UNPKG

@kya-os/mcp-i

Version:

The TypeScript MCP framework with identity features built-in

github.com/modelcontextprotocol-identity/mcp-i

modelcontextprotocol-identity/mcp-i

83 lines (82 loc) 3.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.apiKeyAuthMiddleware = apiKeyAuthMiddleware; const zod_1 = require("zod"); const apiKeyAuthMiddlewareConfigSchema = zod_1.z .object({ apiKey: zod_1.z.string().optional(), headerName: zod_1.z.string().optional(), validateApiKey: zod_1.z .function() .args(zod_1.z.string()) .returns(zod_1.z.promise(zod_1.z.boolean())) .optional(), }) .strict() .refine((config) => config.apiKey !== undefined || config.validateApiKey !== undefined, { message: "Either 'apiKey' or 'validateApiKey' must be provided", }) .refine((config) => !(config.apiKey !== undefined && config.validateApiKey !== undefined), { message: "'apiKey' and 'validateApiKey' are mutually exclusive - provide only one", }); const errorMessage = "Unauthorized: Missing or invalid API key"; /** * Middleware to authenticate requests using an API key. * @param config - Configuration object containing either a static API key or a function to validate the API key. * @returns Express middleware function. * * @example * ```ts * const middleware = apiKeyAuthMiddleware({ * apiKey: process.env.API_KEY!, * }); * ``` * * @example * ```ts * const middleware = apiKeyAuthMiddleware({ * validateApiKey: async (key) => { * return key === process.env.API_KEY!; * }, * }); * ``` */ function apiKeyAuthMiddleware(config) { // To do, we can maybe work on better error handling here, like typing the error messages etc const response = apiKeyAuthMiddlewareConfigSchema.safeParse(config); if (!response.success) { const hasApiKey = "apiKey" in config; const hasValidateApiKey = "validateApiKey" in config; if (hasApiKey && hasValidateApiKey) { throw new Error("'apiKey' and 'validateApiKey' are mutually exclusive - provide only one"); } else if (!hasApiKey && !hasValidateApiKey) { throw new Error("Either 'apiKey' or 'validateApiKey' must be provided"); } else { throw new Error(`Invalid configuration: ${response.error.message}`); } } const headerName = config.headerName ?? "x-api-key"; const apiKey = "apiKey" in config ? config.apiKey : undefined; const validateApiKey = "validateApiKey" in config ? config.validateApiKey : undefined; return async (req, res, next) => { const apiKeyHeader = req.header(headerName); if (!apiKeyHeader) { res.status(401).json({ error: errorMessage }); return; } if ("apiKey" in config && apiKeyHeader !== apiKey) { res.status(401).json({ error: errorMessage }); return; } if (validateApiKey) { const isValid = await validateApiKey(apiKeyHeader); if (!isValid) { res.status(401).json({ error: errorMessage }); return; } } next(); }; }