npm - gitlab-mcp-agent-server - Versions diffs - 0.2.7 → 0.2.8 - Mend

gitlab-mcp-agent-server 0.2.7 → 0.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/build/src/infrastructure/auth/gitlab-oauth-manager.js +66 -1
package/build/src/interface/mcp/create-mcp-server.js +2 -0
package/build/src/interface/mcp/register-tools.js +12 -0
package/docs/USER_GUIDE.md +2 -0
package/package.json +1 -1

package/build/src/infrastructure/auth/gitlab-oauth-manager.js CHANGED Viewed

@@ -11,6 +11,7 @@ class GitLabOAuthManager {
     options;
     tokenStore;
     oauthBaseUrl;
+    pendingOauth;
     constructor(options) {
         this.options = options;
         this.tokenStore = new oauth_token_store_1.OAuthTokenStore(options.tokenStorePath);
@@ -47,6 +48,66 @@ class GitLabOAuthManager {
         this.tokenStore.write(interactiveToken);
         return interactiveToken.accessToken;
     }
+    async startOAuthAuthorization() {
+        const stored = this.tokenStore.read();
+        if (stored && !isExpiringSoon(stored.expiresAt)) {
+            return {
+                status: 'already_authorized',
+                message: 'OAuth token already exists and is valid.'
+            };
+        }
+        if (this.pendingOauth) {
+            return {
+                status: 'in_progress',
+                message: 'OAuth authorization is already in progress in this process.',
+                localEntryUrl: this.pendingOauth.localEntryUrl,
+                authorizeUrl: this.pendingOauth.authorizeUrl
+            };
+        }
+        const lockFilePath = `${this.options.tokenStorePath}.oauth.lock`;
+        const lock = acquireOauthLock(lockFilePath);
+        if (!lock.acquired) {
+            return {
+                status: 'waiting_other_process',
+                message: 'OAuth flow is already running in another process for this instance.',
+                lockFilePath
+            };
+        }
+        let links;
+        const promise = this.loginInteractively((readyLinks) => {
+            links = readyLinks;
+        })
+            .then((token) => {
+            this.tokenStore.write(token);
+        })
+            .finally(() => {
+            lock.release();
+            this.pendingOauth = undefined;
+        });
+        // Wait a short time until listener is ready and URLs are known.
+        const maxReadyWaitMs = 2_000;
+        const pollMs = 100;
+        let waited = 0;
+        while (!links && waited < maxReadyWaitMs) {
+            await sleep(pollMs);
+            waited += pollMs;
+        }
+        if (!links) {
+            lock.release();
+            throw new Error('Failed to start OAuth callback listener.');
+        }
+        this.pendingOauth = {
+            ...links,
+            startedAt: new Date().toISOString(),
+            promise
+        };
+        return {
+            status: 'started',
+            message: 'Open the provided URL and complete OAuth authorization.',
+            localEntryUrl: links.localEntryUrl,
+            authorizeUrl: links.authorizeUrl
+        };
+    }
     async loginInteractivelyWithLock() {
         const lockFilePath = `${this.options.tokenStorePath}.oauth.lock`;
         const lock = acquireOauthLock(lockFilePath);
@@ -118,7 +179,7 @@ class GitLabOAuthManager {
         const payload = (await response.json());
         return mapTokenResponse(payload);
     }
-    async loginInteractively() {
+    async loginInteractively(onReady) {
         this.assertOAuthClientCredentials();
         this.assertRedirectUri();
         const redirect = new URL(this.options.redirectUri);
@@ -205,6 +266,10 @@ class GitLabOAuthManager {
                 reject(new Error(`OAuth callback server failed on ${redirect.hostname}:${resolvePort(redirect)}: ${error.message}`));
             });
             server.listen(resolvePort(redirect), redirect.hostname, () => {
+                onReady?.({
+                    localEntryUrl,
+                    authorizeUrl: authorizeUrl.toString()
+                });
                 const opened = this.options.openBrowser && openInBrowser(localEntryUrl);
                 if (!opened) {
                     console.error('Open this local URL to start OAuth authorization:');

package/build/src/interface/mcp/create-mcp-server.js CHANGED Viewed

@@ -33,6 +33,7 @@ function createMcpServer() {
             openBrowser: config.gitlab.oauth.openBrowser
         })
         : new token_provider_1.StaticTokenProvider(config.gitlab.accessToken);
+    const oauthManager = tokenProvider instanceof gitlab_oauth_manager_1.GitLabOAuthManager ? tokenProvider : undefined;
     const gitlabApiClient = new gitlab_api_client_1.GitLabApiClient({
         apiUrl: config.gitlab.apiUrl,
         tokenProvider
@@ -45,6 +46,7 @@ function createMcpServer() {
     const issueWorkflowPolicy = new issue_workflow_policy_1.IssueWorkflowPolicy(config);
     (0, register_tools_1.registerTools)(server, {
         config,
+        oauthManager,
         projectResolver,
         issueWorkflowPolicy,
         healthCheckUseCase: new health_check_1.HealthCheckUseCase(),

package/build/src/interface/mcp/register-tools.js CHANGED Viewed

@@ -4,6 +4,18 @@ exports.registerTools = registerTools;
 const zod_1 = require("zod");
 const errors_1 = require("../../shared/errors");
 function registerTools(server, deps) {
+    if (deps.oauthManager) {
+        server.registerTool('gitlab_oauth_start', {
+            title: 'GitLab OAuth Start',
+            description: 'Starts OAuth authorization flow and returns links to complete authorization in browser.',
+            inputSchema: {}
+        }, async () => {
+            return runTool(async () => {
+                const result = await deps.oauthManager?.startOAuthAuthorization();
+                return result ?? { status: 'unsupported', message: 'OAuth mode is not enabled.' };
+            });
+        });
+    }
     server.registerTool('health_check', {
         title: 'Health Check',
         description: 'Returns server status.',

package/docs/USER_GUIDE.md CHANGED Viewed

@@ -143,6 +143,7 @@ npx -y gitlab-mcp-agent-server
 ## 8. Быстрая проверка работоспособности
+0. Если нужен OAuth URL прямо в чате агента, вызови `gitlab_oauth_start`.
 1. Вызови `gitlab_list_labels`.
 2. Создай issue: `gitlab_create_issue`.
 3. Получи issue: `gitlab_get_issue`.
@@ -176,6 +177,7 @@ npx -y gitlab-mcp-agent-server
 1. Проверь stale lock и удали его:
    - `rm -f ~/.config/gitlab-mcp/<gitlab-host>/token.json.oauth.lock`
 2. Повтори запрос и заверши OAuth в браузере в течение окна авторизации.
+3. Или сначала вызови `gitlab_oauth_start` и открой `localEntryUrl` из ответа.
 ## 10. Advanced (необязательно)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "gitlab-mcp-agent-server",
-  "version": "0.2.7",
+  "version": "0.2.8",
   "description": "MCP server for GitLab integration via OAuth",
   "main": "build/src/index.js",
   "bin": {