} ${response.statusText}`); } }