UNPKG

@hellocoop/admin-mcp

Version:

Model Context Protocol (MCP) for Hellō Admin API.

128 lines (113 loc) 2.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
// Authentication manager for MCP server // Handles JWT tokens, access tokens, and authentication callbacks import { HELLO_ACCESS_TOKEN } from './config.js'; export class AuthManager { constructor() { this.accessToken = HELLO_ACCESS_TOKEN; this.jwtPayload = null; // Store validated JWT payload this.adminUser = null; this.authenticationCallback = null; } /** * Set access token * @param {string} token - Access token */ setAccessToken(token) { this.accessToken = token; } /** * Get current access token * @returns {string|null} - Current access token */ getAccessToken() { return this.accessToken; } /** * Set validated JWT payload for request context * @param {Object} payload - JWT payload */ setJWTPayload(payload) { this.jwtPayload = payload; if (payload) { // Extract admin user info from JWT payload this.adminUser = { id: payload.sub, email: payload.email || 'unknown', name: payload.name || 'unknown', picture: payload.picture || null, scope: payload.scope || [] }; } else { this.adminUser = null; } } /** * Get current JWT payload * @returns {Object|null} - Current JWT payload */ getJWTPayload() { return this.jwtPayload; } /** * Get current admin user info * @returns {Object|null} - Current admin user */ getAdminUser() { return this.adminUser; } /** * Set authentication callback for lazy authentication * @param {Function} callback - Authentication callback function */ setAuthenticationCallback(callback) { this.authenticationCallback = callback; } /** * Get authentication callback * @returns {Function|null} - Authentication callback */ getAuthenticationCallback() { return this.authenticationCallback; } /** * Check if user is authenticated * @returns {boolean} - True if user has access token */ isAuthenticated() { return !!this.accessToken; } /** * Check if user has specific scope * @param {string} requiredScope - Required scope to check * @returns {boolean} - True if user has the required scope */ hasScope(requiredScope) { if (!this.jwtPayload || !this.jwtPayload.scope) { return false; } const scopes = Array.isArray(this.jwtPayload.scope) ? this.jwtPayload.scope : [this.jwtPayload.scope]; return scopes.includes(requiredScope); } /** * Clear all authentication data */ clearAuth() { this.accessToken = null; this.jwtPayload = null; this.adminUser = null; } /** * Get authentication context for logging * @returns {Object} - Authentication context */ getAuthContext() { return { hasToken: !!this.accessToken, userId: this.adminUser?.id || null, userEmail: this.adminUser?.email || null, scopes: this.jwtPayload?.scope || [] }; } }