Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-17 00:40:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

✔️ fix: Resource field TypeError & Missing Role Permission Type (#8606)

Browse source 
* fix: resource parameter undefined TypeError in log

* chore: Add missing FILE_SEARCH permission type to IRole interface

* chore: Bump version of @librechat/data-schemas to 0.0.11

* fix: Ensure resource is defined and handle potential null values in OAuth flow
This commit is contained in:
Danny Avila 2025-07-22 18:22:58 -04:00 committed by GitHub
parent baf3b4ad08
commit 62c3f135e7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 14 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

19
packages/api/src/mcp/oauth/handler.ts
View file

@ -269,18 +269,17 @@ export class MCPOAuthHandler {
authorizationUrl.searchParams.set('state', flowId);
logger.debug(`[MCPOAuth] Added state parameter to authorization URL`);
if (resourceMetadata?.resource) {
if (resourceMetadata?.resource != null && resourceMetadata.resource) {
authorizationUrl.searchParams.set('resource', resourceMetadata.resource);
logger.debug(
`[MCPOAuth] Added resource parameter to authorization URL: ${resourceMetadata.resource}`,
);
} else {
logger.warn(
`[MCPOAuth] Resource metadata missing 'resource' property for ${serverName}. ` +
'This can cause issues with some Authorization Servers who expect a "resource" parameter.',
);
}
logger.debug(
`[MCPOAuth] Added resource parameter to authorization URL: ${resourceMetadata.resource}`,
);
} catch (error) {
logger.error(`[MCPOAuth] startAuthorization failed:`, error);
throw error;
@ -343,9 +342,9 @@ export class MCPOAuthHandler {
throw new Error('Invalid flow metadata');
}
let resource;
let resource: URL | undefined;
try {
if (metadata.resourceMetadata?.resource) {
if (metadata.resourceMetadata?.resource != null && metadata.resourceMetadata.resource) {
resource = new URL(metadata.resourceMetadata.resource);
logger.debug(`[MCPOAuth] Resource URL for flow ${flowId}: ${resource.toString()}`);
}
@ -358,12 +357,12 @@ export class MCPOAuthHandler {
}
const tokens = await exchangeAuthorization(metadata.serverUrl, {
redirectUri: metadata.clientInfo.redirect_uris?.[0] || this.getDefaultRedirectUri(),
metadata: metadata.metadata as unknown as SDKOAuthMetadata,
clientInformation: metadata.clientInfo,
authorizationCode,
codeVerifier: metadata.codeVerifier,
redirectUri: metadata.clientInfo.redirect_uris?.[0] || this.getDefaultRedirectUri(),
resource: resource,
authorizationCode,
resource,
});
logger.debug('[MCPOAuth] Raw tokens from exchange:', {