Implementing invalidateCredentials

Author: geelen

src/lib/node-oauth-client-provider.ts

@@ -7,7 +7,7 @@ import {
   OAuthTokensSchema,
 } from '@modelcontextprotocol/sdk/shared/auth.js'
 import type { OAuthProviderOptions, StaticOAuthClientMetadata } from './types'
-import { readJsonFile, writeJsonFile, readTextFile, writeTextFile } from './mcp-auth-config'
+import { readJsonFile, writeJsonFile, readTextFile, writeTextFile, deleteConfigFile } from './mcp-auth-config'
 import { StaticOAuthClientInformationFull } from './types'
 import { getServerUrlHash, log, debugLog, DEBUG, MCP_REMOTE_VERSION } from './utils'
 
@@ -193,4 +193,41 @@ export class NodeOAuthClientProvider implements OAuthClientProvider {
     if (DEBUG) debugLog('Code verifier found:', !!verifier)
     return verifier
   }
+
+  /**
+   * Invalidates the specified credentials
+   * @param scope The scope of credentials to invalidate
+   */
+  async invalidateCredentials(scope: 'all' | 'client' | 'tokens' | 'verifier'): Promise<void> {
+    if (DEBUG) debugLog(`Invalidating credentials: ${scope}`)
+
+    switch (scope) {
+      case 'all':
+        await Promise.all([
+          deleteConfigFile(this.serverUrlHash, 'client_info.json'),
+          deleteConfigFile(this.serverUrlHash, 'tokens.json'),
+          deleteConfigFile(this.serverUrlHash, 'code_verifier.txt'),
+        ])
+        if (DEBUG) debugLog('All credentials invalidated')
+        break
+
+      case 'client':
+        await deleteConfigFile(this.serverUrlHash, 'client_info.json')
+        if (DEBUG) debugLog('Client information invalidated')
+        break
+
+      case 'tokens':
+        await deleteConfigFile(this.serverUrlHash, 'tokens.json')
+        if (DEBUG) debugLog('OAuth tokens invalidated')
+        break
+
+      case 'verifier':
+        await deleteConfigFile(this.serverUrlHash, 'code_verifier.txt')
+        if (DEBUG) debugLog('Code verifier invalidated')
+        break
+
+      default:
+        throw new Error(`Unknown credential scope: ${scope}`)
+    }
+  }
 }

src/lib/utils.ts

@@ -3,6 +3,7 @@ import { Client } from '@modelcontextprotocol/sdk/client/index.js'
 import { SSEClientTransport } from '@modelcontextprotocol/sdk/client/sse.js'
 import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js'
 import { Transport } from '@modelcontextprotocol/sdk/shared/transport.js'
+import { OAuthError } from '@modelcontextprotocol/sdk/server/auth/errors.js'
 import { OAuthClientInformationFull, OAuthClientInformationFullSchema } from '@modelcontextprotocol/sdk/shared/auth.js'
 import { OAuthCallbackServerOptions, StaticOAuthClientInformationFull, StaticOAuthClientMetadata } from './types'
 import { getConfigDir, getConfigFilePath, readJsonFile } from './mcp-auth-config'
@@ -12,7 +13,6 @@ import crypto from 'crypto'
 import fs from 'fs'
 import { readFile, rm } from 'fs/promises'
 import path from 'path'
-import os from 'os'
 
 // Global type declaration for typescript
 declare global {
@@ -293,7 +293,7 @@ export async function connectToRemoteServer(
       log('Authentication required. Initializing auth...')
       if (DEBUG) {
         debugLog('Authentication error detected', {
-          errorType,
+          errorCode: error instanceof OAuthError ? error.errorCode : undefined,
           errorMessage: error.message,
           stack: error.stack,
         })