( permissionLevel: McpPermissionLevel = 'read' )
| 241 | * |
| 242 | */ |
| 243 | export function withMcpAuth<TParams = Record<string, string>>( |
| 244 | permissionLevel: McpPermissionLevel = 'read' |
| 245 | ) { |
| 246 | return function middleware(handler: McpRouteHandler<TParams>) { |
| 247 | return async function wrappedHandler( |
| 248 | request: NextRequest, |
| 249 | routeContext: { params: Promise<TParams> } |
| 250 | ): Promise<NextResponse> { |
| 251 | const authResult = await validateMcpAuth(request, permissionLevel) |
| 252 | |
| 253 | if (!authResult.success) { |
| 254 | return (authResult as AuthFailure).errorResponse |
| 255 | } |
| 256 | |
| 257 | try { |
| 258 | return await handler(request, (authResult as AuthResult).context, routeContext) |
| 259 | } catch (error) { |
| 260 | const bodyErrorResponse = mcpBodyReadErrorResponse(error, request) |
| 261 | if (bodyErrorResponse) return bodyErrorResponse |
| 262 | logger.error( |
| 263 | `[${(authResult as AuthResult).context.requestId}] Error in MCP route handler:`, |
| 264 | error |
| 265 | ) |
| 266 | return createMcpErrorResponse(toError(error), 'Internal server error', 500) |
| 267 | } |
| 268 | } |
| 269 | } |
| 270 | } |
no test coverage detected