npm - gitlab-mcp-agent-server - Versions diffs - 0.2.4 → 0.2.6 - Mend

gitlab-mcp-agent-server 0.2.4 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/build/src/infrastructure/auth/gitlab-oauth-manager.js +15 -2
package/build/src/interface/mcp/create-mcp-server.js +1 -0
package/build/src/shared/config.js +2 -0
package/docs/USER_GUIDE.md +9 -0
package/package.json +1 -1

package/build/src/infrastructure/auth/gitlab-oauth-manager.js CHANGED Viewed

@@ -61,7 +61,7 @@ class GitLabOAuthManager {
         return this.waitForTokenFromOtherProcess(lockFilePath);
     }
     async waitForTokenFromOtherProcess(lockFilePath) {
-        const maxWaitMs = 2 * 60 * 1000;
+        const maxWaitMs = 15 * 1000;
         const pollMs = 1000;
         let elapsed = 0;
         console.error('OAuth flow is already running in another process for this instance. Waiting for token...');
@@ -86,7 +86,7 @@ class GitLabOAuthManager {
             await sleep(pollMs);
             elapsed += pollMs;
         }
-        throw new Error('Timed out waiting for OAuth token from another process. Retry request or complete authorization in the first window.');
+        throw new Error(`Timed out waiting for OAuth token from another process. Complete OAuth in the first window or remove stale lock: ${lockFilePath}`);
     }
     async refreshToken(refreshToken) {
         this.assertOAuthClientCredentials();
@@ -124,6 +124,7 @@ class GitLabOAuthManager {
         authorizeUrl.searchParams.set('state', state);
         const localEntryUrl = `${redirect.protocol}//${redirect.host}/`;
         const code = await new Promise((resolve, reject) => {
+            let settled = false;
             const server = (0, node_http_1.createServer)((req, res) => {
                 if (!req.url) {
                     return;
@@ -155,6 +156,7 @@ class GitLabOAuthManager {
                         actionLabel: 'Start OAuth Again'
                     }));
                     server.close();
+                    settled = true;
                     reject(new Error(`OAuth authorization failed: ${error}`));
                     return;
                 }
@@ -170,6 +172,7 @@ class GitLabOAuthManager {
                         actionLabel: 'Start OAuth Again'
                     }));
                     server.close();
+                    settled = true;
                     reject(new Error('Invalid OAuth callback: code/state mismatch.'));
                     return;
                 }
@@ -182,9 +185,11 @@ class GitLabOAuthManager {
                     hint: 'This tab can be closed now.'
                 }));
                 server.close();
+                settled = true;
                 resolve(authCode);
             });
             server.on('error', (error) => {
+                settled = true;
                 reject(new Error(`OAuth callback server failed on ${redirect.hostname}:${resolvePort(redirect)}: ${error.message}`));
             });
             server.listen(resolvePort(redirect), redirect.hostname, () => {
@@ -196,6 +201,14 @@ class GitLabOAuthManager {
                     console.error(authorizeUrl.toString());
                 }
             });
+            const timeoutMs = this.options.callbackTimeoutMs ?? 180_000;
+            setTimeout(() => {
+                if (settled) {
+                    return;
+                }
+                server.close();
+                reject(new Error(`OAuth was not completed in time. Open ${localEntryUrl} to continue, or use ${authorizeUrl.toString()}`));
+            }, timeoutMs);
         });
         const tokenResponse = await fetch(`${this.oauthBaseUrl}/oauth/token`, {
             method: 'POST',

package/build/src/interface/mcp/create-mcp-server.js CHANGED Viewed

@@ -28,6 +28,7 @@ function createMcpServer() {
             scopes: config.gitlab.oauth.scopes,
             bootstrapAccessToken: config.gitlab.accessToken,
             tokenStorePath: config.gitlab.oauth.tokenStorePath,
+            callbackTimeoutMs: config.gitlab.oauth.callbackTimeoutMs,
             autoLogin: config.gitlab.oauth.autoLogin,
             openBrowser: config.gitlab.oauth.openBrowser
         })

package/build/src/shared/config.js CHANGED Viewed

@@ -15,6 +15,7 @@ const EnvSchema = zod_1.z.object({
     GITLAB_OAUTH_REDIRECT_URI: zod_1.z.string().optional(),
     GITLAB_OAUTH_SCOPES: zod_1.z.string().default('api'),
     GITLAB_OAUTH_TOKEN_STORE_PATH: zod_1.z.string().optional(),
+    GITLAB_OAUTH_CALLBACK_TIMEOUT_MS: zod_1.z.coerce.number().int().positive().optional(),
     GITLAB_OAUTH_AUTO_LOGIN: zod_1.z
         .enum(['true', 'false'])
         .optional()
@@ -68,6 +69,7 @@ function loadConfig() {
                 redirectUri: env.GITLAB_OAUTH_REDIRECT_URI,
                 scopes: splitCsv(env.GITLAB_OAUTH_SCOPES),
                 tokenStorePath: defaultTokenStorePath,
+                callbackTimeoutMs: env.GITLAB_OAUTH_CALLBACK_TIMEOUT_MS ?? 180_000,
                 autoLogin: env.GITLAB_OAUTH_AUTO_LOGIN,
                 openBrowser: env.GITLAB_OAUTH_OPEN_BROWSER
             },

package/docs/USER_GUIDE.md CHANGED Viewed

@@ -60,6 +60,7 @@ export GITLAB_AUTH_MODE="oauth";
 export GITLAB_OAUTH_CLIENT_ID="<GITLAB_COM_APP_ID>";
 export GITLAB_OAUTH_CLIENT_SECRET="<GITLAB_COM_APP_SECRET>";
 export GITLAB_OAUTH_REDIRECT_URI="http://127.0.0.1:8787/oauth/callback";
+export GITLAB_OAUTH_CALLBACK_TIMEOUT_MS="180000";
 export GITLAB_OAUTH_AUTO_LOGIN="true";
 export GITLAB_OAUTH_OPEN_BROWSER="true";
@@ -77,6 +78,7 @@ export GITLAB_AUTH_MODE="oauth";
 export GITLAB_OAUTH_CLIENT_ID="<WORK_APP_ID>";
 export GITLAB_OAUTH_CLIENT_SECRET="<WORK_APP_SECRET>";
 export GITLAB_OAUTH_REDIRECT_URI="http://127.0.0.1:8788/oauth/callback";
+export GITLAB_OAUTH_CALLBACK_TIMEOUT_MS="180000";
 export GITLAB_OAUTH_AUTO_LOGIN="true";
 export GITLAB_OAUTH_OPEN_BROWSER="true";
@@ -121,6 +123,8 @@ npx -y gitlab-mcp-agent-server
 2. Ограничь права файла:
    - `chmod 600 /home/<user>/.config/gitlab-mcp/gitlab.com/token.json`
 3. Для headless окружений ставь `GITLAB_OAUTH_OPEN_BROWSER=false`.
+4. При медленном интерактивном flow увеличь окно ожидания callback:
+   - `GITLAB_OAUTH_CALLBACK_TIMEOUT_MS=180000` (или выше).
 ## 7. Сценарий пользовательского запроса
@@ -168,6 +172,11 @@ npx -y gitlab-mcp-agent-server
 3. Если lock застрял после краша, удали stale lock:
    - `<tokenStorePath>.oauth.lock`
+`gitlab_list_issues`/другой tool уходит в timeout после удаления token:
+1. Проверь stale lock и удали его:
+   - `rm -f ~/.config/gitlab-mcp/<gitlab-host>/token.json.oauth.lock`
+2. Повтори запрос и заверши OAuth в браузере в течение окна авторизации.
 ## 10. Advanced (необязательно)
 Если нужен тонкий контроль, можно использовать:

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "gitlab-mcp-agent-server",
-  "version": "0.2.4",
+  "version": "0.2.6",
   "description": "MCP server for GitLab integration via OAuth",
   "main": "build/src/index.js",
   "bin": {