npm - gitlab-mcp-agent-server - Versions diffs - 0.2.0 → 0.2.2 - Mend

gitlab-mcp-agent-server 0.2.0 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/build/src/application/services/project-resolver.js CHANGED Viewed

@@ -11,12 +11,12 @@ class ProjectResolver {
         if (project !== undefined && project !== null && String(project).trim() !== '') {
             return project;
         }
-        if (this.config.gitlab.defaultProject) {
-            return this.config.gitlab.defaultProject;
-        }
         if (this.config.gitlab.autoResolveProjectFromGit && this.config.gitlab.autoDetectedProject) {
             return this.config.gitlab.autoDetectedProject;
         }
+        if (this.config.gitlab.defaultProject) {
+            return this.config.gitlab.defaultProject;
+        }
         throw new errors_1.ConfigurationError('Project is not resolved. Provide `project` in tool input or set GITLAB_DEFAULT_PROJECT.');
     }
 }

package/build/src/infrastructure/auth/gitlab-oauth-manager.js CHANGED Viewed

@@ -111,6 +111,9 @@ class GitLabOAuthManager {
                 server.close();
                 resolve(authCode);
             });
+            server.on('error', (error) => {
+                reject(new Error(`OAuth callback server failed on ${redirect.hostname}:${resolvePort(redirect)}: ${error.message}`));
+            });
             server.listen(resolvePort(redirect), redirect.hostname, () => {
                 const opened = this.options.openBrowser && openInBrowser(localEntryUrl);
                 if (!opened) {

package/build/src/infrastructure/auth/group-oauth-token-provider.js ADDED Viewed

@@ -0,0 +1,51 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GroupOAuthTokenProvider = void 0;
+exports.resolveOAuthGroupKey = resolveOAuthGroupKey;
+const errors_1 = require("../../shared/errors");
+const gitlab_oauth_manager_1 = require("./gitlab-oauth-manager");
+class GroupOAuthTokenProvider {
+    options;
+    groupProviders;
+    constructor(options) {
+        this.options = options;
+        this.groupProviders = Object.fromEntries(Object.entries(options.groupConfigs).map(([groupKey, cfg]) => {
+            return [
+                groupKey,
+                new gitlab_oauth_manager_1.GitLabOAuthManager({
+                    apiUrl: options.apiUrl,
+                    clientId: cfg.clientId,
+                    clientSecret: cfg.clientSecret,
+                    redirectUri: cfg.redirectUri,
+                    scopes: cfg.scopes,
+                    bootstrapAccessToken: cfg.bootstrapAccessToken,
+                    tokenStorePath: cfg.tokenStorePath,
+                    autoLogin: cfg.autoLogin,
+                    openBrowser: cfg.openBrowser
+                })
+            ];
+        }));
+    }
+    async getAccessToken(projectRef) {
+        const groupKey = resolveOAuthGroupKey(projectRef, Object.keys(this.groupProviders));
+        if (groupKey) {
+            const provider = this.groupProviders[groupKey];
+            if (provider) {
+                return provider.getAccessToken(projectRef);
+            }
+        }
+        if (this.options.defaultProvider) {
+            return this.options.defaultProvider.getAccessToken(projectRef);
+        }
+        throw new errors_1.ConfigurationError('No OAuth config matched this project and default OAuth config is not available.');
+    }
+}
+exports.GroupOAuthTokenProvider = GroupOAuthTokenProvider;
+function resolveOAuthGroupKey(projectRef, configuredGroups) {
+    if (typeof projectRef !== 'string' || projectRef.trim() === '') {
+        return undefined;
+    }
+    const normalized = projectRef.trim().replace(/^\/+/, '');
+    const sorted = [...configuredGroups].sort((a, b) => b.length - a.length);
+    return sorted.find((group) => normalized === group || normalized.startsWith(`${group}/`));
+}

package/build/src/infrastructure/gitlab/gitlab-api-client.js CHANGED Viewed

@@ -22,12 +22,12 @@ class GitLabApiClient {
         const data = await this.request(`/projects/${projectPath}/issues`, {
             method: 'POST',
             body: JSON.stringify(body)
-        });
+        }, input.project);
         return mapIssue(data);
     }
     async getIssue(input) {
         const projectPath = encodeProjectRef(input.project);
-        const data = await this.request(`/projects/${projectPath}/issues/${input.issueIid}`);
+        const data = await this.request(`/projects/${projectPath}/issues/${input.issueIid}`, undefined, input.project);
         return mapIssue(data);
     }
     async closeIssue(input) {
@@ -35,7 +35,7 @@ class GitLabApiClient {
         const data = await this.request(`/projects/${projectPath}/issues/${input.issueIid}`, {
             method: 'PUT',
             body: JSON.stringify({ state_event: 'close' })
-        });
+        }, input.project);
         return mapIssue(data);
     }
     async updateIssueLabels(input) {
@@ -43,7 +43,7 @@ class GitLabApiClient {
         const data = await this.request(`/projects/${projectPath}/issues/${input.issueIid}`, {
             method: 'PUT',
             body: JSON.stringify({ labels: input.labels.join(',') })
-        });
+        }, input.project);
         return mapIssue(data);
     }
     async listLabels(input) {
@@ -51,7 +51,7 @@ class GitLabApiClient {
         const query = input.search
             ? `/projects/${projectPath}/labels?search=${encodeURIComponent(input.search)}`
             : `/projects/${projectPath}/labels`;
-        const data = await this.request(query);
+        const data = await this.request(query, undefined, input.project);
         return data.map(mapLabel);
     }
     async listIssues(input) {
@@ -73,7 +73,7 @@ class GitLabApiClient {
             query.set('page', String(input.page));
         }
         const querySuffix = query.size > 0 ? `?${query.toString()}` : '';
-        const data = await this.request(`/projects/${projectPath}/issues${querySuffix}`);
+        const data = await this.request(`/projects/${projectPath}/issues${querySuffix}`, undefined, input.project);
         return data.map(mapIssue);
     }
     async createLabel(input) {
@@ -85,11 +85,11 @@ class GitLabApiClient {
                 color: input.color ?? '#1f75cb',
                 description: input.description
             })
-        });
+        }, input.project);
         return mapLabel(data);
     }
-    async request(path, init) {
-        const token = await this.options.tokenProvider.getAccessToken();
+    async request(path, init, projectRef) {
+        const token = await this.options.tokenProvider.getAccessToken(projectRef);
         if (!token) {
             throw new errors_1.ConfigurationError('GitLab access token is not configured. Set GITLAB_OAUTH_ACCESS_TOKEN (oauth) or GITLAB_PAT (pat).');
         }

package/build/src/interface/mcp/create-mcp-server.js CHANGED Viewed

@@ -12,6 +12,7 @@ const health_check_1 = require("../../application/use-cases/health-check");
 const list_labels_1 = require("../../application/use-cases/list-labels");
 const list_issues_1 = require("../../application/use-cases/list-issues");
 const update_issue_labels_1 = require("../../application/use-cases/update-issue-labels");
+const group_oauth_token_provider_1 = require("../../infrastructure/auth/group-oauth-token-provider");
 const gitlab_oauth_manager_1 = require("../../infrastructure/auth/gitlab-oauth-manager");
 const token_provider_1 = require("../../infrastructure/auth/token-provider");
 const gitlab_api_client_1 = require("../../infrastructure/gitlab/gitlab-api-client");
@@ -20,16 +21,20 @@ const register_tools_1 = require("./register-tools");
 function createMcpServer() {
     const config = (0, config_1.loadConfig)();
     const tokenProvider = config.gitlab.authMode === 'oauth'
-        ? new gitlab_oauth_manager_1.GitLabOAuthManager({
+        ? new group_oauth_token_provider_1.GroupOAuthTokenProvider({
             apiUrl: config.gitlab.apiUrl,
-            clientId: config.gitlab.oauth.clientId,
-            clientSecret: config.gitlab.oauth.clientSecret,
-            redirectUri: config.gitlab.oauth.redirectUri,
-            scopes: config.gitlab.oauth.scopes,
-            bootstrapAccessToken: config.gitlab.accessToken,
-            tokenStorePath: config.gitlab.oauth.tokenStorePath,
-            autoLogin: config.gitlab.oauth.autoLogin,
-            openBrowser: config.gitlab.oauth.openBrowser
+            defaultProvider: new gitlab_oauth_manager_1.GitLabOAuthManager({
+                apiUrl: config.gitlab.apiUrl,
+                clientId: config.gitlab.oauth.clientId,
+                clientSecret: config.gitlab.oauth.clientSecret,
+                redirectUri: config.gitlab.oauth.redirectUri,
+                scopes: config.gitlab.oauth.scopes,
+                bootstrapAccessToken: config.gitlab.accessToken,
+                tokenStorePath: config.gitlab.oauth.tokenStorePath,
+                autoLogin: config.gitlab.oauth.autoLogin,
+                openBrowser: config.gitlab.oauth.openBrowser
+            }),
+            groupConfigs: config.gitlab.groupOAuthConfigs
         })
         : new token_provider_1.StaticTokenProvider(config.gitlab.accessToken);
     const gitlabApiClient = new gitlab_api_client_1.GitLabApiClient({

package/build/src/shared/config.js CHANGED Viewed

@@ -23,6 +23,7 @@ const EnvSchema = zod_1.z.object({
         .enum(['true', 'false'])
         .optional()
         .transform((value) => value !== 'false'),
+    GITLAB_GROUP_OAUTH_CONFIG_JSON: zod_1.z.string().optional(),
     GITLAB_PAT: zod_1.z.string().optional(),
     GITLAB_DEFAULT_PROJECT: zod_1.z.string().optional(),
     GITLAB_AUTO_RESOLVE_PROJECT_FROM_GIT: zod_1.z
@@ -70,6 +71,12 @@ function loadConfig() {
                 autoLogin: env.GITLAB_OAUTH_AUTO_LOGIN,
                 openBrowser: env.GITLAB_OAUTH_OPEN_BROWSER
             },
+            groupOAuthConfigs: parseGroupOAuthConfigJson(env.GITLAB_GROUP_OAUTH_CONFIG_JSON, {
+                redirectUri: env.GITLAB_OAUTH_REDIRECT_URI,
+                scopes: splitCsv(env.GITLAB_OAUTH_SCOPES),
+                autoLogin: env.GITLAB_OAUTH_AUTO_LOGIN,
+                openBrowser: env.GITLAB_OAUTH_OPEN_BROWSER
+            }),
             defaultProject: env.GITLAB_DEFAULT_PROJECT,
             autoResolveProjectFromGit: env.GITLAB_AUTO_RESOLVE_PROJECT_FROM_GIT,
             autoDetectedProject
@@ -84,6 +91,66 @@ function loadConfig() {
         }
     };
 }
+function parseGroupOAuthConfigJson(raw, defaults) {
+    if (!raw) {
+        return {};
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        throw new Error('GITLAB_GROUP_OAUTH_CONFIG_JSON must be valid JSON.');
+    }
+    if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
+        throw new Error('GITLAB_GROUP_OAUTH_CONFIG_JSON must be an object map.');
+    }
+    const result = {};
+    for (const [groupKey, value] of Object.entries(parsed)) {
+        if (!value || typeof value !== 'object' || Array.isArray(value)) {
+            continue;
+        }
+        const rec = value;
+        result[groupKey] = {
+            clientId: toStringOrUndefined(rec.clientId ?? rec.client_id),
+            clientSecret: toStringOrUndefined(rec.clientSecret ?? rec.client_secret),
+            redirectUri: toStringOrUndefined(rec.redirectUri ?? rec.redirect_uri ?? defaults.redirectUri),
+            scopes: parseScopes(rec.scopes, defaults.scopes),
+            tokenStorePath: toStringOrUndefined(rec.tokenStorePath ?? rec.token_store_path) ??
+                (0, node_path_1.join)((0, node_os_1.homedir)(), '.config', 'gitlab-mcp', `${sanitizeForFilename(groupKey)}-token.json`),
+            autoLogin: toBooleanOrDefault(rec.autoLogin ?? rec.auto_login, defaults.autoLogin),
+            openBrowser: toBooleanOrDefault(rec.openBrowser ?? rec.open_browser, defaults.openBrowser),
+            bootstrapAccessToken: toStringOrUndefined(rec.bootstrapAccessToken ?? rec.bootstrap_access_token)
+        };
+    }
+    return result;
+}
+function parseScopes(value, fallback) {
+    if (typeof value === 'string') {
+        return splitCsv(value);
+    }
+    if (Array.isArray(value)) {
+        return value
+            .map((item) => (typeof item === 'string' ? item.trim() : ''))
+            .filter((item) => item.length > 0);
+    }
+    return fallback;
+}
+function toStringOrUndefined(value) {
+    return typeof value === 'string' && value.trim() !== '' ? value : undefined;
+}
+function toBooleanOrDefault(value, fallback) {
+    if (typeof value === 'boolean') {
+        return value;
+    }
+    if (typeof value === 'string') {
+        return value !== 'false';
+    }
+    return fallback;
+}
+function sanitizeForFilename(value) {
+    return value.replace(/[^a-zA-Z0-9._-]+/g, '_');
+}
 function resolveAccessToken(env) {
     if (env.GITLAB_AUTH_MODE === 'oauth') {
         return env.GITLAB_OAUTH_ACCESS_TOKEN;

package/docs/USER_GUIDE.md CHANGED Viewed

@@ -59,8 +59,9 @@ export GITLAB_OAUTH_SCOPES="api";
 export GITLAB_OAUTH_TOKEN_STORE_PATH="$HOME/.config/gitlab-mcp/token.json";
 export GITLAB_OAUTH_AUTO_LOGIN="true";
 export GITLAB_OAUTH_OPEN_BROWSER="false";
+export GITLAB_GROUP_OAUTH_CONFIG_JSON='{"konoha7":{"clientId":"<ID_1>","clientSecret":"<SECRET_1>","redirectUri":"http://127.0.0.1:8787/oauth/callback"},"othergroup":{"clientId":"<ID_2>","clientSecret":"<SECRET_2>","redirectUri":"http://127.0.0.1:8788/oauth/callback"}}';
-# optional
+# optional fallback if auto-detect from git remote is unavailable
 export GITLAB_DEFAULT_PROJECT="group/repo";
 export GITLAB_AUTO_RESOLVE_PROJECT_FROM_GIT="true";
@@ -70,6 +71,11 @@ npx -y gitlab-mcp-agent-server
 После изменения `config.toml` перезапусти Codex.
+Как выбирается OAuth-конфиг при `GITLAB_GROUP_OAUTH_CONFIG_JSON`:
+1. Сервер берёт `resolved_project` (например `konoha7/subgroup/repo`).
+2. Находит самый длинный совпадающий group key.
+3. Использует соответствующие `clientId/clientSecret/redirectUri/tokenStorePath`.
 ## 4. Что происходит при первом запуске
 1. Агент вызывает любой GitLab tool (например `gitlab_list_labels`).
@@ -97,7 +103,7 @@ npx -y gitlab-mcp-agent-server
 2. Ограничь права файла:
    - `chmod 600 /home/<user>/.config/gitlab-mcp/token.json`
 3. Оставь `GITLAB_OAUTH_OPEN_BROWSER=false` для headless окружений.
-4. Обязательно заполни `GITLAB_DEFAULT_PROJECT`, если агент должен работать в одном проекте.
+4. Для multi-repo режима лучше не задавать `GITLAB_DEFAULT_PROJECT`, чтобы проект брался из `git remote` текущего `cwd`.
 ## 7. Быстрая проверка работоспособности

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "gitlab-mcp-agent-server",
-  "version": "0.2.0",
+  "version": "0.2.2",
   "description": "MCP server for GitLab integration via OAuth",
   "main": "build/src/index.js",
   "bin": {