fix: refresh token

Author: fmenezes

dist/atlas-api.js

@@ -27,7 +27,8 @@ export async function callAtlasAPI(endpoint, method = 'GET', body) {
             headers: {
                 'Authorization': `Bearer ${token}`,
                 'Content-Type': 'application/json',
-                'Accept': 'application/vnd.atlas.2025-04-07+json'
+                'Accept': 'application/vnd.atlas.2025-04-07+json',
+                credentials: 'include',
             },
             body: body ? JSON.stringify(body) : undefined,
         });

dist/auth.js

@@ -9,7 +9,7 @@ const __dirname = path.dirname(__filename);
 const wait = (milliseconds) => {
     return new Promise(resolve => setTimeout(resolve, milliseconds));
 };
-const TOKEN_FILE = path.resolve(__dirname, "token.json");
+const TOKEN_FILE = process.env.TOKEN_FILE || path.resolve(__dirname, "token.json");
 export const authState = {
     deviceCode: "",
     verificationUri: "",
@@ -95,15 +95,11 @@ export async function pollToken() {
     throw new Error("Authentication timed out. Please restart the process.");
 }
 export function saveToken(token) {
+    globalState.auth = true;
+    authState.token = token;
     fs.writeFileSync(TOKEN_FILE, JSON.stringify({ token }));
     log("info", "Token saved to file.");
 }
-export function getToken() {
-    if (!authState.token) {
-        loadToken();
-    }
-    return authState.token;
-}
 function loadToken() {
     if (fs.existsSync(TOKEN_FILE)) {
         try {
@@ -129,19 +125,25 @@ export async function isAuthenticated() {
     if (globalState.auth) {
         return true;
     }
+    const token = await getToken();
+    return globalState.auth;
+}
+export async function getToken() {
     // Try to load token from file if not already loaded
     if (!authState.token) {
         loadToken();
     }
     if (!authState.token) {
+        globalState.auth = false;
         log("info", "No token found after loading");
-        return false;
+        return null;
     }
     // Validate the existing token
     try {
         log("info", "Validating token...");
         if (validateToken(authState.token)) {
-            return true;
+            globalState.auth = true;
+            return authState.token;
         }
         // If the token is invalid, attempt to refresh it
         log("info", "Token is invalid, refreshing...");
@@ -151,15 +153,15 @@ export async function isAuthenticated() {
             globalState.auth = true;
             log("info", "Token refreshed successfully.");
             saveToken(refreshedToken);
-            return true;
+            return refreshedToken;
         }
         log("error", "Failed to refresh token.");
     }
     catch (error) {
         log("error", `Error during token validation or refresh: ${error}`);
     }
     globalState.auth = false;
-    return false;
+    return null;
 }
 function validateToken(tokenData) {
     try {
@@ -169,7 +171,7 @@ function validateToken(tokenData) {
         }
         // If expiry is zero value (not set), consider token not expired (like in Go)
         if (!tokenData.expiry) {
-            return true;
+            return false;
         }
         // Match the Go code's expiryDelta concept (10 seconds)
         const expiryDelta = 10 * 1000; // 10 seconds in milliseconds
@@ -206,7 +208,10 @@ async function refreshToken(token) {
         });
         if (response.ok) {
             const data = await response.json();
-            return data;
+            const buf = Buffer.from(data.access_token.split('.')[1], 'base64').toString();
+            const jwt = JSON.parse(buf);
+            const expiry = new Date(jwt.exp * 1000);
+            return { ...data, expiry };
         }
     }
     catch (error) {

dist/index.js

@@ -7,7 +7,7 @@ process.env.VERSION = "1.0.0";
 // Initialize server with logging capability
 const server = new McpServer({
     name: "MongoDB Atlas",
-    version: process.env.VERSION || "1.0.0",
+    version: process.env.VERSION,
     capabilities: {
         logging: { enabled: true },
         tools: { listChanged: false }
@@ -19,24 +19,24 @@ server.server.registerCapabilities({
     tools: { enabled: true },
 });
 export function log(targetLevel, data) {
-    // Convert objects to string for better logging
-    const message = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
-    // Always log to console as a fallback
-    console[targetLevel === "debug" ? "log" : targetLevel](message);
-    // Only attempt MCP logging after the server is connected
-    if (server.server && server.server.transport) {
-        try {
-            // Use the underlying Server instance which has the sendLoggingMessage method
-            server.server.sendLoggingMessage({
-                level: targetLevel,
-                data: message,
-            });
-        }
-        catch (e) {
-            // Just use console logging if MCP logging fails
-            console.error("MCP logging failed, using console logging instead");
-        }
-    }
+    console.error(`${targetLevel}: ${data}`);
+    // // Convert objects to string for better logging
+    // const message = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
+    // // Always log to console as a fallback
+    // console[targetLevel === "debug" ? "log" : targetLevel](message);
+    // // Only attempt MCP logging after the server is connected
+    // if (server.server && server.server.transport) {
+    //     try {
+    //         // Use the underlying Server instance which has the sendLoggingMessage method
+    //         server.server.sendLoggingMessage({
+    //             level: targetLevel,
+    //             data: message,
+    //         });
+    //     } catch (e) {
+    //         // Just use console logging if MCP logging fails
+    //         console.error("MCP logging failed, using console logging instead");
+    //     }
+    // }
 }
 export const globalState = {
     auth: false,
@@ -46,6 +46,8 @@ defineTools(server, globalState);
 async function runServer() {
     const transport = new StdioServerTransport();
     await server.connect(transport);
+    // const response = await callAtlasAPI<any>('/groups/6273e01999910271a6b56768/clusters');
+    // console.error(response);
 }
 runServer().catch((error) => {
     console.error(`Fatal error running server:`, error);

package.json

@@ -9,7 +9,7 @@
     "build:addshebang": "echo '#!/usr/bin/env node' > dist/index2.js && cat dist/index.js >> dist/index2.js && mv dist/index2.js dist/index.js",
     "build:chmod": "chmod +x dist/index.js",
     "build": "npm run build:compile && npm run build:addshebang && npm run build:chmod",
-    "inspect": "npm run build && npx @modelcontextprotocol/inspector -- node dist/index.js"
+    "inspect": "npm run build && npx @modelcontextprotocol/inspector -- dist/index.js"
   },
   "license": "MIT",
   "devDependencies": {
@@ -21,5 +21,8 @@
   },
   "dependencies": {
     "@types/express": "^5.0.1"
+  },
+  "engines": {
+    "node": ">=23.0.0"
   }
 }

src/atlas-api.ts

@@ -64,7 +64,8 @@ export async function callAtlasAPI<T = any>(endpoint: string, method: string = '
             headers: {
                 'Authorization': `Bearer ${token}`,
                 'Content-Type': 'application/json',
-                'Accept': 'application/vnd.atlas.2025-04-07+json'
+                'Accept': 'application/vnd.atlas.2025-04-07+json',
+                credentials: 'include',
             },
             body: body ? JSON.stringify(body) : undefined,
         });

src/auth.ts

@@ -12,7 +12,9 @@ const wait = (milliseconds: number): Promise<void> => {
     return new Promise(resolve => setTimeout(resolve, milliseconds));
 };
 
-const TOKEN_FILE = path.resolve(__dirname, "token.json");
+
+
+const TOKEN_FILE = process.env.TOKEN_FILE || path.resolve(__dirname, "token.json");
 
 export interface AuthState {
     deviceCode: string;
@@ -131,15 +133,12 @@ export async function pollToken() {
 }
 
 export function saveToken(token: OAuthToken) {
+    globalState.auth = true;
+    authState.token = token;
     fs.writeFileSync(TOKEN_FILE, JSON.stringify({ token }));
     log("info", "Token saved to file.");
 }
 
-export function getToken(): OAuthToken | undefined {
-    if (!authState.token) {loadToken();}
-    return authState.token;
-}
-
 function loadToken(): { token?: OAuthToken } | undefined {    
     if (fs.existsSync(TOKEN_FILE)) {
         try {
@@ -152,6 +151,7 @@ function loadToken(): { token?: OAuthToken } | undefined {
                 return data;
             }
             log("info", "Token file exists but doesn't contain a valid token structure");
+            
         } catch (error) {
             log("error", `Error parsing token file: ${error}`);
         }
@@ -165,22 +165,29 @@ export async function isAuthenticated(): Promise<boolean> {
     if (globalState.auth) {
         return true;
     }
+    
+    const token = await getToken();
+    return globalState.auth;
+}
 
+export async function getToken(): Promise<OAuthToken | null> {
     // Try to load token from file if not already loaded
     if (!authState.token) {
         loadToken();
     }
 
     if (!authState.token) {
+        globalState.auth = false;
         log("info", "No token found after loading");
-        return false;
+        return null;
     }
 
     // Validate the existing token
     try {
         log("info", "Validating token...");
         if (validateToken(authState.token)) {
-            return true;
+            globalState.auth = true;
+            return authState.token;
         }
 
         // If the token is invalid, attempt to refresh it
@@ -191,15 +198,15 @@ export async function isAuthenticated(): Promise<boolean> {
             globalState.auth = true;
             log("info", "Token refreshed successfully.");
             saveToken(refreshedToken);
-            return true;
+            return refreshedToken;
         }
         log("error", "Failed to refresh token.");
     } catch (error) {
         log("error", `Error during token validation or refresh: ${error}`);
     }
 
     globalState.auth = false;
-    return false;
+    return null;
 }
 
 function validateToken(tokenData: OAuthToken): boolean {
@@ -211,7 +218,7 @@ function validateToken(tokenData: OAuthToken): boolean {
 
         // If expiry is zero value (not set), consider token not expired (like in Go)
         if (!tokenData.expiry) {
-            return true;
+            return false;
         }
 
         // Match the Go code's expiryDelta concept (10 seconds)
@@ -254,7 +261,12 @@ async function refreshToken(token: string): Promise<OAuthToken | null> {
 
         if (response.ok) {
             const data = await response.json() as OAuthToken;
-            return data;
+            
+            const buf = Buffer.from(data.access_token.split('.')[1], 'base64').toString()
+            const jwt = JSON.parse(buf);
+            const expiry = new Date(jwt.exp * 1000);
+
+            return {...data, expiry};
         }
     } catch (error) {
         log("info", `Error refreshing token: ${error}`);

src/index.ts

@@ -1,6 +1,7 @@
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { defineTools } from "./tools.js";
+import { callAtlasAPI } from "./atlas-api.js";
 
 // Set process env version
 process.env.VERSION = "1.0.0";
@@ -22,25 +23,26 @@ server.server.registerCapabilities({
 });
 
 export function log(targetLevel: "info" | "debug" | "error", data: string | unknown) {
-    // Convert objects to string for better logging
-    const message = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
+    console.error(`${targetLevel}: ${data}`);
+    // // Convert objects to string for better logging
+    // const message = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
 
-    // Always log to console as a fallback
-    console[targetLevel === "debug" ? "log" : targetLevel](message);
+    // // Always log to console as a fallback
+    // console[targetLevel === "debug" ? "log" : targetLevel](message);
 
-    // Only attempt MCP logging after the server is connected
-    if (server.server && server.server.transport) {
-        try {
-            // Use the underlying Server instance which has the sendLoggingMessage method
-            server.server.sendLoggingMessage({
-                level: targetLevel,
-                data: message,
-            });
-        } catch (e) {
-            // Just use console logging if MCP logging fails
-            console.error("MCP logging failed, using console logging instead");
-        }
-    }
+    // // Only attempt MCP logging after the server is connected
+    // if (server.server && server.server.transport) {
+    //     try {
+    //         // Use the underlying Server instance which has the sendLoggingMessage method
+    //         server.server.sendLoggingMessage({
+    //             level: targetLevel,
+    //             data: message,
+    //         });
+    //     } catch (e) {
+    //         // Just use console logging if MCP logging fails
+    //         console.error("MCP logging failed, using console logging instead");
+    //     }
+    // }
 }
 
 export interface GlobalState {
@@ -63,3 +65,5 @@ runServer().catch((error) => {
     console.error(`Fatal error running server:`, error);
     process.exit(1);
 });
+
+