Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-17 00:40:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

🔐 feat: Add Resource Parameter to OAuth Requests per MCP Spec (#8599)

Browse source
This commit is contained in:
Rinor Maloku 2025-07-22 23:52:55 +02:00 committed by GitHub
parent e5d08ccdf1
commit baf3b4ad08
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 33 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

28
packages/api/src/mcp/oauth/handler.ts
View file

@ -268,6 +268,19 @@ export class MCPOAuthHandler {
/** Add state parameter with flowId to the authorization URL */
authorizationUrl.searchParams.set('state', flowId);
logger.debug(`[MCPOAuth] Added state parameter to authorization URL`);
if (resourceMetadata?.resource) {
authorizationUrl.searchParams.set('resource', resourceMetadata.resource);
} else {
logger.warn(
`[MCPOAuth] Resource metadata missing 'resource' property for ${serverName}. ` +
'This can cause issues with some Authorization Servers who expect a "resource" parameter.',
);
}
logger.debug(
`[MCPOAuth] Added resource parameter to authorization URL: ${resourceMetadata.resource}`,
);
} catch (error) {
logger.error(`[MCPOAuth] startAuthorization failed:`, error);
throw error;
@ -330,12 +343,27 @@ export class MCPOAuthHandler {
throw new Error('Invalid flow metadata');
}
let resource;
try {
if (metadata.resourceMetadata?.resource) {
resource = new URL(metadata.resourceMetadata.resource);
logger.debug(`[MCPOAuth] Resource URL for flow ${flowId}: ${resource.toString()}`);
}
} catch (error) {
logger.warn(
`[MCPOAuth] Invalid resource URL format for flow ${flowId}: '${metadata.resourceMetadata!.resource}'. ` +
`Error: ${error instanceof Error ? error.message : 'Unknown error'}. Proceeding without resource parameter.`,
);
resource = undefined;
}
const tokens = await exchangeAuthorization(metadata.serverUrl, {
metadata: metadata.metadata as unknown as SDKOAuthMetadata,
clientInformation: metadata.clientInfo,
authorizationCode,
codeVerifier: metadata.codeVerifier,
redirectUri: metadata.clientInfo.redirect_uris?.[0] || this.getDefaultRedirectUri(),
resource: resource,
});
logger.debug('[MCPOAuth] Raw tokens from exchange:', {