Add API token authentication and restructure MCP server (#18)

* - partially revise code structure
- added tests: unit and end-to-end
- updated all libraries used by the server
- added the ability to access the server using a Globalping API token

* spelling and logic fixes according to coderabbit review

* Restore global fetch after tests to avoid side effects

* client limit set to default if below 1

* removed integration and oauth flow tests

* - rewritten using the official ts client
- tests have been rewritten as well. Cloudflare workers only allow integration and unit tests.

* format fix

* fixes according coderabbit

* fixes according coderrabit

* fixes according coderabbit

* Add GitHub Actions workflow for testing and update integration tests

- Created a new workflow file for running tests on every commit
- Updated tsconfig to correct the path for worker configuration.
- Changed isolatedStorage setting in vitest configuration to false.

* workflow fix

* workflow fix

* Improve API token request error handling and validation

* Fix API token request authorization check to handle missing type

* Add mcptotal.io to exception hosts list

* Add imports for AuthRequest and PKCECodePair in layout.ts

* Update configuration and dependencies; add new API route and improve token handling

Author: eyepokes

.github/workflows/test.yml

@@ -0,0 +1,52 @@
+name: Tests
+
+on:
+  push:
+    branches: ["*"]
+  pull_request:
+    branches: ["*"]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Create .dev.vars for integration tests
+        run: |
+          cat > .dev.vars << 'EOF'
+          GLOBALPING_CLIENT_ID=test-client-id
+          GLOBALPING_API_TOKEN=test-token-for-ci-environment
+          EOF
+
+      - name: Run TypeScript check
+        run: npx tsc --noEmit
+
+      - name: Run unit tests
+        run: npm run test:unit
+
+      - name: Run integration tests
+        run: npm run test:integration
+
+      - name: Upload test results
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: test-results
+          path: |
+            coverage/
+            test-results/
+          retention-days: 7
+          if-no-files-found: ignore

README.md

@@ -24,7 +24,7 @@
 
 The Globalping MCP Server implements the [Model Context Protocol (MCP)](https://modelcontextprotocol.io), allowing AI models like OpenAI's GPT and Anthropic's Claude to interact with Globalping's network measurement capabilities through natural language.
 
-It also supports oAuth authentication, which offers a secure way to interact with our API and benefits from higher rate limits associated with your account.
+It also supports two authentication methods: OAuth and API token authentication. Both methods offer a secure way to interact with our API and provide higher rate limits associated with your account.
 
 ### Key Features
 
@@ -33,7 +33,7 @@ It also supports oAuth authentication, which offers a secure way to interact wit
 - 📊 **Comprehensive Measurements**: Support for ping, traceroute, DNS, MTR, and HTTP tests
 - 🔍 **Smart Context Handling**: Provides detailed parameter descriptions for AI clients to intelligently select measurement types and options
 - 🔄 **Comparative Analysis**: Allows to compare network performance between different targets
-- 🔑 **oAuth Support**: Use your own Globalping account for higher rate limits
+- 🔑 **Authentication Support**: Use OAuth or API token with your Globalping account for higher rate limits
 
 
 ## Installation
@@ -129,6 +129,58 @@ Legacy SSE transport:
 }
 ```
 5. Click "Save" and restart Cursor
+## Authentication
+
+The Globalping MCP server supports two authentication methods:
+- **OAuth Authentication**: Automatically handled by the server for secure access
+- **API Token Authentication**: Manual token configuration via Authorization header
+
+Both methods provide higher rate limits and priority access to the probe network.
+
+### Using Globalping API Token
+
+The server automatically detects when an API token is provided in the Authorization header and uses it for authentication instead of OAuth.
+
+#### Getting Your API Token
+
+1. Visit [globalping.io](https://globalping.io)
+2. Sign in to your account
+3. Navigate to your account settings to generate an API token
+
+#### Configuration with Authentication
+
+Streamable HTTP transport:
+```json
+{
+    "mcpServers": {
+        "globalping": {
+            "command": "npx",
+            "args": [
+                "mcp-remote",
+                "https://mcp.globalping.dev/mcp",
+                "--header",
+                "Authorization: Bearer YOUR_GLOBALPING_API_TOKEN"
+            ]
+        }
+    }
+}
+```
+Legacy SSE transport:
+```json
+{
+    "mcpServers": {
+        "globalping": {
+            "command": "npx",
+            "args": [
+                "mcp-remote",
+                "https://mcp.globalping.dev/sse",
+                "--header",
+                "Authorization: Bearer YOUR_GLOBALPING_API_TOKEN"
+            ]
+        }
+    }
+}
+```
 
 ## Connecting AI Assistants
 
@@ -200,10 +252,14 @@ You can also combine these with a plus sign for more specific targeting: "London
 The codebase is organized into modules:
 
 - `src/index.ts` - Main entry point and MCP agent definition
-- `src/globalping/types.ts` - TypeScript interfaces for the Globalping API
-- `src/globalping/api.ts` - API wrapper functions for Globalping
-- `src/globalping/tools.ts` - MCP tool implementations
-- `src/utils.ts` - Helper utilities for rendering the web UI
+- `src/app.ts` - OAuth web routes
+- `src/api` - Globalping API client
+- `src/auth` - Authentication utilities
+- `src/config` - Configuration and constants
+- `src/lib` - Utility functions
+- `src/mcp` - MCP tool handlers
+- `src/types` - TypeScript type definitions
+- `src/ui` - HTML templates
 
 
 ### Add Globalping credentials
@@ -216,4 +272,4 @@ Add Globalping OAuth credentials:
 Used for `OAuthProvider` docs https://github.com/cloudflare/workers-oauth-provider
 - create a KV namespace and copy ID
 - binding for it must be `OAUTH_KV`
-- configure `kv_namespaces` in the `wrangler.jsonc` file
+- configure `kv_namespaces` in the `wrangler.jsonc` file

gemini-extension.json

@@ -1,13 +1,13 @@
 {
-  "name": "globalping",
-  "version": "0.0.2",
-  "description": "Enable AI models to interact with a global network measurement platform and run network measurements, benchmarks and tests.",
-  "mcpServers": {
-    "globalping-mcp": {
-      "httpUrl": "https://mcp.globalping.dev/mcp",
-      "oauth": {
-        "enabled": true
-      }
-    }
-  }
+	"name": "globalping",
+	"version": "0.0.2",
+	"description": "Enable AI models to interact with a global network measurement platform and run network measurements, benchmarks and tests.",
+	"mcpServers": {
+		"globalping-mcp": {
+			"httpUrl": "https://mcp.globalping.dev/mcp",
+			"oauth": {
+				"enabled": true
+			}
+		}
+	}
 }