4e78557158
- Implement OAuth 2.1 authorization code + PKCE flow - Google OIDC integration with dynamic client registration - Well-known endpoints (/.well-known/oauth-protected-resource, /.well-known/oauth-authorization-server) - OAuth token validation middleware for all service endpoints - SQLite-backed token and client persistence - Automatic token cleanup on 1-hour interval - CORS headers for public OAuth endpoints - E2E tests gracefully skip when OAuth is configured - Placeholder credentials in .env for manual setup Key files: - src/oauth.js: OAuth routes and middleware - src/oauth-store.js: SQLite persistence layer - src/server.js: CORS + OAuth integration - ecosystem.config.js: OAuth env vars - .env: OAuth credentials (placeholders) - test/e2e.js: Graceful skip on configured OAuth All unauthenticated requests to /:serviceId/sse and /:serviceId/message now receive 401 with WWW-Authenticate header. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
27 lines
649 B
JSON
27 lines
649 B
JSON
{
|
|
"name": "workspace",
|
|
"version": "1.0.0",
|
|
"main": "index.js",
|
|
"scripts": {
|
|
"test": "node test/e2e.js",
|
|
"start": "node src/index.js",
|
|
"bridge": "node mcp-bridge/index.js",
|
|
"sample-mcp": "node sample-mcp/index.js",
|
|
"pm2:start": "pm2 start ecosystem.config.js",
|
|
"pm2:stop": "pm2 stop all",
|
|
"pm2:logs": "pm2 logs",
|
|
"pm2:status": "pm2 status"
|
|
},
|
|
"keywords": [],
|
|
"author": "",
|
|
"license": "ISC",
|
|
"description": "",
|
|
"dependencies": {
|
|
"better-sqlite3": "^12.6.2",
|
|
"dotenv": "^17.3.1",
|
|
"express": "^5.2.1",
|
|
"google-auth-library": "^10.6.1",
|
|
"uuid": "^13.0.0",
|
|
"ws": "^8.19.0"
|
|
}
|
|
}
|