Add body and auth support to MCP HTTP request tools

- Add body, bodyType, authentication, and authenticationType fields to create/update HTTP request MCP tools - Include comprehensive documentation for body structures and auth types in Zod descriptions - Fix MCP update_http_request to merge partial updates with existing data to prevent FK constraint violations - Fix Zod imports from 'zod/v4' to 'zod' to match installed version - Add uncaughtException handler to plugin runtime to prevent individual plugin crashes from crashing entire runtime
2026-05-29 19:00:49 +02:00 · 2026-01-01 10:33:28 -08:00
parent 92a8da03af
commit d544899f39
9 changed files with 105 additions and 20 deletions
@@ -1,5 +1,5 @@
 import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import * as z from 'zod/v4';
+import * as z from 'zod';
 import type { McpServerContext } from '../types.js';
 import { getWorkspaceContext } from './helpers.js';

@@ -131,6 +131,42 @@ export function registerHttpRequestTools(server: McpServer, ctx: McpServerContex
          )
          .optional()
          .describe('URL query parameters'),
+        bodyType: z
+          .string()
+          .optional()
+          .describe(
+            'Body type. Supported values: "binary", "graphql", "application/x-www-form-urlencoded", "multipart/form-data", or any text-based type (e.g., "application/json", "text/plain")',
+          ),
+        body: z
+          .record(z.string(), z.any())
+          .optional()
+          .describe(
+            'Body content object. Structure varies by bodyType:\n' +
+              '- "binary": { filePath: "/path/to/file" }\n' +
+              '- "graphql": { query: "{ users { name } }", variables: "{\\"id\\": \\"123\\"}" }\n' +
+              '- "application/x-www-form-urlencoded": { form: [{ name: "key", value: "val", enabled: true }] }\n' +
+              '- "multipart/form-data": { form: [{ name: "field", value: "text", file: "/path/to/file", enabled: true }] }\n' +
+              '- text-based (application/json, etc.): { text: "raw body content" }',
+          ),
+        authenticationType: z
+          .string()
+          .optional()
+          .describe(
+            'Authentication type. Common values: "basic", "bearer", "oauth2", "apikey", "jwt", "awsv4", "oauth1", "ntlm", "none". Use null to inherit from parent folder/workspace.',
+          ),
+        authentication: z
+          .record(z.string(), z.any())
+          .optional()
+          .describe(
+            'Authentication configuration object. Structure varies by authenticationType:\n' +
+              '- "basic": { username: "user", password: "pass" }\n' +
+              '- "bearer": { token: "abc123", prefix: "Bearer" }\n' +
+              '- "oauth2": { clientId: "...", clientSecret: "...", grantType: "authorization_code", authorizationUrl: "...", accessTokenUrl: "...", scope: "...", ... }\n' +
+              '- "apikey": { location: "header" | "query", key: "X-API-Key", value: "..." }\n' +
+              '- "jwt": { algorithm: "HS256", secret: "...", payload: "{ ... }" }\n' +
+              '- "awsv4": { accessKeyId: "...", secretAccessKey: "...", service: "sts", region: "us-east-1", sessionToken: "..." }\n' +
+              '- "none": {}',
+          ),
      }),
    },
    async ({ workspaceId: ogWorkspaceId, ...args }) => {
@@ -158,10 +194,7 @@ export function registerHttpRequestTools(server: McpServer, ctx: McpServerContex
      description: 'Update an existing HTTP request',
      inputSchema: z.object({
        id: z.string().describe('HTTP request ID to update'),
-        workspaceId: z
-          .string()
-          .optional()
-          .describe('Workspace ID (required if multiple workspaces are open)'),
+        workspaceId: z.string().describe('Workspace ID'),
        name: z.string().optional().describe('Request name'),
        url: z.string().optional().describe('Request URL'),
        method: z.string().optional().describe('HTTP method'),
@@ -187,11 +220,57 @@ export function registerHttpRequestTools(server: McpServer, ctx: McpServerContex
          )
          .optional()
          .describe('URL query parameters'),
+        bodyType: z
+          .string()
+          .optional()
+          .describe(
+            'Body type. Supported values: "binary", "graphql", "application/x-www-form-urlencoded", "multipart/form-data", or any text-based type (e.g., "application/json", "text/plain")',
+          ),
+        body: z
+          .record(z.string(), z.any())
+          .optional()
+          .describe(
+            'Body content object. Structure varies by bodyType:\n' +
+              '- "binary": { filePath: "/path/to/file" }\n' +
+              '- "graphql": { query: "{ users { name } }", variables: "{\\"id\\": \\"123\\"}" }\n' +
+              '- "application/x-www-form-urlencoded": { form: [{ name: "key", value: "val", enabled: true }] }\n' +
+              '- "multipart/form-data": { form: [{ name: "field", value: "text", file: "/path/to/file", enabled: true }] }\n' +
+              '- text-based (application/json, etc.): { text: "raw body content" }',
+          ),
+        authenticationType: z
+          .string()
+          .optional()
+          .describe(
+            'Authentication type. Common values: "basic", "bearer", "oauth2", "apikey", "jwt", "awsv4", "oauth1", "ntlm", "none". Use null to inherit from parent folder/workspace.',
+          ),
+        authentication: z
+          .record(z.string(), z.any())
+          .optional()
+          .describe(
+            'Authentication configuration object. Structure varies by authenticationType:\n' +
+              '- "basic": { username: "user", password: "pass" }\n' +
+              '- "bearer": { token: "abc123", prefix: "Bearer" }\n' +
+              '- "oauth2": { clientId: "...", clientSecret: "...", grantType: "authorization_code", authorizationUrl: "...", accessTokenUrl: "...", scope: "...", ... }\n' +
+              '- "apikey": { location: "header" | "query", key: "X-API-Key", value: "..." }\n' +
+              '- "jwt": { algorithm: "HS256", secret: "...", payload: "{ ... }" }\n' +
+              '- "awsv4": { accessKeyId: "...", secretAccessKey: "...", service: "sts", region: "us-east-1", sessionToken: "..." }\n' +
+              '- "none": {}',
+          ),
      }),
    },
    async ({ id, workspaceId, ...updates }) => {
      const workspaceCtx = await getWorkspaceContext(ctx, workspaceId);
-      const httpRequest = await workspaceCtx.yaak.httpRequest.update({ id, ...updates });
+      // Fetch existing request to merge with updates
+      const existing = await workspaceCtx.yaak.httpRequest.getById({ id });
+      if (!existing) {
+        throw new Error(`HTTP request with ID ${id} not found`);
+      }
+      // Merge existing fields with updates
+      const httpRequest = await workspaceCtx.yaak.httpRequest.update({
+        ...existing,
+        ...updates,
+        id,
+      });
      return {
        content: [{ type: 'text' as const, text: JSON.stringify(httpRequest, null, 2) }],
      };