integrate-sdk 0.3.10 → 0.3.11

package/dist/index.js

@@ -608,6 +608,7 @@ class OAuthWindowManager {
     const left = window.screenX + (window.outerWidth - width) / 2;
     const top = window.screenY + (window.outerHeight - height) / 2;
     const features = [
+      `popup=yes`,
       `width=${width}`,
       `height=${height}`,
       `left=${left}`,
@@ -619,9 +620,11 @@ class OAuthWindowManager {
       "menubar=no",
       "scrollbars=yes",
       "resizable=yes",
-      "copyhistory=no"
+      "copyhistory=no",
+      "noopener=no"
     ].join(",");
-    this.popupWindow = window.open(url, "oauth_popup", features);
+    const windowName = `oauth_popup_${Date.now()}`;
+    this.popupWindow = window.open(url, windowName, features);
     if (!this.popupWindow) {
       console.warn("Popup was blocked by the browser. Please allow popups for this site.");
       return null;
@@ -790,6 +793,7 @@ class OAuthManager {
       popupOptions: flowConfig?.popupOptions,
       onAuthCallback: flowConfig?.onAuthCallback
     };
+    this.cleanupExpiredPendingAuths();
   }
   async initiateFlow(provider, config) {
     const codeVerifier = generateCodeVerifier();
@@ -805,6 +809,7 @@ class OAuthManager {
       initiatedAt: Date.now()
     };
     this.pendingAuths.set(state, pendingAuth);
+    this.savePendingAuthToStorage(state, pendingAuth);
     const authUrl = await this.getAuthorizationUrl(provider, config.scopes, state, codeChallenge, config.redirectUri);
     if (this.flowConfig.mode === "popup") {
       this.windowManager.openPopup(authUrl, this.flowConfig.popupOptions);
@@ -820,13 +825,17 @@ class OAuthManager {
     }
   }
   async handleCallback(code, state) {
-    const pendingAuth = this.pendingAuths.get(state);
+    let pendingAuth = this.pendingAuths.get(state);
+    if (!pendingAuth) {
+      pendingAuth = this.loadPendingAuthFromStorage(state);
+    }
     if (!pendingAuth) {
       throw new Error("Invalid state parameter: no matching OAuth flow found");
     }
     const fiveMinutes = 5 * 60 * 1000;
     if (Date.now() - pendingAuth.initiatedAt > fiveMinutes) {
       this.pendingAuths.delete(state);
+      this.removePendingAuthFromStorage(state);
       throw new Error("OAuth flow expired: please try again");
     }
     if (this.flowConfig.onAuthCallback) {
@@ -841,9 +850,11 @@ class OAuthManager {
       this.sessionToken = response.sessionToken;
       this.saveSessionToken(response.sessionToken);
       this.pendingAuths.delete(state);
+      this.removePendingAuthFromStorage(state);
       return response.sessionToken;
     } catch (error) {
       this.pendingAuths.delete(state);
+      this.removePendingAuthFromStorage(state);
       throw error;
     }
   }
@@ -904,6 +915,69 @@ class OAuthManager {
       }
     }
   }
+  savePendingAuthToStorage(state, pendingAuth) {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const key = `integrate_oauth_pending_${state}`;
+        window.localStorage.setItem(key, JSON.stringify(pendingAuth));
+      } catch (error) {
+        console.error("Failed to save pending auth to localStorage:", error);
+      }
+    }
+  }
+  loadPendingAuthFromStorage(state) {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const key = `integrate_oauth_pending_${state}`;
+        const stored = window.localStorage.getItem(key);
+        if (stored) {
+          return JSON.parse(stored);
+        }
+      } catch (error) {
+        console.error("Failed to load pending auth from localStorage:", error);
+      }
+    }
+    return;
+  }
+  removePendingAuthFromStorage(state) {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const key = `integrate_oauth_pending_${state}`;
+        window.localStorage.removeItem(key);
+      } catch (error) {
+        console.error("Failed to remove pending auth from localStorage:", error);
+      }
+    }
+  }
+  cleanupExpiredPendingAuths() {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const prefix = "integrate_oauth_pending_";
+        const fiveMinutes = 5 * 60 * 1000;
+        const now = Date.now();
+        const keysToRemove = [];
+        for (let i = 0;i < window.localStorage.length; i++) {
+          const key = window.localStorage.key(i);
+          if (key && key.startsWith(prefix)) {
+            try {
+              const stored = window.localStorage.getItem(key);
+              if (stored) {
+                const pendingAuth = JSON.parse(stored);
+                if (now - pendingAuth.initiatedAt > fiveMinutes) {
+                  keysToRemove.push(key);
+                }
+              }
+            } catch (error) {
+              keysToRemove.push(key);
+            }
+          }
+        }
+        keysToRemove.forEach((key) => window.localStorage.removeItem(key));
+      } catch (error) {
+        console.error("Failed to cleanup expired pending auths:", error);
+      }
+    }
+  }
   async getAuthorizationUrl(provider, scopes, state, codeChallenge, redirectUri) {
     const url = `${this.oauthApiBase}/authorize`;
     const response = await fetch(url, {

package/dist/server.js

@@ -608,6 +608,7 @@ class OAuthWindowManager {
     const left = window.screenX + (window.outerWidth - width) / 2;
     const top = window.screenY + (window.outerHeight - height) / 2;
     const features = [
+      `popup=yes`,
       `width=${width}`,
       `height=${height}`,
       `left=${left}`,
@@ -619,9 +620,11 @@ class OAuthWindowManager {
       "menubar=no",
       "scrollbars=yes",
       "resizable=yes",
-      "copyhistory=no"
+      "copyhistory=no",
+      "noopener=no"
     ].join(",");
-    this.popupWindow = window.open(url, "oauth_popup", features);
+    const windowName = `oauth_popup_${Date.now()}`;
+    this.popupWindow = window.open(url, windowName, features);
     if (!this.popupWindow) {
       console.warn("Popup was blocked by the browser. Please allow popups for this site.");
       return null;
@@ -790,6 +793,7 @@ class OAuthManager {
       popupOptions: flowConfig?.popupOptions,
       onAuthCallback: flowConfig?.onAuthCallback
     };
+    this.cleanupExpiredPendingAuths();
   }
   async initiateFlow(provider, config) {
     const codeVerifier = generateCodeVerifier();
@@ -805,6 +809,7 @@ class OAuthManager {
       initiatedAt: Date.now()
     };
     this.pendingAuths.set(state, pendingAuth);
+    this.savePendingAuthToStorage(state, pendingAuth);
     const authUrl = await this.getAuthorizationUrl(provider, config.scopes, state, codeChallenge, config.redirectUri);
     if (this.flowConfig.mode === "popup") {
       this.windowManager.openPopup(authUrl, this.flowConfig.popupOptions);
@@ -820,13 +825,17 @@ class OAuthManager {
     }
   }
   async handleCallback(code, state) {
-    const pendingAuth = this.pendingAuths.get(state);
+    let pendingAuth = this.pendingAuths.get(state);
+    if (!pendingAuth) {
+      pendingAuth = this.loadPendingAuthFromStorage(state);
+    }
     if (!pendingAuth) {
       throw new Error("Invalid state parameter: no matching OAuth flow found");
     }
     const fiveMinutes = 5 * 60 * 1000;
     if (Date.now() - pendingAuth.initiatedAt > fiveMinutes) {
       this.pendingAuths.delete(state);
+      this.removePendingAuthFromStorage(state);
       throw new Error("OAuth flow expired: please try again");
     }
     if (this.flowConfig.onAuthCallback) {
@@ -841,9 +850,11 @@ class OAuthManager {
       this.sessionToken = response.sessionToken;
       this.saveSessionToken(response.sessionToken);
       this.pendingAuths.delete(state);
+      this.removePendingAuthFromStorage(state);
       return response.sessionToken;
     } catch (error) {
       this.pendingAuths.delete(state);
+      this.removePendingAuthFromStorage(state);
       throw error;
     }
   }
@@ -904,6 +915,69 @@ class OAuthManager {
       }
     }
   }
+  savePendingAuthToStorage(state, pendingAuth) {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const key = `integrate_oauth_pending_${state}`;
+        window.localStorage.setItem(key, JSON.stringify(pendingAuth));
+      } catch (error) {
+        console.error("Failed to save pending auth to localStorage:", error);
+      }
+    }
+  }
+  loadPendingAuthFromStorage(state) {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const key = `integrate_oauth_pending_${state}`;
+        const stored = window.localStorage.getItem(key);
+        if (stored) {
+          return JSON.parse(stored);
+        }
+      } catch (error) {
+        console.error("Failed to load pending auth from localStorage:", error);
+      }
+    }
+    return;
+  }
+  removePendingAuthFromStorage(state) {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const key = `integrate_oauth_pending_${state}`;
+        window.localStorage.removeItem(key);
+      } catch (error) {
+        console.error("Failed to remove pending auth from localStorage:", error);
+      }
+    }
+  }
+  cleanupExpiredPendingAuths() {
+    if (typeof window !== "undefined" && window.localStorage) {
+      try {
+        const prefix = "integrate_oauth_pending_";
+        const fiveMinutes = 5 * 60 * 1000;
+        const now = Date.now();
+        const keysToRemove = [];
+        for (let i = 0;i < window.localStorage.length; i++) {
+          const key = window.localStorage.key(i);
+          if (key && key.startsWith(prefix)) {
+            try {
+              const stored = window.localStorage.getItem(key);
+              if (stored) {
+                const pendingAuth = JSON.parse(stored);
+                if (now - pendingAuth.initiatedAt > fiveMinutes) {
+                  keysToRemove.push(key);
+                }
+              }
+            } catch (error) {
+              keysToRemove.push(key);
+            }
+          }
+        }
+        keysToRemove.forEach((key) => window.localStorage.removeItem(key));
+      } catch (error) {
+        console.error("Failed to cleanup expired pending auths:", error);
+      }
+    }
+  }
   async getAuthorizationUrl(provider, scopes, state, codeChallenge, redirectUri) {
     const url = `${this.oauthApiBase}/authorize`;
     const response = await fetch(url, {

package/dist/src/oauth/manager.d.ts

@@ -79,6 +79,27 @@ export declare class OAuthManager {
      * Save session token to sessionStorage
      */
     private saveSessionToken;
+    /**
+     * Save pending auth to localStorage (for redirect flows)
+     * Uses localStorage instead of sessionStorage because OAuth may open in a new tab,
+     * and sessionStorage is isolated per tab. localStorage is shared across tabs.
+     * Keyed by state parameter for security and retrieval.
+     */
+    private savePendingAuthToStorage;
+    /**
+     * Load pending auth from localStorage (after redirect)
+     * Returns undefined if not found or invalid
+     */
+    private loadPendingAuthFromStorage;
+    /**
+     * Remove pending auth from localStorage
+     */
+    private removePendingAuthFromStorage;
+    /**
+     * Clean up expired pending auth entries from localStorage
+     * Removes any entries older than 5 minutes
+     */
+    private cleanupExpiredPendingAuths;
     /**
      * Request authorization URL from user's API route
      * The API route will add OAuth secrets and forward to MCP server

package/dist/src/oauth/manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../../src/oauth/manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EACV,eAAe,EAEf,UAAU,EAGX,MAAM,YAAY,CAAC;AAIpB;;;GAGG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,YAAY,CAAuC;IAC3D,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,aAAa,CAAqB;IAC1C,OAAO,CAAC,UAAU,CAAkB;IACpC,OAAO,CAAC,YAAY,CAAS;gBAG3B,YAAY,EAAE,MAAM,EACpB,UAAU,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC;IAWvC;;;;;;;;;;;;;;;;OAgBG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAwCxE;;;;;;;;;;;;;OAaG;IACG,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAiDlE;;;;;;;;;;;;;OAaG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAoC5D;;OAEG;IACH,eAAe,IAAI,MAAM,GAAG,SAAS;IAIrC;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAKpC;;OAEG;IACH,iBAAiB,IAAI,IAAI;IAWzB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAUxB;;;OAGG;YACW,mBAAmB;IAiCjC;;;OAGG;YACW,oBAAoB;IA8BlC;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}
+{"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../../src/oauth/manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EACV,eAAe,EAEf,UAAU,EAGX,MAAM,YAAY,CAAC;AAIpB;;;GAGG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,YAAY,CAAuC;IAC3D,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,aAAa,CAAqB;IAC1C,OAAO,CAAC,UAAU,CAAkB;IACpC,OAAO,CAAC,YAAY,CAAS;gBAG3B,YAAY,EAAE,MAAM,EACpB,UAAU,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC;IAcvC;;;;;;;;;;;;;;;;OAgBG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IA4CxE;;;;;;;;;;;;;OAaG;IACG,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAyDlE;;;;;;;;;;;;;OAaG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAoC5D;;OAEG;IACH,eAAe,IAAI,MAAM,GAAG,SAAS;IAIrC;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAKpC;;OAEG;IACH,iBAAiB,IAAI,IAAI;IAWzB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAUxB;;;;;OAKG;IACH,OAAO,CAAC,wBAAwB;IAWhC;;;OAGG;IACH,OAAO,CAAC,0BAA0B;IAelC;;OAEG;IACH,OAAO,CAAC,4BAA4B;IAWpC;;;OAGG;IACH,OAAO,CAAC,0BAA0B;IAoClC;;;OAGG;YACW,mBAAmB;IAiCjC;;;OAGG;YACW,oBAAoB;IA8BlC;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}

package/dist/src/oauth/window-manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"window-manager.d.ts","sourceRoot":"","sources":["../../../src/oauth/window-manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AASpE;;;;;;GAMG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,kBAAkB,CAA+C;IACzE,OAAO,CAAC,iBAAiB,CAA8C;IAEvE;;;;;;;;;;;;OAYG;IACH,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,YAAY,GAAG,MAAM,GAAG,IAAI;IAwC7D;;;;;;;;;;OAUG;IACH,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAQ/B;;;;;;;;;;;;;;;;;OAiBG;IACH,iBAAiB,CACf,IAAI,EAAE,OAAO,GAAG,UAAU,EAC1B,SAAS,GAAE,MAAsB,GAChC,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAkE9B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAiEjC;;OAEG;IACH,OAAO,CAAC,OAAO;IAiBf;;;OAGG;IACH,KAAK,IAAI,IAAI;CAGd;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAC3C,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACvB,GAAG,IAAI,CAwBP"}
+{"version":3,"file":"window-manager.d.ts","sourceRoot":"","sources":["../../../src/oauth/window-manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AASpE;;;;;;GAMG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,kBAAkB,CAA+C;IACzE,OAAO,CAAC,iBAAiB,CAA8C;IAEvE;;;;;;;;;;;;OAYG;IACH,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,YAAY,GAAG,MAAM,GAAG,IAAI;IA6C7D;;;;;;;;;;OAUG;IACH,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAQ/B;;;;;;;;;;;;;;;;;OAiBG;IACH,iBAAiB,CACf,IAAI,EAAE,OAAO,GAAG,UAAU,EAC1B,SAAS,GAAE,MAAsB,GAChC,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAkE9B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAiEjC;;OAEG;IACH,OAAO,CAAC,OAAO;IAiBf;;;OAGG;IACH,KAAK,IAAI,IAAI;CAGd;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAC3C,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACvB,GAAG,IAAI,CAwBP"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "integrate-sdk",
-  "version": "0.3.10",
+  "version": "0.3.11",
   "description": "Type-safe TypeScript SDK for MCP Client with plugin-based OAuth provider configuration",
   "type": "module",
   "main": "./dist/index.js",