UNPKG

mcp-use

Version:

Opinionated MCP Framework for TypeScript (@modelcontextprotocol/sdk compatible) - Build MCP Agents, Clients and Servers with support for ChatGPT Apps, Code Mode, OAuth, Notifications, Sampling, Observability and more.

github.com/mcp-use/mcp-use

mcp-use/mcp-use

156 lines 5.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
/** * OAuth Utility Helpers * * Provides convenience functions for scope/permission checking and * accessing authentication information in tool callbacks and middleware. */ import type { Context, Next } from "hono"; import type { UserInfo } from "./providers/types.js"; /** * Authentication information extracted from context */ export interface AuthInfo { user: UserInfo; payload: Record<string, unknown>; accessToken: string; scopes: string[]; permissions: string[]; } /** * Get authentication info from context * * Works in both middleware and tool callbacks (via requestContext parameter). * * Note: With the new API, you can access auth directly via `requestContext.auth` * This function is kept for backward compatibility. * * @param context - Hono context (from middleware or tool requestContext) * @returns Authentication information * * @example * ```typescript * // New way (preferred): * server.tool({ * name: 'my-tool', * cb: async (params, ctx, requestContext) => { * const auth = requestContext.auth; * console.log(auth.user.email); * console.log(auth.scopes); * } * }); * * // Old way (still works): * server.tool({ * name: 'my-tool', * cb: async (params, ctx, req) => { * const auth = getAuth(req); * console.log(auth.user.email); * } * }); * ``` */ export declare function getAuth(context: Context): AuthInfo; /** * Check if user has specific scope(s) or permission(s) * * Checks both OAuth scopes and permissions (Auth0 style). * If multiple scopes are provided, ALL must be present. * Use this inside tool callbacks to check scopes and return appropriate errors. * * @param context - Hono context (from tool requestContext parameter) * @param needed - Single scope/permission or array of required scopes/permissions * @returns true if user has all required scopes/permissions * * @example * ```typescript * // Check scope inside tool callback * server.tool({ * name: 'delete-data', * cb: async (params, ctx, requestContext) => { * if (!hasScope(requestContext, 'delete:data')) { * return { * content: [{ type: 'text', text: 'Insufficient permissions' }], * isError: true * }; * } * // ... tool implementation * } * }); * * // Check multiple scopes * if (hasScope(requestContext, ['read:data', 'write:data'])) { * // User has both read:data AND write:data * } * ``` */ export declare function hasScope(context: Context, needed: string | string[]): boolean; /** * Check if user has ANY of the provided scopes/permissions * * @param context - Hono context * @param needed - Array of scopes/permissions (user needs at least one) * @returns true if user has at least one of the required scopes/permissions * * @example * ```typescript * if (hasAnyScope(req, ['admin', 'moderator'])) { * // User is either an admin OR moderator * } * ``` */ export declare function hasAnyScope(context: Context, needed: string[]): boolean; /** * Create middleware that requires specific scope(s)/permission(s) * * Returns 403 Forbidden if user doesn't have the required scope(s). * If multiple scopes are provided, ALL must be present. * Note: For tool-level scope checking, use hasScope() inside the tool callback instead. * * @param needed - Single scope/permission or array of required scopes/permissions * @returns Hono middleware function * * @example * ```typescript * // Use on custom routes * app.post('/admin/users', requireScope('admin'), async (c) => { * // Only users with 'admin' scope can access * }); * * // Require multiple scopes on a route * app.delete('/data/:id', requireScope(['admin', 'delete:data']), async (c) => { * // User must have both scopes * }); * ``` */ export declare function requireScope(needed: string | string[]): (c: Context, next: Next) => Promise<(Response & import("hono").TypedResponse<{ error: string; required: string[]; granted_scopes: string[]; granted_permissions: string[]; message: string; }, 403, "json">) | undefined>; /** * Create middleware that requires ANY of the provided scopes/permissions * * Returns 403 Forbidden if user doesn't have at least one required scope. * Note: For tool-level scope checking, use hasAnyScope() inside the tool callback instead. * * @param needed - Array of scopes/permissions (user needs at least one) * @returns Hono middleware function * * @example * ```typescript * // Use on custom routes - user needs to be either admin OR moderator * app.post('/moderate', requireAnyScope(['admin', 'moderator']), async (c) => { * // User has at least one of the required scopes * }); * ``` */ export declare function requireAnyScope(needed: string[]): (c: Context, next: Next) => Promise<(Response & import("hono").TypedResponse<{ error: string; required_any: string[]; granted_scopes: string[]; granted_permissions: string[]; message: string; }, 403, "json">) | undefined>; //# sourceMappingURL=utils.d.ts.map