@neus/sdk 1.2.1 → 1.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cjs/index.cjs +3 -0
- package/cjs/mcp-hosts.cjs +3 -0
- package/cli/neus.mjs +2635 -2475
- package/mcp-hosts.js +25 -0
- package/package.json +1 -1
package/mcp-hosts.js
CHANGED
|
@@ -57,11 +57,36 @@ export const IDE_HOST_BRAND_LOGOS = {
|
|
|
57
57
|
};
|
|
58
58
|
|
|
59
59
|
/**
|
|
60
|
+
* Build the MCP HTTP server config for an IDE/client.
|
|
61
|
+
*
|
|
62
|
+
* Two paths, one session model — same NEUS Profile/Account either way:
|
|
63
|
+
*
|
|
64
|
+
* - `npk_…` Profile access keys are durable (never expire). Written as a static
|
|
65
|
+
* `Authorization: Bearer npk_…` header. Used for operator IDEs, servers, CI,
|
|
66
|
+
* and automation where browser OAuth is unavailable.
|
|
67
|
+
* - OAuth (default for Cursor, VS Code, Claude Code, Codex): we return a URL-only
|
|
68
|
+
* config (no `headers`). The IDE MCP client discovers OAuth metadata from the
|
|
69
|
+
* server's `401 + WWW-Authenticate` challenge, then runs its own DCR + PKCE +
|
|
70
|
+
* silent-refresh lifecycle (matching Linear, GitHub, Notion). The access token
|
|
71
|
+
* is a short-lived JWT refreshed silently by the host for up to 30 days via the
|
|
72
|
+
* `offline_access` refresh token — the session is long-lived, the access token
|
|
73
|
+
* is not
|
|
74
|
+
*
|
|
75
|
+
* A raw OAuth access token (JWT) is never written as a static Bearer header: IDE
|
|
76
|
+
* MCP clients cannot refresh a static header, and writing one would create a
|
|
77
|
+
* session that dies when the access token expires. URL-only config is the correct
|
|
78
|
+
* OAuth path and is what `neus setup`/`neus auth` produce for browser-OAuth clients.
|
|
79
|
+
*
|
|
60
80
|
* @param {string | null | undefined} accessKey
|
|
61
81
|
* @returns {{ type: 'http'; url: string; headers?: { Authorization: string } }}
|
|
62
82
|
*/
|
|
63
83
|
export function buildNeusMcpHttpConfig(accessKey) {
|
|
64
84
|
const key = String(accessKey || '').trim();
|
|
85
|
+
// OAuth access tokens are JWTs (three dot-separated base64url segments). Never write
|
|
86
|
+
// them as a static Bearer header — return URL-only so the IDE runs OAuth itself.
|
|
87
|
+
if (key && !key.startsWith('npk_') && key.split('.').length === 3) {
|
|
88
|
+
return { type: 'http', url: NEUS_MCP_URL };
|
|
89
|
+
}
|
|
65
90
|
return {
|
|
66
91
|
type: 'http',
|
|
67
92
|
url: NEUS_MCP_URL,
|
package/package.json
CHANGED