npm - @nado-language/mcp - Versions diffs - 0.1.3 → 0.1.5 - Mend

@nado-language/mcp 0.1.3 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -54,6 +54,8 @@ NADO_MCP_REFRESH_TOKEN='supabase-user-refresh-token'
 By default this uses the existing Azure Static Web Apps production site as a static OAuth relay. It does not require a new Azure Function, App Service, database, or paid runtime. The local helper still receives the final callback on `127.0.0.1`; Azure only serves the static relay page.
+The installed CLI opens the Nado relay page first. The relay stores the local callback in browser session storage, then sends Supabase a fixed redirect URL. This avoids Supabase rejecting a dynamic `redirect_to` URL with `local_callback` query parameters and falling back to the normal Nado web site.
 The MCP server refreshes expired access tokens with `NADO_MCP_REFRESH_TOKEN` and updates the auth file when Supabase rotates the refresh token.
 Supported local browser providers are `google`, `kakao`, and `apple`. Naver login is not available in the local MCP flow yet because the current Naver Edge Function uses fixed web/native redirect URLs.
@@ -64,6 +66,8 @@ Supabase Auth must allow the Azure relay redirect URL:
 https://language.nado.ai.kr/auth/mcp-callback
 ```
+Register the exact URL above. Do not include `local_callback`, `provider`, or other query parameters in the Supabase allow list.
 For direct local callback mode, run with `--redirect-mode local` and allow:
 ```text
@@ -73,6 +77,7 @@ http://127.0.0.1:*/callback
 You can inspect or clear local MCP auth with:
 ```bash
+nado-mcp --version
 nado-mcp status
 nado-mcp logout
 ```
@@ -84,6 +89,14 @@ npm run mcp:nado:auth -- status
 npm run mcp:nado:auth -- logout
 ```
+If the browser shows an error about an old, incomplete, truncated, or invalid PKCE login URL, close every old Nado MCP login tab, upgrade the package, and rerun login. Printed login URLs are single-run URLs and should not be reused:
+```bash
+npm install --global @nado-language/mcp@latest
+nado-mcp --version
+nado-mcp login --provider google
+```
 Manual access-token option:
 ```bash

package/dist/nado-mcp-auth.mjs CHANGED Viewed

@@ -16,12 +16,15 @@ const SUPPORTED_REDIRECT_MODES = new Set(['azure', 'local']);
 const scriptDir = path.dirname(fileURLToPath(import.meta.url));
 const repoRoot = path.resolve(scriptDir, '..');
+const packageVersion = readPackageVersion();
 const { command, options } = parseCli(process.argv.slice(2));
 try {
   if (options.help || command === 'help') {
     printHelp();
+  } else if (command === 'version') {
+    console.log(packageVersion);
   } else if (command === 'login') {
     await login(options);
   } else if (command === 'status') {
@@ -39,7 +42,10 @@ try {
 function parseCli(argv) {
   let command = 'login';
   let args = argv;
-  if (argv[0] && !argv[0].startsWith('-')) {
+  if (argv[0] === '--version' || argv[0] === '-v') {
+    command = 'version';
+    args = argv.slice(1);
+  } else if (argv[0] && !argv[0].startsWith('-')) {
     command = argv[0];
     args = argv.slice(1);
   }
@@ -77,6 +83,7 @@ function parseCli(argv) {
     else if (flag === '--timeout-ms') options.timeoutMs = Number(readValue());
     else if (flag === '--no-open') options.noOpen = true;
     else if (flag === '--help' || flag === '-h') options.help = true;
+    else if (flag === '--version' || flag === '-v') command = 'version';
     else throw new Error(`Unknown option: ${arg}`);
   }
@@ -183,19 +190,18 @@ async function login(options) {
   const localCallbackUrl = new URL(`http://127.0.0.1:${address.port}/callback`);
   localCallbackUrl.searchParams.set('state', state);
-  const redirectTo = buildRedirectTo(options, localCallbackUrl.toString());
-  const authUrl = buildAuthorizeUrl({
-    supabaseUrl: options.supabaseUrl,
+  const browserUrl = buildBrowserLoginUrl({
+    options,
     provider,
-    redirectTo,
+    localCallbackUrl: localCallbackUrl.toString(),
     codeChallenge,
   });
   console.log(`Opening browser for Nado MCP login (${provider}).`);
   console.log(`Local callback: ${localCallbackUrl.toString()}`);
   if (options.redirectMode === 'azure') console.log(`Azure relay: ${options.relayUrl}`);
-  if (!options.noOpen) openBrowser(authUrl);
-  console.log(`If the browser did not open, visit:\n${authUrl}`);
+  if (!options.noOpen) openBrowser(browserUrl);
+  console.log(`If the browser did not open, visit:\n${browserUrl}`);
   let timeoutId;
   const timeout = new Promise((_, reject) => {
@@ -217,18 +223,40 @@ function loginTimeoutError(options) {
     'Timed out waiting for browser login.',
     `Rerun \`nado-mcp login --provider ${options.provider} --timeout-ms 900000\` and keep the terminal open until the browser says login completed.`,
     'If the browser did not open, copy the printed URL into the same desktop browser where you can sign in.',
-    'If you already signed in but it still timed out, check that the browser can reach the printed 127.0.0.1 local callback URL and that Supabase Auth allows the relay URL.',
+    'If Google login succeeds but the browser lands on the normal Nado site, upgrade @nado-language/mcp and confirm Supabase Auth allows the exact relay URL without query parameters.',
+    'If it still times out after the relay page says it is returning to the local helper, check that the browser can reach the printed 127.0.0.1 local callback URL.',
   ].join(' '));
 }
-function buildRedirectTo(options, localCallbackUrl) {
-  if (options.redirectMode === 'local') return localCallbackUrl;
+function buildBrowserLoginUrl({ options, provider, localCallbackUrl, codeChallenge }) {
+  if (options.redirectMode === 'local') {
+    return buildAuthorizeUrl({
+      supabaseUrl: options.supabaseUrl,
+      provider,
+      redirectTo: localCallbackUrl,
+      codeChallenge,
+    });
+  }
+  return buildRelayStartUrl({
+    relayUrl: options.relayUrl,
+    localCallbackUrl,
+    provider,
+    supabaseUrl: options.supabaseUrl,
+    codeChallenge,
+  });
+}
-  const relayUrl = new URL(options.relayUrl);
+function buildRelayStartUrl({ relayUrl: value, localCallbackUrl, provider, supabaseUrl, codeChallenge }) {
+  const relayUrl = new URL(value);
   if (relayUrl.protocol !== 'https:') {
     throw new Error('--relay-url must be an HTTPS URL when --redirect-mode azure is used.');
   }
   relayUrl.searchParams.set('local_callback', localCallbackUrl);
+  relayUrl.searchParams.set('provider', provider);
+  relayUrl.searchParams.set('supabase_url', supabaseUrl);
+  relayUrl.searchParams.set('code_challenge', codeChallenge);
+  relayUrl.searchParams.set('client_version', packageVersion);
   return relayUrl.toString();
 }
@@ -436,6 +464,24 @@ function resolvePath(value) {
   return path.isAbsolute(value) ? value : path.resolve(process.cwd(), value);
 }
+function readPackageVersion() {
+  const candidates = [
+    path.join(repoRoot, 'packages', 'nado-mcp', 'package.json'),
+    path.join(scriptDir, '..', 'package.json'),
+  ];
+  for (const filePath of candidates) {
+    try {
+      const pkg = JSON.parse(readFileSync(filePath, 'utf8'));
+      if (pkg?.name === '@nado-language/mcp' && typeof pkg.version === 'string') {
+        return pkg.version;
+      }
+    } catch {
+      // Continue to the next candidate.
+    }
+  }
+  return '0.0.0-dev';
+}
 function listen(server, port) {
   return new Promise((resolve, reject) => {
     server.once('error', reject);
@@ -477,6 +523,7 @@ Usage:
   nado-mcp login [--provider google|kakao|apple]
   nado-mcp status
   nado-mcp logout
+  nado-mcp-auth --version
 Repo checkout aliases:
   npm run mcp:nado:auth -- [login] [--provider google|kakao|apple]
@@ -493,11 +540,16 @@ Options:
   --timeout-ms <number>   Login wait timeout. Default: 300000
   --supabase-url <url>    Supabase project URL
   --anon-key <key>        Supabase anon key
+  --version               Print installed Nado MCP version
 Default mode uses the existing Azure Static Web Apps site as a zero-new-resource
 OAuth relay. Supabase Auth must allow this redirect URL:
   ${DEFAULT_RELAY_URL}
+The relay starts login with local state in browser sessionStorage, then sends
+Supabase the fixed redirect URL above. Do not add local_callback query strings
+to the Supabase allow list.
 The optional local mode requires Supabase Auth to allow:
   http://127.0.0.1:*/callback
 `);

package/dist/nado-mcp-cli.mjs CHANGED Viewed

@@ -11,6 +11,7 @@ const sourceRoot = path.resolve(scriptDir, '..');
 const packageDistDir = scriptDir;
 const serverName = 'nado-language';
 const opencodeSchema = 'https://opencode.ai/config.json';
+const packageVersion = readPackageVersion();
 const serverPath = firstExisting([
   path.join(packageDistDir, 'nado-language-server.mjs'),
@@ -31,6 +32,8 @@ const args = process.argv.slice(3);
 try {
   if (command === 'help' || command === '--help' || command === '-h') {
     printHelp();
+  } else if (command === 'version' || command === '--version' || command === '-v') {
+    console.log(packageVersion);
   } else if (command === 'server') {
     await runNode(serverPath, args, { stdio: 'inherit' });
   } else if (command === 'login') {
@@ -240,6 +243,7 @@ async function doctor() {
   const probe = probeTools();
   console.log('Nado MCP doctor');
+  console.log(`Version: ${packageVersion}`);
   console.log(`Node: ${process.version}`);
   console.log(`Server: ${serverPath}${existsSync(serverPath) ? '' : ' (missing)'}`);
   console.log(`Auth CLI: ${authPath}${existsSync(authPath) ? '' : ' (missing)'}`);
@@ -789,6 +793,24 @@ function expandHome(value) {
   return text;
 }
+function readPackageVersion() {
+  const candidates = [
+    path.join(sourceRoot, 'packages', 'nado-mcp', 'package.json'),
+    path.join(packageDistDir, '..', 'package.json'),
+  ];
+  for (const filePath of candidates) {
+    try {
+      const pkg = JSON.parse(readFileSync(filePath, 'utf8'));
+      if (pkg?.name === '@nado-language/mcp' && typeof pkg.version === 'string') {
+        return pkg.version;
+      }
+    } catch {
+      // Continue to the next candidate.
+    }
+  }
+  return '0.0.0-dev';
+}
 function printHelp() {
   console.log(`Nado Language MCP
@@ -807,6 +829,7 @@ Usage:
   nado-mcp server                     Start the stdio MCP server
   nado-mcp probe list                 List exposed MCP tools
   nado-mcp doctor                     Print local paths and auth status
+  nado-mcp --version                  Print installed Nado MCP version
 Supported automatic setup clients:
   codex, claude, opencode

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nado-language/mcp",
-  "version": "0.1.3",
+  "version": "0.1.5",
   "description": "Nado Language MCP server for saving AI-generated English flashcards and practicing saved materials.",
   "type": "module",
   "private": false,