@zereight/mcp-gitlab 2.0.33 → 2.0.35

package/build/oauth-proxy.js

@@ -0,0 +1,257 @@
+/**
+ * MCP OAuth Proxy — GitLab upstream
+ *
+ * Builds an OAuthServerProvider that handles the MCP spec OAuth flow while
+ * delegating actual authentication to a GitLab instance.
+ *
+ * ### Why not pure GitLab DCR?
+ *
+ * GitLab restricts dynamically registered (unverified) applications to the
+ * `mcp` scope, which is insufficient for API calls (need `api` or `read_api`).
+ * To work around this, the MCP server uses a **pre-registered GitLab OAuth
+ * application** (set via GITLAB_OAUTH_APP_ID env var) with the required scopes,
+ * and handles DCR locally — each MCP client gets a unique virtual client_id
+ * mapped to the real GitLab app.
+ *
+ * ### Flow
+ *
+ * 1. MCP client calls POST /register (DCR) — proxy stores redirect_uris locally
+ *    and returns a virtual client_id.
+ * 2. MCP client redirects to /authorize — proxy replaces the virtual client_id
+ *    with the real GitLab app client_id and forwards to GitLab.
+ * 3. User authorizes on GitLab — redirect comes back with auth code.
+ * 4. MCP client calls POST /token — proxy exchanges the code with GitLab using
+ *    the real client_id.
+ *
+ * Activated when GITLAB_MCP_OAUTH=true. All other auth modes are unaffected.
+ */
+import { InvalidTokenError, ServerError } from "@modelcontextprotocol/sdk/server/auth/errors.js";
+import { OAuthTokensSchema } from "@modelcontextprotocol/sdk/shared/auth.js";
+import { randomUUID } from "node:crypto";
+import { pino } from "pino";
+const logger = pino({ name: "gitlab-mcp-oauth-proxy" });
+// ---------------------------------------------------------------------------
+// Bounded LRU client cache
+// ---------------------------------------------------------------------------
+const CLIENT_CACHE_MAX_SIZE = 1000;
+class BoundedClientCache {
+    _map = new Map();
+    _maxSize;
+    constructor(maxSize) {
+        this._maxSize = maxSize;
+    }
+    get(clientId) {
+        const entry = this._map.get(clientId);
+        if (entry) {
+            this._map.delete(clientId);
+            this._map.set(clientId, entry);
+        }
+        return entry;
+    }
+    set(clientId, client) {
+        if (this._map.has(clientId)) {
+            this._map.delete(clientId);
+        }
+        else if (this._map.size >= this._maxSize) {
+            const lruKey = this._map.keys().next().value;
+            if (lruKey !== undefined)
+                this._map.delete(lruKey);
+        }
+        this._map.set(clientId, client);
+    }
+    get size() {
+        return this._map.size;
+    }
+}
+// ---------------------------------------------------------------------------
+// GitLab OAuth Server Provider
+// ---------------------------------------------------------------------------
+/**
+ * Minimum GitLab scopes required for the MCP server to function.
+ * Injected into the authorization request when the client does not request them.
+ */
+const REQUIRED_GITLAB_SCOPES_RW = ["api"];
+const REQUIRED_GITLAB_SCOPES_RO = ["read_api"];
+class GitLabOAuthServerProvider {
+    /**
+     * Tell the SDK not to validate PKCE locally — GitLab handles it.
+     */
+    skipLocalPkceValidation = true;
+    _gitlabBaseUrl;
+    _gitlabAppId;
+    _resourceName;
+    _requiredScopes;
+    _clientCache = new BoundedClientCache(CLIENT_CACHE_MAX_SIZE);
+    constructor(gitlabBaseUrl, gitlabAppId, resourceName, readOnly) {
+        this._gitlabBaseUrl = gitlabBaseUrl;
+        this._gitlabAppId = gitlabAppId;
+        this._resourceName = resourceName;
+        this._requiredScopes = readOnly ? REQUIRED_GITLAB_SCOPES_RO : REQUIRED_GITLAB_SCOPES_RW;
+    }
+    // ---- Client store (local DCR) ------------------------------------------
+    get clientsStore() {
+        const cache = this._clientCache;
+        const resourceName = this._resourceName;
+        return {
+            getClient: async (clientId) => {
+                const cached = cache.get(clientId);
+                if (cached)
+                    return cached;
+                // Unknown client — return a minimal stub so token exchange can proceed
+                // (GitLab is the ultimate validator).
+                return {
+                    client_id: clientId,
+                    redirect_uris: [],
+                    token_endpoint_auth_method: "none",
+                };
+            },
+            registerClient: async (client) => {
+                // Generate a virtual client_id; all real OAuth operations use _gitlabAppId.
+                const virtualClientId = randomUUID();
+                const registered = {
+                    client_id: virtualClientId,
+                    client_id_issued_at: Math.floor(Date.now() / 1000),
+                    redirect_uris: client.redirect_uris ?? [],
+                    token_endpoint_auth_method: "none",
+                    grant_types: client.grant_types ?? ["authorization_code"],
+                    client_name: client.client_name
+                        ? `${client.client_name} via ${resourceName}`
+                        : resourceName,
+                };
+                cache.set(virtualClientId, registered);
+                logger.info(`DCR: registered virtual client ${virtualClientId} (name: ${registered.client_name})`);
+                return registered;
+            },
+        };
+    }
+    // ---- Authorize ---------------------------------------------------------
+    async authorize(_client, params, res) {
+        const scopes = params.scopes ?? [];
+        const hasRequired = this._requiredScopes.some((s) => scopes.includes(s));
+        const effectiveScopes = hasRequired
+            ? scopes
+            : [...new Set([...scopes, ...this._requiredScopes])];
+        // Build the GitLab authorize URL with the REAL app client_id
+        const targetUrl = new URL(`${this._gitlabBaseUrl}/oauth/authorize`);
+        const searchParams = new URLSearchParams({
+            client_id: this._gitlabAppId,
+            response_type: "code",
+            redirect_uri: params.redirectUri,
+            code_challenge: params.codeChallenge,
+            code_challenge_method: "S256",
+        });
+        if (params.state)
+            searchParams.set("state", params.state);
+        if (effectiveScopes.length)
+            searchParams.set("scope", effectiveScopes.join(" "));
+        if (params.resource)
+            searchParams.set("resource", params.resource.href);
+        targetUrl.search = searchParams.toString();
+        logger.info(`authorize: redirecting to GitLab (app: ${this._gitlabAppId}, scopes: ${effectiveScopes.join(" ")})`);
+        res.redirect(targetUrl.toString());
+    }
+    // ---- PKCE challenge (delegated to GitLab) ------------------------------
+    async challengeForAuthorizationCode(_client, _authorizationCode) {
+        return "";
+    }
+    // ---- Token exchange ----------------------------------------------------
+    async exchangeAuthorizationCode(_client, authorizationCode, codeVerifier, redirectUri, resource) {
+        const params = new URLSearchParams({
+            grant_type: "authorization_code",
+            client_id: this._gitlabAppId,
+            code: authorizationCode,
+        });
+        if (codeVerifier)
+            params.append("code_verifier", codeVerifier);
+        if (redirectUri)
+            params.append("redirect_uri", redirectUri);
+        if (resource)
+            params.append("resource", resource.href);
+        const response = await fetch(`${this._gitlabBaseUrl}/oauth/token`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: params.toString(),
+        });
+        if (!response.ok) {
+            const body = await response.text();
+            logger.error(`Token exchange failed (${response.status}): ${body}`);
+            throw new ServerError(`Token exchange failed: ${response.status}`);
+        }
+        const data = await response.json();
+        return OAuthTokensSchema.parse(data);
+    }
+    // ---- Refresh token -----------------------------------------------------
+    async exchangeRefreshToken(_client, refreshToken, scopes, resource) {
+        const params = new URLSearchParams({
+            grant_type: "refresh_token",
+            client_id: this._gitlabAppId,
+            refresh_token: refreshToken,
+        });
+        if (scopes?.length)
+            params.set("scope", scopes.join(" "));
+        if (resource)
+            params.set("resource", resource.href);
+        const response = await fetch(`${this._gitlabBaseUrl}/oauth/token`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: params.toString(),
+        });
+        if (!response.ok) {
+            const body = await response.text();
+            logger.error(`Token refresh failed (${response.status}): ${body}`);
+            throw new ServerError(`Token refresh failed: ${response.status}`);
+        }
+        const data = await response.json();
+        return OAuthTokensSchema.parse(data);
+    }
+    // ---- Verify access token -----------------------------------------------
+    async verifyAccessToken(token) {
+        const res = await fetch(`${this._gitlabBaseUrl}/oauth/token/info`, {
+            headers: { Authorization: `Bearer ${token}` },
+        });
+        if (!res.ok) {
+            throw new InvalidTokenError("Invalid or expired GitLab OAuth token");
+        }
+        const info = (await res.json());
+        return {
+            token,
+            clientId: info.application?.uid ?? "dynamic",
+            scopes: info.scopes ?? [],
+            expiresAt: info.expires_in_seconds != null
+                ? Math.floor(Date.now() / 1000) + info.expires_in_seconds
+                : undefined,
+        };
+    }
+    // ---- Revoke token ------------------------------------------------------
+    async revokeToken(_client, request) {
+        const params = new URLSearchParams({
+            token: request.token,
+            client_id: this._gitlabAppId,
+        });
+        if (request.token_type_hint) {
+            params.set("token_type_hint", request.token_type_hint);
+        }
+        const response = await fetch(`${this._gitlabBaseUrl}/oauth/revoke`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: params.toString(),
+        });
+        if (!response.ok) {
+            throw new ServerError(`Token revocation failed: ${response.status}`);
+        }
+        await response.body?.cancel();
+    }
+}
+// ---------------------------------------------------------------------------
+// Factory
+// ---------------------------------------------------------------------------
+/**
+ * Build a GitLabOAuthServerProvider for the given GitLab instance.
+ *
+ * @param gitlabBaseUrl  Root URL of the GitLab instance (no trailing slash, no /api/v4).
+ * @param gitlabAppId    Client ID of the pre-registered GitLab OAuth application.
+ * @param resourceName   Human-readable name shown on the GitLab consent screen.
+ */
+export function createGitLabOAuthProvider(gitlabBaseUrl, gitlabAppId, resourceName = "GitLab MCP Server", readOnly = false) {
+    return new GitLabOAuthServerProvider(gitlabBaseUrl, gitlabAppId, resourceName, readOnly);
+}

package/build/oauth.js

@@ -1,3 +1,4 @@
+import * as crypto from "crypto";
 import * as fs from "fs";
 import * as os from "os";
 import * as path from "path";
@@ -10,7 +11,11 @@ import { pino } from "pino";
 const logger = pino({
     name: "gitlab-mcp-oauth",
     level: process.env.LOG_LEVEL || "info",
-});
+}, pino.destination(2));
+function escapeHtml(str) {
+    const map = { "&": "&amp;", "<": "&lt;", ">": "&gt;", '"': "&quot;", "'": "&#39;" };
+    return String(str).replace(/[&<>"']/g, c => map[c] || c);
+}
 // Track pending auth requests across multiple MCP instances
 const pendingAuthRequests = new Map();
 /**
@@ -225,7 +230,7 @@ export class GitLabOAuth {
      */
     async startOAuthFlow() {
         const callbackPort = parseInt(new URL(this.config.redirectUri).port || "8888");
-        const requestId = Math.random().toString(36).substring(7);
+        const requestId = crypto.randomUUID();
         // Check if port is already in use
         const portInUse = await isPortInUse(callbackPort);
         if (portInUse) {
@@ -250,7 +255,7 @@ export class GitLabOAuth {
         const requestIdToOAuthInstance = new Map();
         return new Promise((resolve, reject) => {
             // Create initial request
-            const state = Math.random().toString(36).substring(7);
+            const state = crypto.randomUUID();
             stateToRequestId.set(state, initialRequestId);
             requestIdToOAuthInstance.set(initialRequestId, this);
             const timeout = setTimeout(() => {
@@ -271,7 +276,7 @@ export class GitLabOAuth {
                         }
                         logger.info(`Received auth request from another instance: ${newRequestId}`);
                         // Create a new OAuth flow for this request
-                        const newState = Math.random().toString(36).substring(7);
+                        const newState = crypto.randomUUID();
                         stateToRequestId.set(newState, newRequestId);
                         // Store a reference to use the same OAuth config
                         requestIdToOAuthInstance.set(newRequestId, this);
@@ -315,7 +320,7 @@ export class GitLabOAuth {
                 <html>
                   <body>
                     <h1>Authentication Failed</h1>
-                    <p>Error: ${error}</p>
+                    <p>Error: ${escapeHtml(String(error))}</p>
                     <p>You can close this window.</p>
                   </body>
                 </html>
@@ -523,7 +528,7 @@ export async function initializeOAuthClient(gitlabUrl = "https://gitlab.com") {
         clientSecret,
         redirectUri,
         gitlabUrl,
-        scopes: ["api"],
+        scopes: [process.env.GITLAB_READ_ONLY_MODE === "true" ? "read_api" : "api"],
         tokenStoragePath,
     });
     // Single call: triggers browser flow if needed, or reads cached token