initial working version

Signed-off-by: Jesse Sanford <[email protected]>

Author: jessesanford

.gitignore

@@ -1,3 +1,4 @@
 node_modules
 .mcp-cli
 dist
+.pnpm-store

.pkg-pr-new.json

@@ -0,0 +1,16 @@
+{
+  "packages": {
+    ".": {
+      "name": "mcp-remote",
+      "template": {
+        "name": "mcp-remote-example",
+        "label": "Try mcp-remote",
+        "description": "Test the mcp-remote package with this example"
+      }
+    }
+  },
+  "comment": {
+    "header": "📦 **Package Preview Available**",
+    "footer": "Install this preview: `npm install https://pkg.pr.new/mcp-remote@{{pr}}`"
+  }
+} 

README.md

@@ -1,5 +1,7 @@
 # `mcp-remote`
 
+[![pkg.pr.new](https://pkg.pr.new/badge/geelen/mcp-remote)](https://pkg.pr.new/~/geelen/mcp-remote)
+
 Connect an MCP Client that only supports local (stdio) servers to a Remote MCP Server, with auth support:
 
 **Note: this is a working proof-of-concept** but should be considered **experimental**.
@@ -135,6 +137,16 @@ To bypass authentication, or to emit custom headers on all requests to your remo
       ]
 ```
 
+* To allow connections to servers with self-signed or invalid TLS certificates, add the `--insecure` flag. **⚠️ Warning**: This disables certificate verification and should only be used in development environments or trusted networks. Do not use this flag when connecting to untrusted servers as it makes your connection vulnerable to man-in-the-middle attacks.
+
+```json
+      "args": [
+        "mcp-remote",
+        "https://self-signed-server.example.com/sse",
+        "--insecure"
+      ]
+```
+
 ### Transport Strategies
 
 MCP Remote supports different transport strategies when connecting to an MCP server. This allows you to control whether it uses Server-Sent Events (SSE) or HTTP transport, and in what order it tries them.
@@ -271,6 +283,8 @@ this might look like:
 }
 ```
 
+Alternatively, for development or trusted internal servers with self-signed certificates, you can use the `--insecure` flag to bypass certificate validation entirely. **Note**: This should only be used when you trust the server and network.
+
 ### Check the logs
 
 * [Follow Claude Desktop logs in real-time](https://modelcontextprotocol.io/docs/tools/debugging#debugging-in-claude-desktop)

src/client.ts

@@ -36,6 +36,7 @@ async function runClient(
   host: string,
   staticOAuthClientMetadata: StaticOAuthClientMetadata,
   staticOAuthClientInfo: StaticOAuthClientInformationFull,
+  insecure: boolean = false,
 ) {
   // Set up event emitter for auth flow
   const events = new EventEmitter()
@@ -93,7 +94,16 @@ async function runClient(
 
   try {
     // Connect to remote server with lazy authentication
-    const transport = await connectToRemoteServer(client, serverUrl, authProvider, headers, authInitializer, transportStrategy)
+    const transport = await connectToRemoteServer(
+      client,
+      serverUrl,
+      authProvider,
+      headers,
+      authInitializer,
+      transportStrategy,
+      new Set(),
+      insecure,
+    )
 
     // Set up message and error handlers
     transport.onmessage = (message) => {
@@ -159,8 +169,8 @@ async function runClient(
 
 // Parse command-line arguments and run the client
 parseCommandLineArgs(process.argv.slice(2), 'Usage: npx tsx client.ts <https://server-url> [callback-port] [--debug]')
-  .then(({ serverUrl, callbackPort, headers, transportStrategy, host, staticOAuthClientMetadata, staticOAuthClientInfo }) => {
-    return runClient(serverUrl, callbackPort, headers, transportStrategy, host, staticOAuthClientMetadata, staticOAuthClientInfo)
+  .then(({ serverUrl, callbackPort, headers, transportStrategy, host, staticOAuthClientMetadata, staticOAuthClientInfo, insecure }) => {
+    return runClient(serverUrl, callbackPort, headers, transportStrategy, host, staticOAuthClientMetadata, staticOAuthClientInfo, insecure)
   })
   .catch((error) => {
     console.error('Fatal error:', error)

src/lib/utils.test.ts

@@ -1,3 +1,31 @@
 import { describe, it, expect } from 'vitest'
+import { parseCommandLineArgs } from './utils'
 
 // All sanitizeUrl tests have been moved to the strict-url-sanitise package
+
+describe('parseCommandLineArgs', () => {
+  it('should parse --insecure flag correctly', async () => {
+    const args = ['https://example.com', '--insecure']
+    const result = await parseCommandLineArgs(args, 'Test usage')
+
+    expect(result.insecure).toBe(true)
+    expect(result.serverUrl).toBe('https://example.com')
+  })
+
+  it('should default insecure to false when not provided', async () => {
+    const args = ['https://example.com']
+    const result = await parseCommandLineArgs(args, 'Test usage')
+
+    expect(result.insecure).toBe(false)
+    expect(result.serverUrl).toBe('https://example.com')
+  })
+
+  it('should work with multiple flags including --insecure', async () => {
+    const args = ['https://example.com', '--debug', '--insecure', '--allow-http']
+    const result = await parseCommandLineArgs(args, 'Test usage')
+
+    expect(result.insecure).toBe(true)
+    expect(result.debug).toBe(true)
+    expect(result.serverUrl).toBe('https://example.com')
+  })
+})

src/lib/utils.ts

@@ -13,6 +13,7 @@ import crypto from 'crypto'
 import fs from 'fs'
 import { readFile, rm } from 'fs/promises'
 import path from 'path'
+import https from 'https'
 import { version as MCP_REMOTE_VERSION } from '../../package.json'
 
 // Global type declaration for typescript
@@ -191,24 +192,34 @@ export async function connectToRemoteServer(
   authInitializer: AuthInitializer,
   transportStrategy: TransportStrategy = 'http-first',
   recursionReasons: Set<string> = new Set(),
+  insecure: boolean = false,
 ): Promise<Transport> {
   log(`[${pid}] Connecting to remote server: ${serverUrl}`)
   const url = new URL(serverUrl)
 
   // Create transport with eventSourceInit to pass Authorization header if present
   const eventSourceInit = {
     fetch: (url: string | URL, init?: RequestInit) => {
-      return Promise.resolve(authProvider?.tokens?.()).then((tokens) =>
-        fetch(url, {
+      return Promise.resolve(authProvider?.tokens?.()).then((tokens) => {
+        const requestInit: RequestInit = {
           ...init,
           headers: {
             ...(init?.headers as Record<string, string> | undefined),
             ...headers,
             ...(tokens?.access_token ? { Authorization: `Bearer ${tokens.access_token}` } : {}),
             Accept: 'text/event-stream',
           } as Record<string, string>,
-        }),
-      )
+        }
+
+        // Add insecure HTTPS agent if insecure flag is enabled
+        if (insecure && new URL(url).protocol === 'https:') {
+          ;(requestInit as any).agent = new https.Agent({
+            rejectUnauthorized: false,
+          })
+        }
+
+        return fetch(url, requestInit)
+      })
     },
   }
 
@@ -219,15 +230,24 @@ export async function connectToRemoteServer(
 
   // Create transport instance based on the strategy
   const sseTransport = transportStrategy === 'sse-only' || transportStrategy === 'sse-first'
+
+  // Create requestInit with insecure agent if needed
+  const requestInit: RequestInit = { headers }
+  if (insecure && url.protocol === 'https:') {
+    ;(requestInit as any).agent = new https.Agent({
+      rejectUnauthorized: false,
+    })
+  }
+
   const transport = sseTransport
     ? new SSEClientTransport(url, {
         authProvider,
-        requestInit: { headers },
+        requestInit,
         eventSourceInit,
       })
     : new StreamableHTTPClientTransport(url, {
         authProvider,
-        requestInit: { headers },
+        requestInit,
       })
 
   try {
@@ -245,7 +265,7 @@ export async function connectToRemoteServer(
         // the client is already connected. So let's just create a one-off client to make a single request and figure
         // out if we're actually talking to an HTTP server or not.
         if (DEBUG) debugLog('Creating test transport for HTTP-only connection test')
-        const testTransport = new StreamableHTTPClientTransport(url, { authProvider, requestInit: { headers } })
+        const testTransport = new StreamableHTTPClientTransport(url, { authProvider, requestInit })
         const testClient = new Client({ name: 'mcp-remote-fallback-test', version: '0.0.0' }, { capabilities: {} })
         await testClient.connect(testTransport)
       }
@@ -286,6 +306,7 @@ export async function connectToRemoteServer(
         authInitializer,
         sseTransport ? 'http-only' : 'sse-only',
         recursionReasons,
+        insecure,
       )
     } else if (error instanceof UnauthorizedError || (error instanceof Error && error.message.includes('Unauthorized'))) {
       log('Authentication required. Initializing auth...')
@@ -333,7 +354,16 @@ export async function connectToRemoteServer(
         if (DEBUG) debugLog('Recursively reconnecting after auth', { recursionReasons: Array.from(recursionReasons) })
 
         // Recursively call connectToRemoteServer with the updated recursion tracking
-        return connectToRemoteServer(client, serverUrl, authProvider, headers, authInitializer, transportStrategy, recursionReasons)
+        return connectToRemoteServer(
+          client,
+          serverUrl,
+          authProvider,
+          headers,
+          authInitializer,
+          transportStrategy,
+          recursionReasons,
+          insecure,
+        )
       } catch (authError: any) {
         log('Authorization error:', authError)
         if (DEBUG)
@@ -550,6 +580,7 @@ export async function parseCommandLineArgs(args: string[], usage: string) {
   const serverUrl = args[0]
   const specifiedPort = args[1] ? parseInt(args[1]) : undefined
   const allowHttp = args.includes('--allow-http')
+  const insecure = args.includes('--insecure')
 
   // Check for debug flag
   const debug = args.includes('--debug')
@@ -691,6 +722,7 @@ export async function parseCommandLineArgs(args: string[], usage: string) {
     staticOAuthClientMetadata,
     staticOAuthClientInfo,
     authorizeResource,
+    insecure,
   }
 }
 

src/proxy.ts

@@ -36,6 +36,7 @@ async function runProxy(
   staticOAuthClientMetadata: StaticOAuthClientMetadata,
   staticOAuthClientInfo: StaticOAuthClientInformationFull,
   authorizeResource: string,
+  insecure: boolean = false,
 ) {
   // Set up event emitter for auth flow
   const events = new EventEmitter()
@@ -86,7 +87,16 @@ async function runProxy(
 
   try {
     // Connect to remote server with lazy authentication
-    const remoteTransport = await connectToRemoteServer(null, serverUrl, authProvider, headers, authInitializer, transportStrategy)
+    const remoteTransport = await connectToRemoteServer(
+      null,
+      serverUrl,
+      authProvider,
+      headers,
+      authInitializer,
+      transportStrategy,
+      new Set(),
+      insecure,
+    )
 
     // Set up bidirectional proxy between local and remote transports
     mcpProxy({
@@ -155,6 +165,7 @@ parseCommandLineArgs(process.argv.slice(2), 'Usage: npx tsx proxy.ts <https://se
       staticOAuthClientMetadata,
       staticOAuthClientInfo,
       authorizeResource,
+      insecure,
     }) => {
       return runProxy(
         serverUrl,
@@ -165,6 +176,7 @@ parseCommandLineArgs(process.argv.slice(2), 'Usage: npx tsx proxy.ts <https://se
         staticOAuthClientMetadata,
         staticOAuthClientInfo,
         authorizeResource,
+        insecure,
       )
     },
   )