🔒 feat: Add MCP server domain restrictions for remote transports (#11013)

* 🔒 feat: Add MCP server domain restrictions for remote transports * 🔒 feat: Implement comprehensive MCP error handling and domain validation - Added `handleMCPError` function to centralize error responses for domain restrictions and inspection failures. - Introduced custom error classes: `MCPDomainNotAllowedError` and `MCPInspectionFailedError` for better error management. - Updated MCP server controllers to utilize the new error handling mechanism. - Enhanced domain validation logic in `createMCPTools` and `createMCPTool` functions to prevent operations on disallowed domains. - Added tests for runtime domain validation scenarios to ensure correct behavior. * chore: import order * 🔒 feat: Enhance domain validation in MCP tools with user role-based restrictions - Integrated `getAppConfig` to fetch allowed domains based on user roles in `createMCPTools` and `createMCPTool` functions. - Removed the deprecated `getAllowedDomains` method from `MCPServersRegistry`. - Updated tests to verify domain restrictions are applied correctly based on user roles. - Ensured that domain validation logic is consistent and efficient across tool creation processes. * 🔒 test: Refactor MCP tests to utilize configurable app settings - Introduced a mock for `getAppConfig` to enhance test flexibility. - Removed redundant mock definition to streamline test setup. - Ensured tests are aligned with the latest domain validation logic. --------- Co-authored-by: Atef Bellaaj <slalom.bellaaj@external.daimlertruck.com> Co-authored-by: Danny Avila <danny@librechat.ai>
2025-12-19 09:50:15 +01:00 · 2025-12-18 19:57:49 +01:00 · 2025-12-18 19:57:49 +01:00 · 95a69df70e
commit 95a69df70e
parent 98294755ee
19 changed files with 815 additions and 75 deletions
--- a/api/server/controllers/mcp.js
+++ b/api/server/controllers/mcp.js
@ -6,10 +6,54 @@
 * @import { MCPServerDocument } from 'librechat-data-provider'
 */
 const { logger } = require('@librechat/data-schemas');
+const {
+  isMCPDomainNotAllowedError,
+  isMCPInspectionFailedError,
+  MCPErrorCodes,
+} = require('@librechat/api');
 const { Constants, MCPServerUserInputSchema } = require('librechat-data-provider');
 const { cacheMCPServerTools, getMCPServerTools } = require('~/server/services/Config');
 const { getMCPManager, getMCPServersRegistry } = require('~/config');

+/**
+ * Handles MCP-specific errors and sends appropriate HTTP responses.
+ * @param {Error} error - The error to handle
+ * @param {import('express').Response} res - Express response object
+ * @returns {import('express').Response | null} Response if handled, null if not an MCP error
+ */
+function handleMCPError(error, res) {
+  if (isMCPDomainNotAllowedError(error)) {
+    return res.status(error.statusCode).json({
+      error: error.code,
+      message: error.message,
+    });
+  }
+
+  if (isMCPInspectionFailedError(error)) {
+    return res.status(error.statusCode).json({
+      error: error.code,
+      message: error.message,
+    });
+  }
+
+  // Fallback for legacy string-based error handling (backwards compatibility)
+  if (error.message?.startsWith(MCPErrorCodes.DOMAIN_NOT_ALLOWED)) {
+    return res.status(403).json({
+      error: MCPErrorCodes.DOMAIN_NOT_ALLOWED,
+      message: error.message.replace(/^MCP_DOMAIN_NOT_ALLOWED\s*:\s*/i, ''),
+    });
+  }
+
+  if (error.message?.startsWith(MCPErrorCodes.INSPECTION_FAILED)) {
+    return res.status(400).json({
+      error: MCPErrorCodes.INSPECTION_FAILED,
+      message: error.message,
+    });
+  }
+
+  return null;
+}
+
 /**
 * Get all MCP tools available to the user
 */
@ -175,11 +219,9 @@ const createMCPServerController = async (req, res) => {
    });
  } catch (error) {
    logger.error('[createMCPServer]', error);
-    if (error.message?.startsWith('MCP_INSPECTION_FAILED')) {
-      return res.status(400).json({
-        error: 'MCP_INSPECTION_FAILED',
-        message: error.message,
-      });
+    const mcpErrorResponse = handleMCPError(error, res);
+    if (mcpErrorResponse) {
+      return mcpErrorResponse;
    }
    res.status(500).json({ message: error.message });
  }
@ -235,11 +277,9 @@ const updateMCPServerController = async (req, res) => {
    res.status(200).json(parsedConfig);
  } catch (error) {
    logger.error('[updateMCPServer]', error);
-    if (error.message?.startsWith('MCP_INSPECTION_FAILED:')) {
-      return res.status(400).json({
-        error: 'MCP_INSPECTION_FAILED',
-        message: error.message,
-      });
+    const mcpErrorResponse = handleMCPError(error, res);
+    if (mcpErrorResponse) {
+      return mcpErrorResponse;
    }
    res.status(500).json({ message: error.message });
  }