0.1.0 • Published 7 months ago

@asgardeo/mcp-node v0.1.0

Weekly downloads
-
License
Apache-2.0
Repository
github
Last release
7 months ago

@asgardeo/mcp-node

npm version npm downloads

Node.js core library for enforcing Model Context Protocol (MCP) authorization using Asgardeo.

Overview

This package provides the core functionality for implementing Model Context Protocol (MCP) based authorization in Node.js applications. It serves as the foundation for higher-level implementations like the Express middleware (@asgardeo/mcp-express).

This package is part of the Asgardeo MCP Node.js SDKs monorepo. For overall project information, contribution guidelines, and details on other related packages, please refer to the main repository.

Installation

npm install @asgardeo/mcp-node
# or
yarn add @asgardeo/mcp-node
# or
pnpm add @asgardeo/mcp-node

Features

  • Authorization server metadata generation
  • Protected resource metadata generation
  • Token verification utilities

Usage

import {generateAuthorizationServerMetadata, generateProtectedResourceMetadata} from '@asgardeo/mcp-node';

baseUrl: string = 'https://api.asgardeo.io/<your-org-name>';

// Generate authorization server metadata
const serverMetadata = generateAuthorizationServerMetadata({
  baseUrl,
});

// Generate protected resource metadata
const resourceMetadata = generateProtectedResourceMetadata({
  authorizationServers: [baseUrl],
  resource: 'https://api.example.com',
});

API Reference

Metadata Generation

generateAuthorizationServerMetadata(options)

Generates metadata for the authorization server.

const metadata = generateAuthorizationServerMetadata({
  baseUrl: 'https://api.asgardeo.io',
});

generateProtectedResourceMetadata(options)

Generates metadata for protected resources.

const metadata = generateProtectedResourceMetadata({
  authorizationServers: ['https://api.asgardeo.io'],
  resource: 'https://api.example.com',
});

Configuration

McpAuthOptions

Configuration options used across MCP packages.

interface McpAuthOptions {
  /** Base URL of the authorization server */
  baseUrl: string;
  /** Optional audience value for token validation */
  audience?: string;
}

Token Verification

validateToken(accessToken, jwksUri, options)

Verifies a JWT access token using the authorization server's JWKS endpoint.

import {validateToken} from '@asgardeo/mcp-node';

await validateToken('<token>', 'https://api.asgardeo.io/oauth2/jwks', {
  issuer: 'https://api.asgardeo.io/oauth2/token',
  audience: 'mcp-client-id',
  clockTolerance: 60,
});

Prerequisites

  • Node.js 16.x or later
  • pnpm 8.x or later

Setup

  1. Clone the repository
  2. Install dependencies:
pnpm install

Build

pnpm build

Lint

pnpm lint

License

Apache-2.0 - see the LICENSE file for details.

asgardeoagentsmcpmcp-nodemcp-authauthorizationcore
josenode-fetchtslib
@asgardeo/mcp-express
0.1.0

7 months ago

0.0.1

7 months ago