Merge branch 'feat/mcp-06-18' into deploy/dev

2026-05-02 00:18:03 +08:00 · 2025-10-15 15:06:32 +08:00
parent 8555dd8154 979d35d87f
commit a12350f0a0
5 changed files with 30 additions and 37 deletions
--- a/api/core/entities/mcp_provider.py
+++ b/api/core/entities/mcp_provider.py
@ -189,34 +189,16 @@ class MCPProviderEntity(BaseModel):
            return None

        # Check if we have nested client_information structure
-        if "client_information" in credentials:
-            # Handle nested structure (Authorization Code flow)
-            client_info_data = credentials["client_information"]
-            if isinstance(client_info_data, dict):
-                return OAuthClientInformation.model_validate(client_info_data)
+        if "client_information" not in credentials:
            return None
-
-        # Handle flat structure (Client Credentials flow)
-        if "client_id" not in credentials:
-            return None
-
-        # Build client information from flat structure
-        client_info = {
-            "client_id": credentials.get("client_id", ""),
-            "client_secret": credentials.get("client_secret", ""),
-            "client_name": credentials.get("client_name", CLIENT_NAME),
-        }
-
-        # Parse JSON fields if they exist
-        json_fields = ["redirect_uris", "grant_types", "response_types"]
-        for field in json_fields:
-            if field in credentials:
-                client_info[field] = json.loads(credentials[field])
-
-        if "scope" in credentials:
-            client_info["scope"] = credentials["scope"]
-
-        return OAuthClientInformation.model_validate(client_info)
+        client_info_data = credentials["client_information"]
+        if isinstance(client_info_data, dict):
+            if "encrypted_client_secret" in client_info_data:
+                client_info_data["client_secret"] = encrypter.decrypt_token(
+                    self.tenant_id, client_info_data["encrypted_client_secret"]
+                )
+            return OAuthClientInformation.model_validate(client_info_data)
+        return None

    def retrieve_tokens(self) -> OAuthTokens | None:
        """OAuth tokens if available"""
--- a/api/core/mcp/auth/auth_flow.py
+++ b/api/core/mcp/auth/auth_flow.py
@ -12,6 +12,7 @@ from pydantic import BaseModel, ValidationError

 from core.entities.mcp_provider import MCPProviderEntity, MCPSupportGrantType
 from core.helper import ssrf_proxy
+from core.mcp.error import MCPRefreshTokenError
 from core.mcp.types import (
    LATEST_PROTOCOL_VERSION,
    OAuthClientInformation,
@ -286,7 +287,7 @@ def refresh_authorization(

    response = ssrf_proxy.post(token_url, data=params)
    if not response.is_success:
-        raise ValueError(f"Token refresh failed: HTTP {response.status_code}")
+        raise MCPRefreshTokenError(response.text)
    return OAuthTokens.model_validate(response.json())


--- a/api/core/mcp/error.py
+++ b/api/core/mcp/error.py
@ -8,3 +8,7 @@ class MCPConnectionError(MCPError):

 class MCPAuthError(MCPConnectionError):
    pass
+
+
+class MCPRefreshTokenError(MCPError):
+    pass