import type { OAuthClientInformation, OAuthClientInformationFull, OAuthClientMetadata, OAuthTokens, } from '@modelcontextprotocol/sdk/shared/auth.js'; export type { OAuthClientInformation, OAuthClientInformationFull, OAuthClientMetadata, OAuthTokens, }; /** * Storage adapter interface for persisting OAuth data */ export interface StorageAdapter { /** * Get a value by key */ get(key: string): Promise | string | undefined; /** * Set a value by key */ set(key: string, value: string): Promise | void; /** * Delete a value by key */ delete(key: string): Promise | void; } /** * Configuration for OAuth client provider */ export interface OAuthConfig { /** * OAuth client ID (can be provided or dynamically registered) */ clientId?: string; /** * OAuth client secret (optional for public clients) */ clientSecret?: string; /** * Redirect URI for OAuth callbacks */ redirectUri?: string; /** * OAuth scope to request */ scope?: string; /** * Session identifier for this OAuth client instance */ sessionId?: string; /** * Storage adapter for persisting OAuth data */ storage?: StorageAdapter; /** * OAuth client metadata for registration */ clientMetadata?: Partial; /** * OAuth tokens (can be provided statically or loaded from storage) */ tokens?: OAuthTokens & { expires_at?: number | undefined; }; /** * Token refresh endpoint URL (optional, can be obtained from metadata) */ tokenEndpoint?: string; /** * Token refresh configuration */ tokenRefresh?: { /** * Maximum number of retry attempts for token refresh */ maxRetries?: number; /** * Delay between retry attempts in milliseconds */ retryDelay?: number; }; } /** * Default OAuth client metadata */ export const DEFAULT_CLIENT_METADATA: OAuthClientMetadata = { redirect_uris: [], grant_types: ['authorization_code', 'refresh_token'], response_types: ['code'], token_endpoint_auth_method: 'client_secret_post', scope: 'openid profile email', client_name: 'MCP OAuth Client', client_uri: 'https://github.com/modelcontextprotocol/typescript-sdk', }; /** * Generate a random session ID */ export function generateSessionId(): string { return crypto.randomUUID(); } /** * Generate a random state parameter for CSRF protection */ export function generateState(): string { const array = new Uint8Array(32); crypto.getRandomValues(array); return Array.from(array, byte => byte.toString(16).padStart(2, '0')).join(''); }