zhengchen.tao
28f9a54ba9
把 Obsidian vault 通过 MCP 暴露给 Claude.ai,OAuth 走 nas-auth。 设计文档见 vault Coding/obsidian-mcp/obsidian-mcp 设计.md。 代码层落地参考 vault Coding/obsidian-mcp/MCP 实现指南.md。 V1+V2 同时实现(用户要求跳过分阶段直接全部): 读 Tools(需 scope=read:obsidian): - list_vault_tree(一次性 vault 地图,限制深度) - list_files / read_file(含 offset/limit 大文件分页) - search(子串匹配 + glob 过滤,最多 50 hits) - get_metadata(size / modified_at / has_frontmatter) 写 Tools(需 scope=write:obsidian): - write_file / append_file - 多重门禁:scope 校验 + 路径黑名单 + 写入白名单 + 永禁文件 - 永禁写:任意目录的 AGENTS.md / PROFILE.md / README.md / CLAUDE.md / 01-Secret/** - 白名单:02-ShengquGames/logs/ + Coding/ + NAS/NAS 待办清单.md - 写入审计日志按天 rotate(JSON line) 安全: - VaultPathResolver chroot:path traversal + symlink 双拒绝 - JwtBearer (HS256, Current+Previous fallback, MapInboundClaims=false) - aud=obsidian, iss=https://auth.zhengchentao.win - 黑名单:01-Secret / .obsidian / .trash / .git 技术栈: - .NET 10 + ModelContextProtocol SDK 1.0 - Streamable HTTP transport (POST /mcp) - JwtBearer 10.0 + IdentityModel.Tokens 8.x 部署: - Dockerfile multi-stage,runtime 装 ripgrep(V3 备用),non-root user - .gitea/workflows/build-image.yml:build + deploy 双 job,buildkit v0.13.2 - 容器内 :8080,宿主端口 9090 - 子域名 obs.zhengchentao.win - vault 挂载 /volume1/docker/webdav/data/Zhengchen:/vault:rw(V2 写入需要 rw) 测试:35/35 单测过(VaultPathResolver path traversal/blacklist/symlink + VaultWriteGuard whitelist/forbidden) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
70 lines
2.5 KiB
C#
70 lines
2.5 KiB
C#
using System.ComponentModel;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using ModelContextProtocol.Server;
|
|
using ObsidianMcp.Auth;
|
|
using ObsidianMcp.Services;
|
|
|
|
namespace ObsidianMcp.Tools;
|
|
|
|
[McpServerToolType]
|
|
public class WriteFileTool(
|
|
VaultWriteGuard guard,
|
|
AuditLogger audit,
|
|
IHttpContextAccessor http)
|
|
{
|
|
[McpServerTool]
|
|
[Description(
|
|
"Overwrite a vault file with new content (requires write:obsidian scope). " +
|
|
"Completely replaces the existing content. " +
|
|
"Only whitelisted paths are allowed: " +
|
|
" - 02-ShengquGames/logs/ (monthly work logs), " +
|
|
" - Coding/ (personal infra notes), " +
|
|
" - NAS/NAS 待办清单.md (NAS todo list). " +
|
|
"Vault entry files (AGENTS.md, PROFILE.md, README.md, CLAUDE.md) and 01-Secret/ are always forbidden. " +
|
|
"Use append_file to add content without overwriting.")]
|
|
public async Task<WriteResult> WriteFile(
|
|
[Description("Vault-relative path (must be in writable whitelist). " +
|
|
"e.g. '02-ShengquGames/logs/2026-05.md'")] string path,
|
|
[Description("Full file content to write (UTF-8). Replaces existing content entirely.")] string content)
|
|
{
|
|
// scope 校验
|
|
EnsureScope(ScopePolicies.WriteObsidian);
|
|
|
|
var user = GetUser();
|
|
var clientId = GetClientId();
|
|
string? absPath = null;
|
|
|
|
try
|
|
{
|
|
absPath = guard.EnsureWritable(path);
|
|
|
|
// 确保父目录存在
|
|
var dir = Path.GetDirectoryName(absPath)!;
|
|
Directory.CreateDirectory(dir);
|
|
|
|
await File.WriteAllTextAsync(absPath, content, System.Text.Encoding.UTF8);
|
|
var written = System.Text.Encoding.UTF8.GetByteCount(content);
|
|
|
|
audit.LogWrite(user, clientId, "write_file", path, written, ok: true);
|
|
return new WriteResult { Ok = true, WrittenBytes = written };
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
audit.LogWrite(user, clientId, "write_file", path, 0, ok: false, error: ex.Message);
|
|
throw;
|
|
}
|
|
}
|
|
|
|
private void EnsureScope(string requiredScope)
|
|
{
|
|
// OAuth 2.0 (RFC 6749) 规定 scope 大小写敏感,按 Ordinal 比对。
|
|
ToolScopeGuard.EnsureScope(http, requiredScope);
|
|
}
|
|
|
|
private string GetUser() =>
|
|
http.HttpContext?.User?.FindFirst("sub")?.Value ?? "unknown";
|
|
|
|
private string GetClientId() =>
|
|
http.HttpContext?.User?.FindFirst("client_id")?.Value ?? "unknown";
|
|
}
|