feat(chore): access-control interceptor support for MCP endpoint

access-control interceptor support for MCP endpoint

GH-1

Author: vaibhavbhalla2505

README.md

@@ -54,7 +54,7 @@ The schema field allows defining a Zod-based validation schema for tool input pa
   To use hooks with MCP tools, follow the provider-based approach:
 
   Step 1: Create a hook provider:
-  ```typescript
+  ```ts
   // src/providers/my-hook.provider.ts
   export class MyHookProvider implements Provider<McpHookFunction> {
     constructor(@inject(LOGGER.LOGGER_INJECT) private logger: ILogger) {}
@@ -66,7 +66,7 @@ The schema field allows defining a Zod-based validation schema for tool input pa
  }
   ```
   Step 2: Add binding key to McpHookBindings:
-  ```typescript
+  ```ts
   // src/keys.ts
   export namespace McpHookBindings {
     export const MY_HOOK = BindingKey.create<McpHookFunction>('hooks.mcp.myHook');
@@ -77,10 +77,65 @@ The schema field allows defining a Zod-based validation schema for tool input pa
   this.bind(McpHookBindings.MY_HOOK).toProvider(MyHookProvider);
  ```
   Step 4: Use in decorator:
-  ```typescript
+  ```ts
   @mcpTool({
    name: 'my-tool',
    description: 'my-description'
    preHookBinding: McpHookBindings.MY_HOOK,
     postHookBinding: 'hooks.mcp.myOtherHook' // or string binding key
   })
+  ```
+## MCP Access Control
+By default, any authenticated user can call the `/mcp` endpoint.
+To restrict which users can access MCP functionality, this extension supports adding a custom LoopBack 4 interceptor.
+
+Create an interceptor that validates the authenticated user before the request reaches the MCP controller.
+
+```ts
+import {
+  InvocationContext,
+  InvocationResult,
+  Provider,
+  ValueOrPromise,
+  inject,
+  interceptor,
+} from '@loopback/core';
+import {HttpErrors} from '@loopback/rest';
+import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
+
+@interceptor()
+export class McpAccessInterceptor implements Provider<Interceptor> {
+  constructor(
+    @inject(AuthenticationBindings.CURRENT_USER, {optional: true})
+    private readonly currentUser: IAuthUser,
+  ) {}
+
+  value() {
+    return this.intercept.bind(this);
+  }
+
+  intercept(
+    invocationCtx: InvocationContext,
+    next: () => ValueOrPromise<InvocationResult>,
+  ): ValueOrPromise<InvocationResult> {
+    if (!this.currentUser) {
+      throw new HttpErrors.Unauthorized('User not authenticated');
+    }
+
+    const user = this.currentUser;
+
+    // Example rule: only admins or users with `access-mcp` permission
+    if (user.role !== 'admin' && !user.permissions?.includes('access-mcp')) {
+      throw new HttpErrors.Forbidden(
+        `User ${user.username} is not allowed to access MCP`,
+      );
+    }
+
+    return next();
+  }
+}
+```
+Bind it in your `application.ts`:
+```ts
+this.bind(McpBindings.ACCESS_INTERCEPTOR).toProvider(McpAccessInterceptor);
+```

src/controllers/index.ts

@@ -1 +1 @@
-export * from './mcp-controller.controller';
+export * from './mcp.controller';

…controllers/mcp-controller.controller.ts src/controllers/mcp.controller.tssrc/controllers/mcp-controller.controller.ts renamed to src/controllers/mcp.controller.ts src/controllers/mcp-controller.controller.ts renamed to src/controllers/mcp.controller.ts

@@ -1,10 +1,11 @@
-import {inject, service} from '@loopback/core';
+import {inject, intercept, service} from '@loopback/core';
 import {post, Request, Response, RestBindings} from '@loopback/rest';
 import {StreamableHTTPServerTransport} from '@modelcontextprotocol/sdk/server/streamableHttp.js';
 import {CONTENT_TYPE, ILogger, LOGGER, STATUS_CODE} from '@sourceloop/core';
 import {authenticate, STRATEGY} from 'loopback4-authentication';
 import {authorize} from 'loopback4-authorization';
 import {McpServerFactory} from '../services';
+import {McpBindings} from '../keys';
 
 export class McpController {
   constructor(
@@ -18,8 +19,9 @@ export class McpController {
     passReqToCallback: true,
   })
   @authorize({
-    permissions: ['mcp.access'],
+    permissions: ['*'],
   })
+  @intercept(McpBindings.ACCESS_INTERCEPTOR)
   @post('/mcp', {
     summary: 'MCP HTTP Message',
     description: 'Handle MCP message via StreamableHTTP transport',

src/index.ts

@@ -2,3 +2,5 @@ export * from './component';
 export * from './types';
 export * from './decorators';
 export * from './observers';
+export * from './interceptors';
+export * from './keys';

src/interceptors/index.ts

@@ -0,0 +1 @@
+export * from './mcp-access.interceptor';

src/interceptors/mcp-access.interceptor.ts

@@ -0,0 +1,32 @@
+import {
+  Interceptor,
+  InvocationContext,
+  InvocationResult,
+  Provider,
+  ValueOrPromise,
+  inject,
+} from '@loopback/core';
+import {HttpErrors} from '@loopback/rest';
+import {IAuthUserWithPermissions} from '@sourceloop/core';
+import {AuthenticationBindings} from 'loopback4-authentication';
+
+export class McpAccessInterceptor implements Provider<Interceptor> {
+  constructor(
+    @inject(AuthenticationBindings.CURRENT_USER)
+    private readonly currentUser: IAuthUserWithPermissions,
+  ) {}
+
+  value() {
+    return this.intercept.bind(this);
+  }
+
+  intercept(
+    invocationCtx: InvocationContext,
+    next: () => ValueOrPromise<InvocationResult>,
+  ): ValueOrPromise<InvocationResult> {
+    if (!this.currentUser) {
+      throw new HttpErrors.Unauthorized('User not authenticated');
+    }
+    return next();
+  }
+}

src/keys.ts

@@ -1 +1,7 @@
-export namespace McpComponentBindings {}
+import {BindingKey, Interceptor} from '@loopback/core';
+
+export namespace McpBindings {
+  export const ACCESS_INTERCEPTOR = BindingKey.create<Interceptor>(
+    'mcp.access.interceptor',
+  );
+}