mcpize 1.0.36 → 1.0.37

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/lib/auth.d.ts.map +1 -1
  2. package/dist/lib/auth.js +49 -3
  3. package/dist/lib/auth.js.map +1 -1
  4. package/package.json +1 -1
package/dist/lib/auth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAaA;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAEpD;AAwFD;;;;GAIG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAmC5D;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC,CAGxD;AAED;;GAEG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC,CAQnD"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAaA;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAEpD;AA6ID;;;;GAIG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAmC5D;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC,CAGxD;AAED;;GAEG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC,CAQnD"}
package/dist/lib/auth.js CHANGED
@@ -17,12 +17,27 @@ function getEnvToken() {
17
17
  }
18
18
  /**
19
19
  * Refresh the access token using the stored refresh token.
20
+ *
21
+ * IMPORTANT: Supabase uses refresh token rotation - each refresh token
22
+ * can only be used once. This creates a race condition if multiple CLI
23
+ * processes try to refresh simultaneously:
24
+ *
25
+ * 1. Process A reads refresh_token_1, starts refresh
26
+ * 2. Process B reads refresh_token_1, starts refresh
27
+ * 3. Process A succeeds, saves refresh_token_2
28
+ * 4. Process B fails with "Already Used" (token_1 was already used by A)
29
+ *
30
+ * We handle this by:
31
+ * - Detecting "Already Used" and checking if another process refreshed
32
+ * - Using optimistic concurrency when saving (check if token changed)
33
+ *
20
34
  * Returns the new access token or null if refresh failed.
21
35
  */
22
36
  async function refreshAccessToken() {
23
- const refreshToken = getRefreshToken();
37
+ // Capture the original refresh token BEFORE making the API call
38
+ const originalRefreshToken = getRefreshToken();
24
39
  // Check for missing or empty refresh token
25
- if (!refreshToken || refreshToken.trim() === "") {
40
+ if (!originalRefreshToken || originalRefreshToken.trim() === "") {
26
41
  console.error("No refresh token available");
27
42
  return null;
28
43
  }
@@ -37,11 +52,12 @@ async function refreshAccessToken() {
37
52
  apikey: anonKey,
38
53
  },
39
54
  body: JSON.stringify({
40
- refresh_token: refreshToken,
55
+ refresh_token: originalRefreshToken,
41
56
  }),
42
57
  });
43
58
  if (!response.ok) {
44
59
  let errorMessage = `HTTP ${response.status}`;
60
+ let isAlreadyUsed = false;
45
61
  try {
46
62
  const error = (await response.json());
47
63
  errorMessage =
@@ -50,14 +66,44 @@ async function refreshAccessToken() {
50
66
  error.message ||
51
67
  error.error ||
52
68
  (error.error_code ? `Error code: ${error.error_code}` : errorMessage);
69
+ // Detect "Already Used" error from Supabase
70
+ isAlreadyUsed =
71
+ errorMessage.toLowerCase().includes("already used") ||
72
+ errorMessage.toLowerCase().includes("refresh_token_reuse");
53
73
  }
54
74
  catch {
55
75
  // Failed to parse JSON, use status code
56
76
  }
77
+ // Handle "Already Used" - another process may have refreshed
78
+ if (isAlreadyUsed) {
79
+ const currentRefreshToken = getRefreshToken();
80
+ // If token changed, another process successfully refreshed
81
+ if (currentRefreshToken && currentRefreshToken !== originalRefreshToken) {
82
+ // Use the token from the other process
83
+ const currentAccessToken = getToken();
84
+ if (currentAccessToken && !isTokenExpired()) {
85
+ return currentAccessToken;
86
+ }
87
+ }
88
+ // Token didn't change - it's truly invalid
89
+ }
57
90
  console.error(`Token refresh failed: ${errorMessage}`);
58
91
  return null;
59
92
  }
60
93
  const data = (await response.json());
94
+ // Optimistic concurrency: Check if another process saved new tokens
95
+ // while we were waiting for our refresh to complete
96
+ const currentRefreshToken = getRefreshToken();
97
+ if (currentRefreshToken && currentRefreshToken !== originalRefreshToken) {
98
+ // Another process refreshed while we were waiting
99
+ // Their tokens are valid (and ours might cause issues if we overwrite)
100
+ // Use their access token if it's still valid
101
+ const currentAccessToken = getToken();
102
+ if (currentAccessToken && !isTokenExpired()) {
103
+ return currentAccessToken;
104
+ }
105
+ // Their token is already expired, use ours
106
+ }
61
107
  // Save the new session
62
108
  setSession(data.access_token, data.refresh_token, data.expires_in);
63
109
  return data.access_token;
package/dist/lib/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EACR,eAAe,EACf,cAAc,EACd,UAAU,EACV,YAAY,EACZ,cAAc,EACd,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,+CAA+C;AAC/C,IAAI,aAAa,GAAkB,IAAI,CAAC;AAExC;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,aAAa,GAAG,KAAK,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW;IAClB,OAAO,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC;AAC1C,CAAC;AAiBD;;;GAGG;AACH,KAAK,UAAU,kBAAkB;IAC/B,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IAEvC,2CAA2C;IAC3C,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAChD,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;IAErC,IAAI,CAAC;QACH,kEAAkE;QAClE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,GAAG,WAAW,yCAAyC,EACvD;YACE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,OAAO;aAChB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,aAAa,EAAE,YAAY;aAC5B,CAAC;SACH,CACF,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,YAAY,GAAG,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;YAC7C,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;gBACtD,YAAY;oBACV,KAAK,CAAC,iBAAiB;wBACvB,KAAK,CAAC,GAAG;wBACT,KAAK,CAAC,OAAO;wBACb,KAAK,CAAC,KAAK;wBACX,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,eAAe,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;YAC1E,CAAC;YAAC,MAAM,CAAC;gBACP,wCAAwC;YAC1C,CAAC;YACD,OAAO,CAAC,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;QAExD,uBAAuB;QACvB,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAEnE,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,wBAAwB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACjF,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,oCAAoC;IACpC,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,sCAAsC;IACtC,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,0CAA0C;IAC1C,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;IAEzB,kBAAkB;IAClB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,4BAA4B;IAC5B,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,EAAE,CAAC;IAE5C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,gCAAgC;QAChC,YAAY,EAAE,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;IACpC,OAAO,KAAK,KAAK,IAAI,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;IAEpC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EACR,eAAe,EACf,cAAc,EACd,UAAU,EACV,YAAY,EACZ,cAAc,EACd,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,+CAA+C;AAC/C,IAAI,aAAa,GAAkB,IAAI,CAAC;AAExC;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,aAAa,GAAG,KAAK,CAAC;AACxB,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW;IAClB,OAAO,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC;AAC1C,CAAC;AAiBD;;;;;;;;;;;;;;;;;GAiBG;AACH,KAAK,UAAU,kBAAkB;IAC/B,gEAAgE;IAChE,MAAM,oBAAoB,GAAG,eAAe,EAAE,CAAC;IAE/C,2CAA2C;IAC3C,IAAI,CAAC,oBAAoB,IAAI,oBAAoB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;IAErC,IAAI,CAAC;QACH,kEAAkE;QAClE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,GAAG,WAAW,yCAAyC,EACvD;YACE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,OAAO;aAChB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,aAAa,EAAE,oBAAoB;aACpC,CAAC;SACH,CACF,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,YAAY,GAAG,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;YAC7C,IAAI,aAAa,GAAG,KAAK,CAAC;YAE1B,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;gBACtD,YAAY;oBACV,KAAK,CAAC,iBAAiB;wBACvB,KAAK,CAAC,GAAG;wBACT,KAAK,CAAC,OAAO;wBACb,KAAK,CAAC,KAAK;wBACX,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,eAAe,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;gBAExE,4CAA4C;gBAC5C,aAAa;oBACX,YAAY,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC;wBACnD,YAAY,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,wCAAwC;YAC1C,CAAC;YAED,6DAA6D;YAC7D,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,mBAAmB,GAAG,eAAe,EAAE,CAAC;gBAE9C,2DAA2D;gBAC3D,IAAI,mBAAmB,IAAI,mBAAmB,KAAK,oBAAoB,EAAE,CAAC;oBACxE,uCAAuC;oBACvC,MAAM,kBAAkB,GAAG,QAAQ,EAAE,CAAC;oBACtC,IAAI,kBAAkB,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;wBAC5C,OAAO,kBAAkB,CAAC;oBAC5B,CAAC;gBACH,CAAC;gBACD,2CAA2C;YAC7C,CAAC;YAED,OAAO,CAAC,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;QAExD,oEAAoE;QACpE,oDAAoD;QACpD,MAAM,mBAAmB,GAAG,eAAe,EAAE,CAAC;QAE9C,IAAI,mBAAmB,IAAI,mBAAmB,KAAK,oBAAoB,EAAE,CAAC;YACxE,kDAAkD;YAClD,uEAAuE;YACvE,6CAA6C;YAC7C,MAAM,kBAAkB,GAAG,QAAQ,EAAE,CAAC;YACtC,IAAI,kBAAkB,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;gBAC5C,OAAO,kBAAkB,CAAC;YAC5B,CAAC;YACD,2CAA2C;QAC7C,CAAC;QAED,uBAAuB;QACvB,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAEnE,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,wBAAwB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACjF,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,oCAAoC;IACpC,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,sCAAsC;IACtC,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,0CAA0C;IAC1C,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;IAEzB,kBAAkB;IAClB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,4BAA4B;IAC5B,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,EAAE,CAAC;IAE5C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,gCAAgC;QAChC,YAAY,EAAE,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;IACpC,OAAO,KAAK,KAAK,IAAI,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;IAEpC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mcpize",
3
- "version": "1.0.36",
3
+ "version": "1.0.37",
4
4
  "description": "Deploy and monetize MCP servers in the cloud",
5
5
  "type": "module",
6
6
  "bin": {