You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs: optimize CLAUDE.md by moving detailed sections to dedicated docs (smart-mcp-proxy#190)
Move large documentation sections from CLAUDE.md to dedicated files
in docs/ for better maintainability and discoverability:
- Move OAuth Extra Parameters (~100 lines) → docs/oauth-extra-params.md
- Move Management Service Architecture (~80 lines) → docs/architecture.md
- Move Tray Application Architecture (~35 lines) → docs/architecture.md
- Move Runtime Architecture (~45 lines) → docs/architecture.md
- Move Zero-Config OAuth (~40 lines) → docs/oauth-resource-autodetect.md
- Remove stale Active Technologies section (~25 lines)
CLAUDE.md reduced from ~1035 to 736 lines (~29% smaller) while
preserving all information in organized documentation files.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
The tray application uses a state machine architecture for reliable core management. See [docs/architecture.md](docs/architecture.md) for details on:
288
+
- State machine states and transitions
289
+
- Process and health monitoring
290
+
- Error classification and retry logic
291
+
- Development environment variables
319
292
320
293
## Architecture Overview
321
294
@@ -371,85 +344,11 @@ Error states automatically retry core launch with exponential backoff:
371
344
372
345
### Management Service Architecture
373
346
374
-
The management service (`internal/management/`) provides a centralized business logic layer for upstream server management operations, eliminating code duplication across CLI, REST API, and MCP interfaces.
347
+
The management service (`internal/management/`) provides a centralized business logic layer for upstream server management, eliminating code duplication across CLI, REST API, and MCP interfaces.
See [docs/architecture.md](docs/architecture.md) for the full architecture diagram, component details, and usage examples.
451
350
452
-
**OpenAPI Documentation**: All REST endpoints are documented with OpenAPI 3.1 annotations and auto-generated Swagger spec. See `oas/swagger.yaml` for complete API reference.
351
+
**OpenAPI Documentation**: All REST endpoints are documented with OpenAPI 3.1 annotations. See `oas/swagger.yaml` for complete API reference.
453
352
454
353
### Tray-Core Communication (Unix Sockets / Named Pipes)
455
354
@@ -565,144 +464,12 @@ The `working_dir` field specifies the working directory for stdio MCP servers. U
565
464
- If directory doesn't exist, server startup fails with detailed error
566
465
- Compatible with Docker isolation (`isolation.working_dir` for container path)
567
466
568
-
### Zero-Config OAuth with Resource Auto-Detection (RFC 8707/9728)
569
-
570
-
MCPProxy automatically detects and injects the RFC 8707 `resource` parameter for OAuth providers like Runlayer. This enables zero-configuration OAuth for servers advertising Protected Resource Metadata (RFC 9728).
571
-
572
-
**How it works**:
573
-
1. MCPProxy sends a preflight HEAD request to the MCP server URL
574
-
2. If server returns 401 with `WWW-Authenticate` header containing `resource_metadata` URL, MCPProxy fetches the Protected Resource Metadata
575
-
3. The `resource` field from metadata is automatically injected into OAuth authorization URL and token requests
576
-
4. If metadata doesn't contain `resource`, MCPProxy falls back to using the server URL
2. Auto-detected resource from RFC 9728 Protected Resource Metadata
596
-
3. Fallback to server URL if metadata unavailable or lacks resource field
597
-
598
-
**Diagnostic Commands**:
599
-
```bash
600
-
# View auto-detected resource parameter
601
-
mcpproxy auth status --server=runlayer-slack
602
-
603
-
# Check for OAuth issues including resource detection
604
-
mcpproxy doctor
605
-
```
467
+
### OAuth Configuration
606
468
607
-
### OAuth Extra Parameters Configuration
469
+
MCPProxy supports zero-config OAuth with RFC 8707/9728 resource auto-detection for providers like Runlayer. See [docs/oauth-resource-autodetect.md](docs/oauth-resource-autodetect.md) for details.
608
470
609
-
MCPProxy also supports manual `extra_params` for OAuth providers requiring non-standard parameters. Manual params override auto-detected values.
471
+
For manual OAuth parameter configuration, see [docs/oauth-extra-params.md](docs/oauth-extra-params.md).
610
472
611
-
**Use Cases**:
612
-
-**RFC 8707 Resource Indicators**: Override auto-detected resource for multi-tenant authorization
613
-
-**Audience-Restricted Tokens**: Request tokens for specific API audiences
614
-
-**Tenant Identification**: Pass tenant/organization identifiers for multi-tenant OAuth
615
-
-**Custom Provider Extensions**: Support proprietary OAuth extensions from specific providers
616
-
617
-
**Example 1: Runlayer MCP Server with Resource Parameter**
- Graceful context cancellation cascades to all background services
963
-
- Upstream servers disconnected with proper Docker container cleanup
964
-
- Resources closed in dependency order (upstream → cache → index → storage)
687
+
The runtime package (`internal/runtime/`) provides core non-HTTP lifecycle management. See [docs/architecture.md](docs/architecture.md) for details on the event bus system, lifecycle management, and background services.
965
688
966
689
## Important Implementation Details
967
690
@@ -1009,26 +732,5 @@ The event bus enables real-time communication between runtime and UI components:
1009
732
- Double shutdown protection
1010
733
1011
734
When making changes to this codebase, ensure you understand the modular architecture and maintain the clear separation between core protocol handling, state management, and user interface components.
1012
-
- remember before running mcpproxy core u need to kill all mcpproxy instances, because it locks DB
1013
-
1014
-
## Active Technologies
1015
-
- Go 1.21+, TypeScript/Vue 3 (003-tool-annotations-webui)
1016
-
- BBolt (existing `server_{serverID}_tool_calls` buckets, new `sessions` bucket) (003-tool-annotations-webui)
1017
-
- Go 1.24.0 (004-management-health-refactor)
1018
-
- BBolt embedded database (`~/.mcpproxy/config.db`) for server configurations, quarantine status, and tool statistics (004-management-health-refactor)
1019
-
- BBolt embedded database (`~/.mcpproxy/config.db`) - used by existing runtime, no changes required (005-rest-management-integration)
- BBolt embedded database (`~/.mcpproxy/config.db`) - used by existing runtime for server configurations and OAuth token persistence, no schema changes required (006-oauth-extra-params)
1022
-
- Go 1.24.0 (as per existing project) (007-oauth-e2e-testing)
1023
-
- BBolt (existing `internal/storage/`) for token persistence (007-oauth-e2e-testing)
0 commit comments