fix(BUY-8065): add Paperclip JWT auth to TypeScript API middleware#34
Open
fix(BUY-8065): add Paperclip JWT auth to TypeScript API middleware#34
Conversation
…lthz endpoint to Node.js MCP dist
…thog.ts, rebuild dist files, fix Node.js MCP healthz endpoint (BUY-5978)
…cy), increase initialDelay to 30s
Previously call_tool extracted the API key from the ApiKey model using key_hash, which is a bcrypt hash — not usable as a bearer token for downstream calls. Extract the raw Authorization header Bearer value instead, matching what the client actually sent. Fixes BUY-5978 Co-Authored-By: Paperclip <noreply@paperclip.ing>
…I_KEY Co-Authored-By: Paperclip <noreply@paperclip.ing>
… @buywhere/mcp-server - Remove 'not yet published' callout and STDIO 'coming soon' text - Add local package install path (npx -y @buywhere/mcp-server) - Add STDIO config examples for Claude Desktop and Cursor alongside HTTP transport Co-Authored-By: Paperclip <noreply@paperclip.ing>
…p-server - Remove 'not yet published' callout and 'coming soon' STDIO text - Add local package install path (npx -y @buywhere/mcp-server) - Add STDIO config examples for Claude Desktop and Cursor alongside HTTP transport - Remove duplicate 'Configure Cursor' section that was an accidental copy-paste Co-Authored-By: Paperclip <noreply@paperclip.ing>
…conf Proxies /mcp/ requests to the API backend (127.0.0.1:8000) which should have the MCP router mounted. Fixes 404 on /mcp/ after nginx adds a trailing slash redirect.
- Detect Paperclip JWT tokens by decoding payload (iss/aud check) - Verify tokens via GET /api/agents/me on Paperclip API - Auto-provision agent API keys on first valid token (enterprise tier) - Reuse provisioned keys on subsequent calls via signup_channel lookup - Replace inline res.status().json() with structured sendError/sendRateLimitError Co-Authored-By: Paperclip <noreply@paperclip.ing>
…n migration on deploy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes BUY-8065
Cherry-picked from richmondteo-code/buywhere-catalog-api#4