mcp-auth
Verified Safeby epicweb-dev
Overview
An AI agent that provides a journaling interface, allowing users to create, read, update, and manage journal entries and tags through natural language interaction via the Model Context Protocol (MCP). It acts as a client to an external Epic Me database and OAuth server.
Installation
npm run devEnvironment Variables
- PORT (for local development, e.g., 8787)
- EPIC_ME_AUTH_SERVER_URL (conceptually, though hardcoded to localhost in dev)
- EPIC_ME_DB (Cloudflare D1 binding)
- OAUTH_KV (Cloudflare KV Namespace binding)
- EPIC_ME_MCP_OBJECT (Cloudflare Durable Object binding)
Security Notes
The server relies on an external OAuth 2.0 introspection endpoint (`/oauth/introspection`) to validate bearer tokens. It correctly implements `WWW-Authenticate` headers for unauthorized requests, guiding clients to discover authorization servers. Input validation is performed using `zod` schemas for API requests, which is good practice to prevent common injection vulnerabilities. No 'eval' or obvious code obfuscation found. The hardcoded `EPIC_ME_AUTH_SERVER_URL` to `localhost:7788` is a development configuration; in production, this should be an environment variable.
Similar Servers
mcp-server-cloudflare
Enable Large Language Models (LLMs) to interact with and automate tasks across various Cloudflare services through a standardized Model Context Protocol (MCP).
mcp-server
Provides secure OAuth-based authentication and a set of tools for querying and retrieving data from ThoughtSpot instances, acting as a Model Context Protocol (MCP) server for integration with various Large Language Models (LLMs).
portaljs-mcp-server
A remote Model Context Protocol (MCP) server deployed on Cloudflare Workers, providing AI agent tools to interact with PortalJS datasets for search, retrieval, and data preview.
agent-never-give-up-mcp
Provides metacognitive protocols to AI coding agents to help them recover from being stuck in common development scenarios without human intervention.