neoris/openapi-mcp-generator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow insecure HTTPS connections (self-signed certificates)

Browse Source
This commit is contained in:
Sylvain Afchain 2025-09-18 01:48:19 +02:00
parent f29c277860
commit f1125a0119
No known key found for this signature in database
5 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -59,6 +59,7 @@ openapi-mcp-generator --input path/to/openapi.json --output path/to/output/dir -
| `--port` | `-p` | Port for web-based transports | `3000` | | `--port` | `-p` | Port for web-based transports | `3000` |
| `--default-include` | | Default behavior for x-mcp filtering. Accepts `true` or `false` (case-insensitive). `true` = include by default, `false` = exclude by default. | `true` | | `--default-include` | | Default behavior for x-mcp filtering. Accepts `true` or `false` (case-insensitive). `true` = include by default, `false` = exclude by default. | `true` |
| `--force` | | Overwrite existing files in the output directory without confirmation | `false` | | `--force` | | Overwrite existing files in the output directory without confirmation | `false` |
| `--insecure` | `-k` | Allow insecure HTTPS connections (self-signed certificates) | `false` |
## 📦 Programmatic API ## 📦 Programmatic API

3
src/generator/server-code.ts
View File

@ -35,7 +35,7 @@ export function generateMcpServerCode(
// Generate code for API tool execution // Generate code for API tool execution
const executeApiToolFunctionCode = generateExecuteApiToolFunction( const executeApiToolFunctionCode = generateExecuteApiToolFunction(
api.components?.securitySchemes api.components?.securitySchemes, options.insecure,
); );
// Generate code for request handlers // Generate code for request handlers
@ -105,6 +105,7 @@ import {
import { z, ZodError } from 'zod'; import { z, ZodError } from 'zod';
import { jsonSchemaToZod } from 'json-schema-to-zod'; import { jsonSchemaToZod } from 'json-schema-to-zod';
import axios, { type AxiosRequestConfig, type AxiosError } from 'axios'; import axios, { type AxiosRequestConfig, type AxiosError } from 'axios';
import https from 'https';
/** /**
* Type definition for JSON objects * Type definition for JSON objects

5
src/index.ts
View File

@ -87,6 +87,11 @@ program
true true
) )
.option('--force', 'Overwrite existing files without prompting') .option('--force', 'Overwrite existing files without prompting')
.option(
'-k, --insecure',
'Allow insecure HTTPS connections (self-signed certificates)',
(val) => normalizeBoolean(val)
)
.version(pkg.version) // Match package.json version .version(pkg.version) // Match package.json version
.action((options) => { .action((options) => {
runGenerator(options).catch((error) => { runGenerator(options).catch((error) => {

2
src/types/index.ts
View File

@ -35,6 +35,8 @@ export interface CliOptions {
* false = exclude by default unless x-mcp explicitly enables. * false = exclude by default unless x-mcp explicitly enables.
*/ */
defaultInclude?: boolean; defaultInclude?: boolean;
/** Allow insecure HTTPS connections (self-signed certificates) */
insecure?: boolean;
} }
/** /**

10
src/utils/security.ts
View File

@ -82,7 +82,7 @@ export function generateHttpSecurityCode(): string {
* *
* @returns Generated code for OAuth2 token acquisition * @returns Generated code for OAuth2 token acquisition
*/ */
export function generateOAuth2TokenAcquisitionCode(): string { export function generateOAuth2TokenAcquisitionCode(insecure?: boolean): string {
return ` return `
/** /**
* Type definition for cached OAuth tokens * Type definition for cached OAuth tokens
@ -165,7 +165,8 @@ async function acquireOAuth2Token(schemeName: string, scheme: any): Promise<stri
'Content-Type': 'application/x-www-form-urlencoded', 'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': \`Basic \${Buffer.from(\`\${clientId}:\${clientSecret}\`).toString('base64')}\` 'Authorization': \`Basic \${Buffer.from(\`\${clientId}:\${clientSecret}\`).toString('base64')}\`
}, },
data: formData.toString() data: formData.toString(),
${insecure ? 'httpsAgent: new https.Agent({ rejectUnauthorized: false })' : ''}
}); });
// Process the response // Process the response
@ -201,10 +202,10 @@ async function acquireOAuth2Token(schemeName: string, scheme: any): Promise<stri
* @returns Generated code for the execute API tool function * @returns Generated code for the execute API tool function
*/ */
export function generateExecuteApiToolFunction( export function generateExecuteApiToolFunction(
securitySchemes?: OpenAPIV3.ComponentsObject['securitySchemes'] securitySchemes?: OpenAPIV3.ComponentsObject['securitySchemes'], insecure?: boolean
): string { ): string {
// Generate OAuth2 token acquisition function // Generate OAuth2 token acquisition function
const oauth2TokenAcquisitionCode = generateOAuth2TokenAcquisitionCode(); const oauth2TokenAcquisitionCode = generateOAuth2TokenAcquisitionCode(insecure);
// Generate security handling code for checking, applying security // Generate security handling code for checking, applying security
const securityCode = ` const securityCode = `
@ -443,6 +444,7 @@ ${securityCode}
params: queryParams, params: queryParams,
headers: headers, headers: headers,
...(requestBodyData !== undefined && { data: requestBodyData }), ...(requestBodyData !== undefined && { data: requestBodyData }),
${insecure ? 'httpsAgent: new https.Agent({ rejectUnauthorized: false })' : ''}
}; };
// Log request info to stderr (doesn't affect MCP output) // Log request info to stderr (doesn't affect MCP output)