chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,83 @@
|
||||
/**
|
||||
* Starts the official Notion MCP server as a Streamable-HTTP sidecar for
|
||||
* the triage agent (see `runtime.ts`). Run with `pnpm notion-mcp`.
|
||||
*
|
||||
* Why a launcher instead of a raw npm script: the Notion server takes its
|
||||
* Notion integration secret via the `NOTION_TOKEN` env var and its HTTP
|
||||
* transport bearer via `AUTH_TOKEN` (or `--auth-token`). We keep the
|
||||
* example's env in a single `.env` (`NOTION_TOKEN` + `NOTION_MCP_AUTH_TOKEN`)
|
||||
* and map it here, so this works identically on Windows/macOS/Linux without
|
||||
* shell-specific env interpolation.
|
||||
*/
|
||||
import "dotenv/config";
|
||||
import { spawn } from "node:child_process";
|
||||
|
||||
const authToken = process.env["NOTION_MCP_AUTH_TOKEN"];
|
||||
const notionToken = process.env["NOTION_TOKEN"];
|
||||
|
||||
if (!authToken) {
|
||||
console.error(
|
||||
"[notion-mcp] NOTION_MCP_AUTH_TOKEN is required — it's the bearer the " +
|
||||
"agent uses to reach this sidecar. Set it in .env (any strong string).",
|
||||
);
|
||||
process.exit(1);
|
||||
}
|
||||
if (!notionToken) {
|
||||
console.error(
|
||||
"[notion-mcp] NOTION_TOKEN is required — the Notion integration secret " +
|
||||
"(ntn_...). Create one at notion.so → Settings → Connections.",
|
||||
);
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
// Port the sidecar listens on. Must agree with NOTION_MCP_URL in runtime.ts
|
||||
// (default http://127.0.0.1:3001/mcp).
|
||||
const port = process.env["NOTION_MCP_PORT"] ?? "3001";
|
||||
|
||||
// Notion's REST API requires a `Notion-Version` header. Authenticate via
|
||||
// OPENAPI_MCP_HEADERS (carrying BOTH Authorization and Notion-Version) rather
|
||||
// than NOTION_TOKEN: when NOTION_TOKEN is set the server builds its own auth
|
||||
// header and omits the version, so the API rejects every call with
|
||||
// 400 `missing_version`. We deliberately do NOT pass NOTION_TOKEN below.
|
||||
const notionVersion = process.env["NOTION_VERSION"] ?? "2022-06-28";
|
||||
const openApiHeaders = JSON.stringify({
|
||||
Authorization: `Bearer ${notionToken}`,
|
||||
"Notion-Version": notionVersion,
|
||||
});
|
||||
|
||||
// OPENAPI_MCP_HEADERS is the sole Notion auth source. NOTION_TOKEN must be
|
||||
// absent from the child env (dotenv loaded it into process.env, so delete it
|
||||
// after the spread) — if present, the server ignores OPENAPI_MCP_HEADERS and
|
||||
// drops the Notion-Version header.
|
||||
const childEnv = {
|
||||
...process.env,
|
||||
OPENAPI_MCP_HEADERS: openApiHeaders,
|
||||
AUTH_TOKEN: authToken,
|
||||
};
|
||||
delete childEnv["NOTION_TOKEN"];
|
||||
|
||||
const child = spawn(
|
||||
"npx",
|
||||
[
|
||||
"-y",
|
||||
"@notionhq/notion-mcp-server",
|
||||
"--transport",
|
||||
"http",
|
||||
"--port",
|
||||
port,
|
||||
"--auth-token",
|
||||
authToken,
|
||||
],
|
||||
{
|
||||
stdio: "inherit",
|
||||
// shell:true so Windows resolves `npx` -> `npx.cmd`. Node refuses to
|
||||
// spawn `.cmd`/`.bat` directly without a shell (CVE-2024-27980), which
|
||||
// otherwise fails with `spawn EINVAL`.
|
||||
shell: true,
|
||||
env: childEnv,
|
||||
},
|
||||
);
|
||||
|
||||
child.on("exit", (code) => process.exit(code ?? 0));
|
||||
process.on("SIGINT", () => child.kill("SIGINT"));
|
||||
process.on("SIGTERM", () => child.kill("SIGTERM"));
|
||||
Reference in New Issue
Block a user