import React, { useState, useEffect } from "react"; import { Form, Select, Button as AntdButton, Tooltip, Input } from "antd"; import { InfoCircleOutlined } from "@ant-design/icons"; import { Button, TabGroup, TabList, Tab, TabPanels, TabPanel } from "@tremor/react"; import { AUTH_TYPE, OAUTH_FLOW, MCPServer, MCPServerCostInfo, TRANSPORT } from "./types"; import { updateMCPServer, testMCPToolsListRequest } from "../networking"; import MCPServerCostConfig from "./mcp_server_cost_config"; import MCPPermissionManagement from "./MCPPermissionManagement"; import MCPToolConfiguration from "./mcp_tool_configuration"; import StdioConfiguration from "./StdioConfiguration"; import { validateMCPServerUrl, validateMCPServerName } from "./utils"; import NotificationsManager from "../molecules/notifications_manager"; import { useMcpOAuthFlow } from "@/hooks/useMcpOAuthFlow"; interface MCPServerEditProps { mcpServer: MCPServer; accessToken: string | null; onCancel: () => void; onSuccess: (server: MCPServer) => void; availableAccessGroups: string[]; } const AUTH_TYPES_REQUIRING_AUTH_VALUE = [AUTH_TYPE.API_KEY, AUTH_TYPE.BEARER_TOKEN, AUTH_TYPE.BASIC]; const AUTH_TYPES_REQUIRING_CREDENTIALS = [...AUTH_TYPES_REQUIRING_AUTH_VALUE, AUTH_TYPE.OAUTH2]; const EDIT_OAUTH_UI_STATE_KEY = "litellm-mcp-oauth-edit-state"; const MCPServerEdit: React.FC = ({ mcpServer, accessToken, onCancel, onSuccess, availableAccessGroups, }) => { const [form] = Form.useForm(); const [costConfig, setCostConfig] = useState({}); const [tools, setTools] = useState([]); const [isLoadingTools, setIsLoadingTools] = useState(false); const [searchValue, setSearchValue] = useState(""); const [aliasManuallyEdited, setAliasManuallyEdited] = useState(false); const [allowedTools, setAllowedTools] = useState([]); const [toolNameToDisplayName, setToolNameToDisplayName] = useState>({}); const [toolNameToDescription, setToolNameToDescription] = useState>({}); const [pendingRestoredValues, setPendingRestoredValues] = useState | null>(null); const authType = Form.useWatch("auth_type", form) as string | undefined; const transportType = Form.useWatch("transport", form) as string | undefined; const isStdioTransport = transportType === "stdio"; const isOpenAPITransport = transportType === TRANSPORT.OPENAPI; const isMCPTransport = !isStdioTransport && !isOpenAPITransport; const shouldShowAuthValueField = authType ? AUTH_TYPES_REQUIRING_AUTH_VALUE.includes(authType) : false; const isOAuthAuthType = authType === AUTH_TYPE.OAUTH2; const oauthFlowTypeValue = Form.useWatch("oauth_flow_type", form) as string | undefined; const isM2MFlow = isOAuthAuthType && oauthFlowTypeValue === OAUTH_FLOW.M2M; const [oauthAccessToken, setOauthAccessToken] = useState(null); // Watch form fields that affect tool fetching const currentUrl = Form.useWatch("url", form); const currentSpecPath = Form.useWatch("spec_path", form); const currentServerName = Form.useWatch("server_name", form); const currentAuthType = Form.useWatch("auth_type", form); const currentStaticHeaders = Form.useWatch("static_headers", form); const currentCredentials = Form.useWatch("credentials", form); const currentAuthorizationUrl = Form.useWatch("authorization_url", form); const currentTokenUrl = Form.useWatch("token_url", form); const currentRegistrationUrl = Form.useWatch("registration_url", form); const persistEditUiState = () => { if (typeof window === "undefined") { return; } try { const values = form.getFieldsValue(true); window.sessionStorage.setItem( EDIT_OAUTH_UI_STATE_KEY, JSON.stringify({ serverId: mcpServer.server_id, formValues: values, costConfig, allowedTools, searchValue, aliasManuallyEdited, }), ); } catch (err) { console.warn("Failed to persist MCP edit state", err); } }; const { startOAuthFlow, status: oauthStatus, error: oauthError, tokenResponse: oauthTokenResponse, } = useMcpOAuthFlow({ accessToken, getCredentials: () => form.getFieldValue("credentials"), getTemporaryPayload: () => { const values = form.getFieldsValue(true); const url = values.url || mcpServer.url; const transport = values.transport || mcpServer.transport; if (!url || !transport) { return null; } const staticHeaders = Array.isArray(values.static_headers) ? values.static_headers.reduce((acc: Record, entry: Record) => { const header = entry?.header?.trim(); if (!header) { return acc; } acc[header] = entry?.value ?? ""; return acc; }, {}) : ({} as Record); return { server_id: mcpServer.server_id, server_name: values.server_name || mcpServer.server_name || mcpServer.alias, alias: values.alias || mcpServer.alias, description: values.description || mcpServer.description, url, transport, auth_type: AUTH_TYPE.OAUTH2, credentials: values.credentials, mcp_access_groups: values.mcp_access_groups || mcpServer.mcp_access_groups, static_headers: staticHeaders, command: values.command, args: values.args, env: values.env, }; }, onTokenReceived: (token) => { setOauthAccessToken(token?.access_token ?? null); if (token?.access_token) { const credentials = { access_token: token.access_token, ...(token.refresh_token && { refresh_token: token.refresh_token }), ...(token.expires_in && { expires_in: token.expires_in }), ...(token.scope && { scope: token.scope }), }; form.setFieldsValue({ credentials }); NotificationsManager.success( "OAuth authorization successful! Please click 'Update MCP Server' to save the credentials." ); } }, onBeforeRedirect: persistEditUiState, }); const initialStaticHeaders = React.useMemo(() => { if (!mcpServer.static_headers) { return []; } return Object.entries(mcpServer.static_headers).map(([header, value]) => ({ header, value: value != null ? String(value) : "", })); }, [mcpServer.static_headers]); const initialEnvJson = React.useMemo(() => { const env = mcpServer.env ?? undefined; if (!env || Object.keys(env).length === 0) { return ""; } try { return JSON.stringify(env, null, 2); } catch { return ""; } }, [mcpServer.env]); // If server has spec_path, show it as "openapi" transport in the UI const effectiveTransport = React.useMemo(() => { if (mcpServer.spec_path && mcpServer.transport !== "stdio") { return TRANSPORT.OPENAPI; } return mcpServer.transport; }, [mcpServer]); const initialValues = React.useMemo( () => ({ ...mcpServer, transport: effectiveTransport, static_headers: initialStaticHeaders, oauth_flow_type: mcpServer.token_url ? OAUTH_FLOW.M2M : OAUTH_FLOW.INTERACTIVE, }), [mcpServer, effectiveTransport, initialStaticHeaders, initialEnvJson], ); // Initialize cost config from existing server data useEffect(() => { if (mcpServer.mcp_info?.mcp_server_cost_info) { setCostConfig(mcpServer.mcp_info.mcp_server_cost_info); } }, [mcpServer]); // Initialize allowed tools and tool overrides from existing server data useEffect(() => { if (mcpServer.allowed_tools) { setAllowedTools(mcpServer.allowed_tools); } setToolNameToDisplayName(mcpServer.tool_name_to_display_name ?? {}); setToolNameToDescription(mcpServer.tool_name_to_description ?? {}); }, [mcpServer]); useEffect(() => { if (typeof window === "undefined") { return; } const storedState = window.sessionStorage.getItem(EDIT_OAUTH_UI_STATE_KEY); if (!storedState) { return; } try { const parsed = JSON.parse(storedState); if (!parsed || parsed.serverId !== mcpServer.server_id) { return; } if (parsed.formValues) { setPendingRestoredValues({ ...mcpServer, ...parsed.formValues }); } if (parsed.costConfig) { setCostConfig(parsed.costConfig); } if (parsed.allowedTools) { setAllowedTools(parsed.allowedTools); } if (parsed.searchValue) { setSearchValue(parsed.searchValue); } if (typeof parsed.aliasManuallyEdited === "boolean") { setAliasManuallyEdited(parsed.aliasManuallyEdited); } } catch (err) { console.error("Failed to restore MCP edit state", err); } finally { window.sessionStorage.removeItem(EDIT_OAUTH_UI_STATE_KEY); } }, [form, mcpServer]); useEffect(() => { if (!pendingRestoredValues) { return; } const transport = pendingRestoredValues.transport || mcpServer.transport; if (transport && transport !== form.getFieldValue("transport")) { form.setFieldsValue({ transport }); return; } form.setFieldsValue(pendingRestoredValues); setPendingRestoredValues(null); }, [pendingRestoredValues, form, mcpServer.transport]); // Transform string array to object array for initial form values useEffect(() => { if (mcpServer.mcp_access_groups) { // If access groups are objects, extract the name property; if strings, use as is const groupNames = mcpServer.mcp_access_groups.map((g: any) => (typeof g === "string" ? g : g.name || String(g))); form.setFieldValue("mcp_access_groups", groupNames); } }, [mcpServer]); // Fetch tools when component mounts or when OAuth token is received // But only if the server has been properly saved (has a permanent server_id) useEffect(() => { // Don't fetch if server hasn't been saved yet (no permanent server_id) if (!mcpServer.server_id || mcpServer.server_id.trim() === "") { return; } fetchTools(); }, [mcpServer, accessToken, oauthAccessToken]); const fetchTools = async () => { if (!accessToken) return; // HTTP/SSE requires a URL (unless spec_path is set); stdio does not. if (mcpServer.transport !== "stdio" && !mcpServer.url && !mcpServer.spec_path) return; const isM2M = mcpServer.auth_type === AUTH_TYPE.OAUTH2 && !!mcpServer.token_url; if (mcpServer.auth_type === AUTH_TYPE.OAUTH2 && !isM2M && !oauthAccessToken) { return; } setIsLoadingTools(true); try { // Prepare the MCP server config from existing server data const mcpServerConfig = { server_id: mcpServer.server_id, server_name: mcpServer.server_name, url: mcpServer.url, transport: mcpServer.transport, auth_type: mcpServer.auth_type, mcp_info: mcpServer.mcp_info, authorization_url: mcpServer.authorization_url, token_url: mcpServer.token_url, registration_url: mcpServer.registration_url, command: mcpServer.command, args: mcpServer.args, env: mcpServer.env, }; const toolsResponse = await testMCPToolsListRequest(accessToken, mcpServerConfig, oauthAccessToken); if (toolsResponse.tools && !toolsResponse.error) { setTools(toolsResponse.tools); } else { console.error("Failed to fetch tools:", toolsResponse.message); setTools([]); } } catch (error) { console.error("Tools fetch error:", error); setTools([]); } finally { setIsLoadingTools(false); } }; // Generate options with existing groups and potential new group const getAccessGroupOptions = () => { const existingOptions = availableAccessGroups.map((group: string) => ({ value: group, label: (

{group}

), })); // If search value doesn't match any existing group and is not empty, add "create new group" option if ( searchValue && !availableAccessGroups.some((group) => group.toLowerCase().includes(searchValue.toLowerCase())) ) { existingOptions.push({ value: searchValue, label: (

{searchValue} create new group

), }); } return existingOptions; }; const handleTransportChange = (value: string) => { // Clear fields that are not relevant for the selected transport. if (value === "stdio") { form.setFieldsValue({ url: undefined, spec_path: undefined, auth_type: undefined, credentials: undefined, authorization_url: undefined, token_url: undefined, registration_url: undefined, }); } else if (value === TRANSPORT.OPENAPI) { form.setFieldsValue({ url: undefined, command: undefined, args: undefined, env_json: undefined, stdio_config: undefined, }); } else { form.setFieldsValue({ spec_path: undefined, command: undefined, args: undefined, env_json: undefined, stdio_config: undefined, }); } }; const handleSave = async (values: Record) => { if (!accessToken) return; try { // Ensure access groups is always a string array const { static_headers: staticHeadersList, credentials: credentialValues, stdio_config: rawStdioConfig, env_json: rawEnvJson, command: rawCommand, args: rawArgs, allow_all_keys: allowAllKeysRaw, available_on_public_internet: availableOnPublicInternetRaw, ...restValues } = values; const accessGroups = (restValues.mcp_access_groups || []).map((g: any) => typeof g === "string" ? g : g.name || String(g), ); const staticHeaders = Array.isArray(staticHeadersList) ? staticHeadersList.reduce((acc: Record, entry: Record) => { const header = entry?.header?.trim(); if (!header) { return acc; } acc[header] = entry?.value ?? ""; return acc; }, {}) : ({} as Record); const credentialsPayload = credentialValues && typeof credentialValues === "object" ? Object.entries(credentialValues).reduce((acc: Record, [key, value]) => { if (value === undefined || value === null || value === "") { return acc; } if (key === "scopes") { if (Array.isArray(value)) { const filteredScopes = value.filter((scope) => scope != null && scope !== ""); if (filteredScopes.length > 0) { acc[key] = filteredScopes; } } } else { acc[key] = value; } return acc; }, {}) : undefined; let stdioFields: Record = {}; if (restValues.transport === "stdio") { // Prefer JSON config if provided (matches Create screen behavior) if (rawStdioConfig) { try { const stdioConfig = JSON.parse(rawStdioConfig); let actualConfig = stdioConfig; if (stdioConfig?.mcpServers && typeof stdioConfig.mcpServers === "object") { const serverNames = Object.keys(stdioConfig.mcpServers); if (serverNames.length > 0) { actualConfig = stdioConfig.mcpServers[serverNames[0]]; } } const parsedArgs = Array.isArray(actualConfig?.args) ? actualConfig.args.map((v: any) => String(v)).filter((v: string) => v.trim() !== "") : []; const parsedEnv = actualConfig?.env && typeof actualConfig.env === "object" && !Array.isArray(actualConfig.env) ? Object.entries(actualConfig.env).reduce((acc: Record, [k, v]) => { if (k == null || String(k).trim() === "") return acc; acc[String(k)] = v == null ? "" : String(v); return acc; }, {}) : {}; stdioFields = { command: actualConfig?.command ? String(actualConfig.command) : undefined, args: parsedArgs, env: parsedEnv, }; if (!stdioFields.command) { NotificationsManager.fromBackend("Stdio configuration must include a command"); return; } } catch { NotificationsManager.fromBackend("Invalid JSON in stdio configuration"); return; } } else { // Dedicated fields path (command/args + env JSON) let parsedEnv: Record = {}; if (rawEnvJson) { try { const env = JSON.parse(rawEnvJson); if (env && typeof env === "object" && !Array.isArray(env)) { parsedEnv = Object.entries(env).reduce((acc: Record, [k, v]) => { if (k == null || String(k).trim() === "") return acc; acc[String(k)] = v == null ? "" : String(v); return acc; }, {}); } } catch { NotificationsManager.fromBackend("Invalid JSON in stdio env configuration"); return; } } const parsedArgs = Array.isArray(rawArgs) ? rawArgs.map((v: any) => String(v)).filter((v: string) => v.trim() !== "") : []; const parsedCommand = rawCommand ? String(rawCommand).trim() : ""; if (!parsedCommand) { NotificationsManager.fromBackend("Stdio transport requires a command"); return; } stdioFields = { command: parsedCommand, args: parsedArgs, env: parsedEnv, }; } } // Map "openapi" transport to "http" for the backend if (restValues.transport === TRANSPORT.OPENAPI) { restValues.transport = "http"; } // Prepare the payload with cost configuration and permission fields const mcpInfoServerName = restValues.server_name || restValues.url || mcpServer.server_name || mcpServer.url || restValues.alias || mcpServer.alias || "unknown"; const payload: Record = { ...restValues, ...stdioFields, // Remove UI-only fields stdio_config: undefined, env_json: undefined, server_id: mcpServer.server_id, mcp_info: { server_name: mcpInfoServerName, description: restValues.description, mcp_server_cost_info: Object.keys(costConfig).length > 0 ? costConfig : null, }, mcp_access_groups: accessGroups, alias: restValues.alias, // Include permission management fields extra_headers: restValues.extra_headers || [], allowed_tools: allowedTools.length > 0 ? allowedTools : null, tool_name_to_display_name: Object.keys(toolNameToDisplayName).length > 0 ? toolNameToDisplayName : null, tool_name_to_description: Object.keys(toolNameToDescription).length > 0 ? toolNameToDescription : null, disallowed_tools: restValues.disallowed_tools || [], static_headers: staticHeaders, allow_all_keys: Boolean(allowAllKeysRaw ?? mcpServer.allow_all_keys), available_on_public_internet: Boolean(availableOnPublicInternetRaw ?? mcpServer.available_on_public_internet), }; const includeCredentials = restValues.auth_type && AUTH_TYPES_REQUIRING_CREDENTIALS.includes(restValues.auth_type); if (includeCredentials && credentialsPayload && Object.keys(credentialsPayload).length > 0) { payload.credentials = credentialsPayload; } const updated = await updateMCPServer(accessToken, payload); NotificationsManager.success("MCP Server updated successfully"); onSuccess(updated); } catch (error: any) { NotificationsManager.fromBackend("Failed to update MCP Server" + (error?.message ? `: ${error.message}` : "")); } }; return ( Server Configuration Cost Configuration

validateMCPServerName(value), }, ]} > validateMCPServerName(value), }, ]} > setAliasManuallyEdited(true)} className="rounded-lg border-gray-300 focus:border-blue-500 focus:ring-blue-500" /> {/* URL field - only for HTTP/SSE */} {isMCPTransport && ( validateMCPServerUrl(value) }, ]} > )} {/* OpenAPI Spec URL - only for OpenAPI transport */} {isOpenAPITransport && ( OpenAPI Spec URL } name="spec_path" rules={[{ required: true, message: "Please enter an OpenAPI spec URL" }]} > )} {/* Authentication - for HTTP, SSE, and OpenAPI */} {!isStdioTransport && ( )} {isStdioTransport && (

Configure the stdio transport used to launch the MCP server process. You can either fill in the fields below or paste a JSON configuration.

Authorization URL Override (optional) } name="authorization_url" > Token URL Override (optional) } name="token_url" > Registration URL Override (optional) } name="registration_url" >

Use OAuth to fetch a fresh access token and temporarily save it in the session as the authentication value.

{oauthError &&

{oauthError}

} {oauthStatus === "success" && oauthTokenResponse?.access_token && (

Token fetched. Expires in {oauthTokenResponse.expires_in ?? "?"} seconds.

)}

)} {/* Permission Management / Access Control Section */}

{/* Tool Configuration Section */}

Cancel

); }; export default MCPServerEdit;