f5xc-auth
Verified Safeby robinmordasiewicz
Overview
Provides robust authentication and XDG-compliant profile management for Node.js applications interacting with F5 Distributed Cloud MCP (Multi-Cloud Platform) servers.
Installation
No command providedEnvironment Variables
- F5XC_API_URL
- F5XC_API_TOKEN
- F5XC_P12_BUNDLE
- F5XC_CERT
- F5XC_KEY
- F5XC_NAMESPACE
- F5XC_TLS_INSECURE
- F5XC_CA_BUNDLE
- LOG_LEVEL
- LOG_JSON
- XDG_CONFIG_HOME
- XDG_STATE_HOME
Security Notes
The library demonstrates strong security practices. It uses XDG-compliant directories for profile storage, enforcing secure file permissions (0o600 for profiles, 0o700 for config directories). Critical path validation is implemented in `src/utils/path-security.ts` to prevent directory traversal attacks, including checks for null bytes and `..` patterns, before reading sensitive files (P12 bundles, certificates, keys). TLS verification is enabled by default, with explicit warnings printed to stderr and logs if `F5XC_TLS_INSECURE` is set. API tokens are masked in logs. Credentials are sourced from environment variables or profiles, avoiding hardcoding. The overall design prioritizes secure handling of sensitive information and file access.
Similar Servers
mcp-framework
This repository provides a framework for integrating and managing OAuth authentication within a server application, potentially involving HTTP streaming.
oauth-mcp-proxy
OAuth 2.1 authentication library for Go MCP servers, supporting both mark3labs and official SDKs for token validation and caching.
generator-app-remote-mcp-server-generic
Provides backend services for a generic multi-cloud application generator, enabling remote application scaffolding and management across various cloud providers.
mcp-oauth-server
This server provides an OAuth 2.1 Authorization Server implementation, compliant with the MCP Authorization Spec, to handle authentication and authorization for MCP clients and resource servers.