LibreChat/packages/api/src/auth/domain.ts

/**
 * @param email
 * @param allowedDomains
 */
export function isEmailDomainAllowed(email: string, allowedDomains?: string[] | null): boolean {
  /** If no domain restrictions are configured, allow all */
  if (!allowedDomains || !Array.isArray(allowedDomains) || !allowedDomains.length) {
    return true;
  }

  /** If restrictions exist, validate email format */
  if (!email) {
    return false;
  }

  const domain = email.split('@')[1]?.toLowerCase();

  if (!domain) {
    return false;
  }

  return allowedDomains.some((allowedDomain) => allowedDomain?.toLowerCase() === domain);
}

/**
 * Normalizes a domain string. If the domain is invalid, returns null.
 * Normalized === lowercase, trimmed, and protocol added if missing.
 * @param domain
 */
function normalizeDomain(domain: string): string | null {
  try {
    let normalizedDomain = domain.toLowerCase().trim();

    // Early return for obviously invalid formats
    if (normalizedDomain === 'http://' || normalizedDomain === 'https://') {
      return null;
    }

    // If it's not already a URL, make it one
    if (!normalizedDomain.startsWith('http://') && !normalizedDomain.startsWith('https://')) {
      normalizedDomain = `https://${normalizedDomain}`;
    }

    const url = new URL(normalizedDomain);
    // Additional validation that hostname isn't just protocol
    if (!url.hostname || url.hostname === 'http:' || url.hostname === 'https:') {
      return null;
    }

    return url.hostname.replace(/^www\./i, '');
  } catch {
    return null;
  }
}

/**
 * Checks if the given domain is allowed. If no restrictions are set, allows all domains.
 * @param domain
 * @param allowedDomains
 */
export async function isActionDomainAllowed(
  domain?: string | null,
  allowedDomains?: string[] | null,
): Promise<boolean> {
  if (!domain || typeof domain !== 'string') {
    return false;
  }

  if (!Array.isArray(allowedDomains) || !allowedDomains.length) {
    return true;
  }

  const normalizedInputDomain = normalizeDomain(domain);
  if (!normalizedInputDomain) {
    return false;
  }

  for (const allowedDomain of allowedDomains) {
    const normalizedAllowedDomain = normalizeDomain(allowedDomain);
    if (!normalizedAllowedDomain) {
      continue;
    }

    if (normalizedAllowedDomain.startsWith('*.')) {
      const baseDomain = normalizedAllowedDomain.slice(2);
      if (
        normalizedInputDomain === baseDomain ||
        normalizedInputDomain.endsWith(`.${baseDomain}`)
      ) {
        return true;
      }
    } else if (normalizedInputDomain === normalizedAllowedDomain) {
      return true;
    }
  }

  return false;
}

/**
 * Extracts domain from MCP server config URL.
 * Returns null for stdio transports (no URL) or invalid URLs.
 * @param config - MCP server configuration (accepts any config with optional url field)
 */
export function extractMCPServerDomain(config: Record<string, unknown>): string | null {
  const url = config.url;
  // Stdio transports don't have URLs - always allowed
  if (!url || typeof url !== 'string') {
    return null;
  }

  try {
    const parsedUrl = new URL(url);
    return parsedUrl.hostname.replace(/^www\./i, '');
  } catch {
    return null;
  }
}

/**
 * Validates MCP server domain against allowedDomains.
 * Reuses isActionDomainAllowed for consistent validation logic.
 * Stdio transports (no URL) are always allowed.
 * @param config - MCP server configuration with optional url field
 * @param allowedDomains - List of allowed domains (with wildcard support)
 */
export async function isMCPDomainAllowed(
  config: Record<string, unknown>,
  allowedDomains?: string[] | null,
): Promise<boolean> {
  const domain = extractMCPServerDomain(config);

  // Stdio transports don't have domains - always allowed
  if (!domain) {
    return true;
  }

  // Reuse existing validation logic (includes wildcard support)
  return isActionDomainAllowed(domain, allowedDomains);
}
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`/**`
📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`* @param email`
			`* @param allowedDomains`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`*/`
📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`export function isEmailDomainAllowed(email: string, allowedDomains?: string[] \| null): boolean {`
📫 refactor: OpenID Email Claim Fallback (#10296) * 📫 refactor: Enhance OpenID email Fallback * Updated email retrieval logic to use preferred_username or upn if email is not available. * Adjusted logging and user data assignment to reflect the new email handling approach. * Ensured email domain validation checks the correct email source. * 🔄 refactor: Update Email Domain Validation Logic * Modified `isEmailDomainAllowed` function to return true for falsy emails and missing domain restrictions. * Added new test cases to cover scenarios with and without domain restrictions. * Ensured proper validation when domain restrictions are present. 2025-10-29 12:57:43 -04:00			`/** If no domain restrictions are configured, allow all */`
			`if (!allowedDomains \|\| !Array.isArray(allowedDomains) \|\| !allowedDomains.length) {`
			`return true;`
			`}`

			`/** If restrictions exist, validate email format */`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`if (!email) {`
			`return false;`
			`}`

📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`const domain = email.split('@')[1]?.toLowerCase();`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00
			`if (!domain) {`
			`return false;`
			`}`

📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`return allowedDomains.some((allowedDomain) => allowedDomain?.toLowerCase() === domain);`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`}`

			`/**`
			`* Normalizes a domain string. If the domain is invalid, returns null.`
			`* Normalized === lowercase, trimmed, and protocol added if missing.`
📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`* @param domain`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`*/`
📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`function normalizeDomain(domain: string): string \| null {`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`try {`
			`let normalizedDomain = domain.toLowerCase().trim();`

			`// Early return for obviously invalid formats`
			`if (normalizedDomain === 'http://' \|\| normalizedDomain === 'https://') {`
			`return null;`
			`}`

			`// If it's not already a URL, make it one`
			`if (!normalizedDomain.startsWith('http://') && !normalizedDomain.startsWith('https://')) {`
			normalizedDomain = `https://${normalizedDomain}`;
			`}`

			`const url = new URL(normalizedDomain);`
			`// Additional validation that hostname isn't just protocol`
			`if (!url.hostname \|\| url.hostname === 'http:' \|\| url.hostname === 'https:') {`
			`return null;`
			`}`

			`return url.hostname.replace(/^www\./i, '');`
			`} catch {`
			`return null;`
			`}`
			`}`

			`/**`
			`* Checks if the given domain is allowed. If no restrictions are set, allows all domains.`
📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`* @param domain`
			`* @param allowedDomains`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`*/`
📧 fix: Case-Insensitive Domain Matching (#9868) * chore: move domain related functions to `packages/api` * fix: isEmailDomainAllowed for case-insensitive domain matching - Added tests to validate case-insensitive matching for email domains in various scenarios. - Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison. - Improved handling of null/undefined entries in allowedDomains. * ci: Mock isEmailDomainAllowed in samlStrategy tests - Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution. * ci: Update import of isEmailDomainAllowed in ldapStrategy tests - Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring. 2025-09-27 21:20:19 -04:00			`export async function isActionDomainAllowed(`
			`domain?: string \| null,`
			`allowedDomains?: string[] \| null,`
			`): Promise<boolean> {`
🔐 feat: Implement Allowed Action Domains (#4964) * chore: RequestExecutor typing * feat: allowed action domains * fix: rename TAgentsEndpoint to TAssistantEndpoint in typedefs * chore: update librechat-data-provider version to 0.7.62 2024-12-12 12:52:42 -05:00			`if (!domain \|\| typeof domain !== 'string') {`
			`return false;`
			`}`

			`if (!Array.isArray(allowedDomains) \|\| !allowedDomains.length) {`
			`return true;`
			`}`

			`const normalizedInputDomain = normalizeDomain(domain);`
			`if (!normalizedInputDomain) {`
			`return false;`
			`}`

			`for (const allowedDomain of allowedDomains) {`
			`const normalizedAllowedDomain = normalizeDomain(allowedDomain);`
			`if (!normalizedAllowedDomain) {`
			`continue;`
			`}`

			`if (normalizedAllowedDomain.startsWith('*.')) {`
			`const baseDomain = normalizedAllowedDomain.slice(2);`
			`if (`
			`normalizedInputDomain === baseDomain \|\|`
			normalizedInputDomain.endsWith(`.${baseDomain}`)
			`) {`
			`return true;`
			`}`
			`} else if (normalizedInputDomain === normalizedAllowedDomain) {`
			`return true;`
			`}`
			`}`

			`return false;`
			`}`
🔒 feat: Add MCP server domain restrictions for remote transports (#11013) * 🔒 feat: Add MCP server domain restrictions for remote transports * 🔒 feat: Implement comprehensive MCP error handling and domain validation - Added `handleMCPError` function to centralize error responses for domain restrictions and inspection failures. - Introduced custom error classes: `MCPDomainNotAllowedError` and `MCPInspectionFailedError` for better error management. - Updated MCP server controllers to utilize the new error handling mechanism. - Enhanced domain validation logic in `createMCPTools` and `createMCPTool` functions to prevent operations on disallowed domains. - Added tests for runtime domain validation scenarios to ensure correct behavior. * chore: import order * 🔒 feat: Enhance domain validation in MCP tools with user role-based restrictions - Integrated `getAppConfig` to fetch allowed domains based on user roles in `createMCPTools` and `createMCPTool` functions. - Removed the deprecated `getAllowedDomains` method from `MCPServersRegistry`. - Updated tests to verify domain restrictions are applied correctly based on user roles. - Ensured that domain validation logic is consistent and efficient across tool creation processes. * 🔒 test: Refactor MCP tests to utilize configurable app settings - Introduced a mock for `getAppConfig` to enhance test flexibility. - Removed redundant mock definition to streamline test setup. - Ensured tests are aligned with the latest domain validation logic. --------- Co-authored-by: Atef Bellaaj <slalom.bellaaj@external.daimlertruck.com> Co-authored-by: Danny Avila <danny@librechat.ai> 2025-12-18 19:57:49 +01:00
			`/**`
			`* Extracts domain from MCP server config URL.`
			`* Returns null for stdio transports (no URL) or invalid URLs.`
			`* @param config - MCP server configuration (accepts any config with optional url field)`
			`*/`
			`export function extractMCPServerDomain(config: Record<string, unknown>): string \| null {`
			`const url = config.url;`
			`// Stdio transports don't have URLs - always allowed`
			`if (!url \|\| typeof url !== 'string') {`
			`return null;`
			`}`

			`try {`
			`const parsedUrl = new URL(url);`
			`return parsedUrl.hostname.replace(/^www\./i, '');`
			`} catch {`
			`return null;`
			`}`
			`}`

			`/**`
			`* Validates MCP server domain against allowedDomains.`
			`* Reuses isActionDomainAllowed for consistent validation logic.`
			`* Stdio transports (no URL) are always allowed.`
			`* @param config - MCP server configuration with optional url field`
			`* @param allowedDomains - List of allowed domains (with wildcard support)`
			`*/`
			`export async function isMCPDomainAllowed(`
			`config: Record<string, unknown>,`
			`allowedDomains?: string[] \| null,`
			`): Promise<boolean> {`
			`const domain = extractMCPServerDomain(config);`

			`// Stdio transports don't have domains - always allowed`
			`if (!domain) {`
			`return true;`
			`}`

			`// Reuse existing validation logic (includes wildcard support)`
			`return isActionDomainAllowed(domain, allowedDomains);`
			`}`