feat: MCP OAuth (#178)

* feat: MCP OAuth * fix: redirect url and oauth
2026-04-27 07:16:19 +09:00 · 2026-03-04 00:41:05 +08:00
parent f0517a3a1f
commit 64609c2101
33 changed files with 4037 additions and 97 deletions
@@ -170,6 +170,11 @@ CREATE TABLE IF NOT EXISTS mcp_connections (
  type TEXT NOT NULL,
  config JSONB NOT NULL DEFAULT '{}'::jsonb,
  is_active BOOLEAN NOT NULL DEFAULT true,
+  status TEXT NOT NULL DEFAULT 'unknown',
+  tools_cache JSONB NOT NULL DEFAULT '[]'::jsonb,
+  last_probed_at TIMESTAMPTZ,
+  status_message TEXT NOT NULL DEFAULT '',
+  auth_type TEXT NOT NULL DEFAULT 'none',
  created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
  updated_at TIMESTAMPTZ NOT NULL DEFAULT now(),
  CONSTRAINT mcp_connections_type_check CHECK (type IN ('stdio', 'http', 'sse')),
@@ -178,6 +183,32 @@ CREATE TABLE IF NOT EXISTS mcp_connections (

 CREATE INDEX IF NOT EXISTS idx_mcp_connections_bot_id ON mcp_connections(bot_id);

+CREATE TABLE IF NOT EXISTS mcp_oauth_tokens (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  connection_id UUID NOT NULL UNIQUE REFERENCES mcp_connections(id) ON DELETE CASCADE,
+  resource_metadata_url TEXT NOT NULL DEFAULT '',
+  authorization_server_url TEXT NOT NULL DEFAULT '',
+  authorization_endpoint TEXT NOT NULL DEFAULT '',
+  token_endpoint TEXT NOT NULL DEFAULT '',
+  registration_endpoint TEXT NOT NULL DEFAULT '',
+  scopes_supported TEXT[] NOT NULL DEFAULT '{}',
+  client_id TEXT NOT NULL DEFAULT '',
+  client_secret TEXT NOT NULL DEFAULT '',
+  access_token TEXT NOT NULL DEFAULT '',
+  refresh_token TEXT NOT NULL DEFAULT '',
+  token_type TEXT NOT NULL DEFAULT 'Bearer',
+  expires_at TIMESTAMPTZ,
+  scope TEXT NOT NULL DEFAULT '',
+  pkce_code_verifier TEXT NOT NULL DEFAULT '',
+  state_param TEXT NOT NULL DEFAULT '',
+  resource_uri TEXT NOT NULL DEFAULT '',
+  redirect_uri TEXT NOT NULL DEFAULT '',
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+  updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);
+
+CREATE INDEX IF NOT EXISTS idx_mcp_oauth_tokens_connection_id ON mcp_oauth_tokens(connection_id);
+
 -- Bot history is bot-scoped (one history container per bot).

 CREATE TABLE IF NOT EXISTS bot_channel_configs (