Federico Ruggi
5ce67b5b71
📮 feat: Custom OAuth Headers Support for MCP Server Config ( #10014 )
...
Sync Locize Translations & Create Translation PR / Sync Translation Keys with Locize (push) Waiting to run
Sync Locize Translations & Create Translation PR / Create Translation PR on Version Published (push) Blocked by required conditions
Docker Dev Branch Images Build / build (Dockerfile, lc-dev, node) (push) Has been cancelled
Docker Dev Branch Images Build / build (Dockerfile.multi, lc-dev-api, api-build) (push) Has been cancelled
Docker Dev Images Build / build (Dockerfile, librechat-dev, node) (push) Has been cancelled
Docker Dev Images Build / build (Dockerfile.multi, librechat-dev-api, api-build) (push) Has been cancelled
* add oauth_headers field to mcp options
* wrap fetch to pass oauth headers
* fix order
* consolidate headers passing
* fix tests
2025-10-11 11:17:12 -04:00
Danny Avila
344e7c44b5
🔐 fix: Respect Server's Token Endpoint Auth Methods for MCP OAuth Refresh ( #9717 )
...
* fix: respect server's token endpoint auth methods for MCP OAuth refresh
Previously, LibreChat always used Basic Auth when refreshing OAuth tokens if a
client_secret was present. This caused issues with servers (like FastMCP) that
only support client_secret_post. Now properly checks and respects the server's
advertised token_endpoint_auth_methods_supported.
Fixes token refresh failures with error: "refresh_token.client_id: Field required"
* chore: remove MCP OAuth URL Logging
2025-09-19 06:50:02 -04:00
Federico Ruggi
04c3a5a861
🔌 feat: Revoke MCP OAuth Credentials ( #9464 )
...
* revocation metadata fields
* store metadata
* get client info and meta
* revoke oauth tokens
* delete flow
* uninstall oauth mcp
* revoke button
* revoke oauth refactor, add comments, test
* adjust for clarity
* test deleteFlow
* handle metadata type
* no mutation
* adjust for clarity
* styling
* restructure for clarity
* move token-specific stuff
* use mcpmanager's oauth servers
* fix typo
* fix addressing of oauth prop
* log prefix
* remove debug log
2025-09-10 18:53:34 -04:00
Theo N. Truong
8780a78165
♻️ refactor: MCPManager for Scalability, Fix App-Level Detection, Add Lazy Connections ( #8930 )
...
* feat: MCP Connection management overhaul - Making MCPManager manageable
Refactor the monolithic MCPManager into focused, single-responsibility classes:
• MCPServersRegistry: Server configuration discovery and metadata management
• UserConnectionManager: Manages user-level connections
• ConnectionsRepository: Low-level connection pool with lazy loading
• MCPConnectionFactory: Handles MCP connection creation with OAuth support
New Features:
• Lazy loading of app-level connections for horizontal scaling
• Automatic reconnection for app-level connections
• Enhanced OAuth detection with explicit requiresOAuth flag
• Centralized MCP configuration management
Bug Fixes:
• App-level connection detection in MCPManager.callTool
• MCP Connection Reinitialization route behavior
Optimizations:
• MCPConnection.isConnected() caching to reduce overhead
• Concurrent server metadata retrieval instead of sequential
This refactoring addresses scalability bottlenecks and improves reliability
while maintaining backward compatibility with existing configurations.
* feat: Enabled import order in eslint.
* # Moved tests to __tests__ folder
# added tests for MCPServersRegistry.ts
* # Add unit tests for ConnectionsRepository functionality
* # Add unit tests for MCPConnectionFactory functionality
* # Reorganize MCP connection tests and improve error handling
* # reordering imports
* # Update testPathIgnorePatterns in jest.config.mjs to exclude development TypeScript files
* # removed mcp/manager.ts
2025-08-13 11:45:06 -04:00
