patchwork-os 0.2.0-alpha.2 → 0.2.0-alpha.21

package/dist/connectors/mcpOAuth.js

@@ -0,0 +1,363 @@
+/**
+ * OAuth 2.1 PKCE helper for upstream MCP servers.
+ *
+ * Supports two vendor modes:
+ *   - dyn-reg (Linear, Sentry): RFC 7591 dynamic client registration.
+ *     Registration data cached alongside tokens so we don't re-register every run.
+ *   - preregistered (GitHub): uses a hardcoded client_id + PKCE-only flow.
+ *
+ * Token files: ~/.patchwork/tokens/<vendor>-mcp.json (mode 0600)
+ *
+ * Flow:
+ *   1. startAuthorize({ vendor, config }) -> { url, state }
+ *      Dashboard opens `url` in a popup; stores `state` to correlate callback.
+ *   2. server.ts callback route calls completeAuthorize({ vendor, config, code, state })
+ *      -> persisted token file.
+ *   3. getAccessToken({ vendor }) reads token, refreshes if needed.
+ *   4. revoke({ vendor }) hits the revocation endpoint + deletes file.
+ */
+import crypto from "node:crypto";
+import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync, } from "node:fs";
+import { homedir } from "node:os";
+import path from "node:path";
+// ── Known vendor configs ─────────────────────────────────────────────────────
+function defaultBridgeBase() {
+    const port = process.env.PATCHWORK_BRIDGE_PORT ?? "3101";
+    return (process.env.PATCHWORK_BRIDGE_URL ?? `http://localhost:${port}`).replace(/\/$/, "");
+}
+export function vendorConfig(vendor) {
+    const bridgeBase = defaultBridgeBase();
+    switch (vendor) {
+        case "github":
+            return {
+                vendor,
+                issuer: "https://github.com/login/oauth",
+                authorizationEndpoint: "https://github.com/login/oauth/authorize",
+                tokenEndpoint: "https://github.com/login/oauth/access_token",
+                revocationEndpoint: undefined, // GitHub OAuth apps use a different revoke path; best-effort delete only
+                scopes: ["repo", "read:org", "read:user"],
+                redirectUri: `${bridgeBase}/connections/github/callback`,
+                useDynamicRegistration: false,
+                preregisteredClientId: process.env.PATCHWORK_GITHUB_CLIENT_ID ?? "",
+                preregisteredClientSecret: process.env.PATCHWORK_GITHUB_CLIENT_SECRET,
+                clientName: "Patchwork OS",
+            };
+        case "linear":
+            return {
+                vendor,
+                issuer: "https://mcp.linear.app",
+                authorizationEndpoint: "https://mcp.linear.app/authorize",
+                tokenEndpoint: "https://mcp.linear.app/token",
+                registrationEndpoint: "https://mcp.linear.app/register",
+                revocationEndpoint: "https://mcp.linear.app/token", // per discovery doc
+                scopes: [],
+                redirectUri: `${bridgeBase}/connections/linear/callback`,
+                useDynamicRegistration: true,
+                clientName: "Patchwork OS",
+            };
+        case "sentry":
+            return {
+                vendor,
+                issuer: "https://mcp.sentry.dev",
+                authorizationEndpoint: "https://mcp.sentry.dev/oauth/authorize",
+                tokenEndpoint: "https://mcp.sentry.dev/oauth/token",
+                registrationEndpoint: "https://mcp.sentry.dev/oauth/register",
+                revocationEndpoint: "https://mcp.sentry.dev/oauth/token",
+                scopes: ["org:read", "project:write", "event:write"],
+                redirectUri: `${bridgeBase}/connections/sentry/callback`,
+                useDynamicRegistration: true,
+                clientName: "Patchwork OS",
+            };
+    }
+}
+function tokenPath(vendor) {
+    return path.join(homedir(), ".patchwork", "tokens", `${vendor}-mcp.json`);
+}
+export function loadTokenFile(vendor) {
+    const p = tokenPath(vendor);
+    if (!existsSync(p))
+        return null;
+    try {
+        return JSON.parse(readFileSync(p, "utf-8"));
+    }
+    catch {
+        return null;
+    }
+}
+function saveTokenFile(file) {
+    const p = tokenPath(file.vendor);
+    mkdirSync(path.dirname(p), { recursive: true, mode: 0o700 });
+    writeFileSync(p, JSON.stringify(file, null, 2), { mode: 0o600 });
+}
+function deleteTokenFile(vendor) {
+    const p = tokenPath(vendor);
+    if (existsSync(p))
+        unlinkSync(p);
+}
+// ── PKCE helpers ─────────────────────────────────────────────────────────────
+function base64url(buf) {
+    return buf
+        .toString("base64")
+        .replace(/=/g, "")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_");
+}
+function genVerifier() {
+    return base64url(crypto.randomBytes(32));
+}
+function challenge(verifier) {
+    return base64url(crypto.createHash("sha256").update(verifier).digest());
+}
+const pending = new Map();
+function gcPending() {
+    const now = Date.now();
+    for (const [k, v] of pending.entries()) {
+        if (v.expiresAt < now)
+            pending.delete(k);
+    }
+}
+async function dynamicRegister(config) {
+    if (!config.registrationEndpoint) {
+        throw new Error(`${config.vendor}: no registration endpoint configured`);
+    }
+    const body = {
+        client_name: config.clientName ?? "Patchwork OS",
+        redirect_uris: [config.redirectUri],
+        grant_types: ["authorization_code", "refresh_token"],
+        response_types: ["code"],
+        token_endpoint_auth_method: "none",
+        scope: config.scopes.join(" "),
+    };
+    const res = await fetch(config.registrationEndpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", Accept: "application/json" },
+        body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+        const snippet = (await res.text()).slice(0, 300);
+        throw new Error(`${config.vendor} dyn-reg failed ${res.status}: ${snippet}`);
+    }
+    const json = (await res.json());
+    if (!json.client_id)
+        throw new Error(`${config.vendor} dyn-reg missing client_id`);
+    return { clientId: json.client_id, clientSecret: json.client_secret };
+}
+// ── Authorize flow ───────────────────────────────────────────────────────────
+/**
+ * Returns the authorize URL for the popup, and a `state` cookie value
+ * the callback must match. For dyn-reg vendors, registers a fresh client
+ * if we don't have one yet (re-uses existing one from token file on reconnect).
+ */
+export async function startAuthorize(config) {
+    gcPending();
+    let clientId = config.preregisteredClientId ?? "";
+    let clientSecret = config.preregisteredClientSecret;
+    if (config.useDynamicRegistration) {
+        // Re-use cached registration if available
+        const existing = loadTokenFile(config.vendor);
+        if (existing?.client_id) {
+            clientId = existing.client_id;
+            clientSecret = existing.client_secret;
+        }
+        else {
+            const reg = await dynamicRegister(config);
+            clientId = reg.clientId;
+            clientSecret = reg.clientSecret;
+        }
+    }
+    if (!clientId) {
+        throw new Error(`${config.vendor}: client_id not configured (set PATCHWORK_${config.vendor.toUpperCase()}_CLIENT_ID)`);
+    }
+    if (!config.useDynamicRegistration &&
+        config.preregisteredClientSecret === undefined &&
+        config.vendor === "github") {
+        throw new Error("github: client_secret not configured (set PATCHWORK_GITHUB_CLIENT_SECRET)");
+    }
+    const verifier = genVerifier();
+    const state = base64url(crypto.randomBytes(24));
+    pending.set(state, {
+        vendor: config.vendor,
+        verifier,
+        clientId,
+        clientSecret,
+        expiresAt: Date.now() + 10 * 60 * 1000,
+    });
+    const params = new URLSearchParams({
+        response_type: "code",
+        client_id: clientId,
+        redirect_uri: config.redirectUri,
+        state,
+        code_challenge: challenge(verifier),
+        code_challenge_method: "S256",
+    });
+    if (config.scopes.length)
+        params.set("scope", config.scopes.join(" "));
+    const authorizeUrl = config.authorizationEndpoint;
+    if (!authorizeUrl)
+        throw new Error(`${config.vendor}: no authorization_endpoint`);
+    return { url: `${authorizeUrl}?${params.toString()}`, state };
+}
+async function exchangeCode(config, code, verifier, clientId, clientSecret) {
+    if (!config.tokenEndpoint)
+        throw new Error(`${config.vendor}: no token_endpoint`);
+    const body = new URLSearchParams({
+        grant_type: "authorization_code",
+        code,
+        redirect_uri: config.redirectUri,
+        client_id: clientId,
+        code_verifier: verifier,
+    });
+    if (clientSecret)
+        body.set("client_secret", clientSecret);
+    const res = await fetch(config.tokenEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+            Accept: "application/json",
+        },
+        body: body.toString(),
+    });
+    if (!res.ok) {
+        const snippet = (await res.text()).slice(0, 300);
+        throw new Error(`${config.vendor} token exchange ${res.status}: ${snippet}`);
+    }
+    // GitHub returns form-encoded by default unless Accept: application/json is honored
+    const ct = res.headers.get("content-type") ?? "";
+    if (ct.includes("application/x-www-form-urlencoded")) {
+        const text = await res.text();
+        const p = new URLSearchParams(text);
+        if (p.get("error"))
+            throw new Error(`${config.vendor}: ${p.get("error_description") ?? p.get("error")}`);
+        return {
+            access_token: p.get("access_token") ?? "",
+            refresh_token: p.get("refresh_token") ?? undefined,
+            expires_in: p.get("expires_in") ? Number(p.get("expires_in")) : undefined,
+            scope: p.get("scope") ?? undefined,
+        };
+    }
+    return (await res.json());
+}
+/** Complete the authorize flow. Persists token file. */
+export async function completeAuthorize(config, code, state, profile) {
+    gcPending();
+    const p = pending.get(state);
+    if (!p)
+        throw new Error(`${config.vendor}: invalid or expired state`);
+    pending.delete(state);
+    if (p.vendor !== config.vendor)
+        throw new Error(`${config.vendor}: vendor mismatch on state`);
+    const tok = await exchangeCode(config, code, p.verifier, p.clientId, p.clientSecret);
+    if (!tok.access_token)
+        throw new Error(`${config.vendor}: empty access_token`);
+    const expiresAt = tok.expires_in
+        ? Date.now() + tok.expires_in * 1000
+        : undefined;
+    saveTokenFile({
+        vendor: config.vendor,
+        client_id: p.clientId,
+        client_secret: p.clientSecret,
+        access_token: tok.access_token,
+        refresh_token: tok.refresh_token,
+        expires_at: expiresAt,
+        scope: tok.scope,
+        connected_at: new Date().toISOString(),
+        profile,
+    });
+    return { ok: true, profile };
+}
+// ── Token refresh ────────────────────────────────────────────────────────────
+async function refreshIfNeeded(config, file) {
+    const buffer = 300_000; // 5-minute buffer — avoid mid-call expiry
+    if (!file.expires_at || Date.now() < file.expires_at - buffer)
+        return file;
+    if (!file.refresh_token) {
+        // No refresh token — token is expired and can't be renewed automatically
+        if (file.expires_at && Date.now() >= file.expires_at) {
+            throw new Error(`${file.vendor}: token expired. Re-authorize via GET /connections/${file.vendor}/authorize`);
+        }
+        return file;
+    }
+    if (!config.tokenEndpoint)
+        return file;
+    const body = new URLSearchParams({
+        grant_type: "refresh_token",
+        refresh_token: file.refresh_token,
+        client_id: file.client_id,
+    });
+    if (file.client_secret)
+        body.set("client_secret", file.client_secret);
+    const res = await fetch(config.tokenEndpoint, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+            Accept: "application/json",
+        },
+        body: body.toString(),
+    });
+    if (!res.ok) {
+        throw new Error(`${file.vendor}: token refresh failed (${res.status}). Re-authorize via GET /connections/${file.vendor}/authorize`);
+    }
+    const json = (await res.json());
+    const updated = {
+        ...file,
+        access_token: json.access_token,
+        refresh_token: json.refresh_token ?? file.refresh_token,
+        expires_at: json.expires_in
+            ? Date.now() + json.expires_in * 1000
+            : undefined,
+    };
+    saveTokenFile(updated);
+    return updated;
+}
+export function getConnectorStatus(vendor) {
+    const file = loadTokenFile(vendor);
+    if (!file)
+        return { vendor, connected: false, needsReauth: false };
+    const now = Date.now();
+    const expiresAt = file.expires_at;
+    const expiresInMs = expiresAt ? expiresAt - now : undefined;
+    const needsReauth = !file.refresh_token && expiresAt !== undefined && now >= expiresAt;
+    return {
+        vendor,
+        connected: true,
+        expiresAt,
+        expiresInMs,
+        needsReauth,
+        profile: file.profile,
+    };
+}
+export function getAllConnectorStatuses() {
+    const vendors = ["github", "linear", "sentry"];
+    return vendors.map(getConnectorStatus);
+}
+export async function getAccessToken(vendor) {
+    const file = loadTokenFile(vendor);
+    if (!file)
+        throw new Error(`${vendor}: not connected`);
+    const config = vendorConfig(vendor);
+    const fresh = await refreshIfNeeded(config, file);
+    return fresh.access_token;
+}
+// ── Revocation ───────────────────────────────────────────────────────────────
+export async function revoke(vendor) {
+    const file = loadTokenFile(vendor);
+    const config = vendorConfig(vendor);
+    if (file && config.revocationEndpoint) {
+        const body = new URLSearchParams({
+            token: file.access_token,
+            client_id: file.client_id,
+        });
+        if (file.client_secret)
+            body.set("client_secret", file.client_secret);
+        await fetch(config.revocationEndpoint, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: body.toString(),
+        }).catch(() => { });
+    }
+    deleteTokenFile(vendor);
+}
+export function isConnected(vendor) {
+    return loadTokenFile(vendor) !== null;
+}
+//# sourceMappingURL=mcpOAuth.js.map

package/dist/connectors/mcpOAuth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcpOAuth.js","sourceRoot":"","sources":["../../src/connectors/mcpOAuth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EACL,UAAU,EACV,SAAS,EACT,YAAY,EACZ,UAAU,EACV,aAAa,GACd,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AA6B7B,gFAAgF;AAEhF,SAAS,iBAAiB;IACxB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,MAAM,CAAC;IACzD,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,oBAAoB,IAAI,EAAE,CAC/D,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAAgB;IAC3C,MAAM,UAAU,GAAG,iBAAiB,EAAE,CAAC;IACvC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,QAAQ;YACX,OAAO;gBACL,MAAM;gBACN,MAAM,EAAE,gCAAgC;gBACxC,qBAAqB,EAAE,0CAA0C;gBACjE,aAAa,EAAE,6CAA6C;gBAC5D,kBAAkB,EAAE,SAAS,EAAE,yEAAyE;gBACxG,MAAM,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,CAAC;gBACzC,WAAW,EAAE,GAAG,UAAU,8BAA8B;gBACxD,sBAAsB,EAAE,KAAK;gBAC7B,qBAAqB,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE;gBACnE,yBAAyB,EAAE,OAAO,CAAC,GAAG,CAAC,8BAA8B;gBACrE,UAAU,EAAE,cAAc;aAC3B,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO;gBACL,MAAM;gBACN,MAAM,EAAE,wBAAwB;gBAChC,qBAAqB,EAAE,kCAAkC;gBACzD,aAAa,EAAE,8BAA8B;gBAC7C,oBAAoB,EAAE,iCAAiC;gBACvD,kBAAkB,EAAE,8BAA8B,EAAE,oBAAoB;gBACxE,MAAM,EAAE,EAAE;gBACV,WAAW,EAAE,GAAG,UAAU,8BAA8B;gBACxD,sBAAsB,EAAE,IAAI;gBAC5B,UAAU,EAAE,cAAc;aAC3B,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO;gBACL,MAAM;gBACN,MAAM,EAAE,wBAAwB;gBAChC,qBAAqB,EAAE,wCAAwC;gBAC/D,aAAa,EAAE,oCAAoC;gBACnD,oBAAoB,EAAE,uCAAuC;gBAC7D,kBAAkB,EAAE,oCAAoC;gBACxD,MAAM,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,aAAa,CAAC;gBACpD,WAAW,EAAE,GAAG,UAAU,8BAA8B;gBACxD,sBAAsB,EAAE,IAAI;gBAC5B,UAAU,EAAE,cAAc;aAC3B,CAAC;IACN,CAAC;AACH,CAAC;AAiBD,SAAS,SAAS,CAAC,MAAgB;IACjC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,MAAM,WAAW,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAgB;IAC5C,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAC5B,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAChC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAiB,CAAC;IAC9D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,IAAkB;IACvC,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACjC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7D,aAAa,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,eAAe,CAAC,MAAgB;IACvC,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAC5B,IAAI,UAAU,CAAC,CAAC,CAAC;QAAE,UAAU,CAAC,CAAC,CAAC,CAAC;AACnC,CAAC;AAED,gFAAgF;AAEhF,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,GAAG;SACP,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;SACjB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACzB,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,SAAS,CAAC,QAAgB;IACjC,OAAO,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAC1E,CAAC;AAYD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;AAE/C,SAAS,SAAS;IAChB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;QACvC,IAAI,CAAC,CAAC,SAAS,GAAG,GAAG;YAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AASD,KAAK,UAAU,eAAe,CAC5B,MAAoB;IAEpB,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,uCAAuC,CAAC,CAAC;IAC3E,CAAC;IACD,MAAM,IAAI,GAAG;QACX,WAAW,EAAE,MAAM,CAAC,UAAU,IAAI,cAAc;QAChD,aAAa,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC;QACnC,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,0BAA0B,EAAE,MAAM;QAClC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;KAC/B,CAAC;IACF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,oBAAoB,EAAE;QACnD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,EAAE,kBAAkB,EAAE;QAC3E,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;KAC3B,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACjD,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,MAAM,KAAK,OAAO,EAAE,CAC5D,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAyB,CAAC;IACxD,IAAI,CAAC,IAAI,CAAC,SAAS;QACjB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAC;IAChE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;AACxE,CAAC;AAED,gFAAgF;AAEhF;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,MAAoB;IAEpB,SAAS,EAAE,CAAC;IAEZ,IAAI,QAAQ,GAAG,MAAM,CAAC,qBAAqB,IAAI,EAAE,CAAC;IAClD,IAAI,YAAY,GAAuB,MAAM,CAAC,yBAAyB,CAAC;IAExE,IAAI,MAAM,CAAC,sBAAsB,EAAE,CAAC;QAClC,0CAA0C;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9C,IAAI,QAAQ,EAAE,SAAS,EAAE,CAAC;YACxB,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC;YAC9B,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,CAAC;YAC1C,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;YACxB,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC;QAClC,CAAC;IACH,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,6CAA6C,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CACtG,CAAC;IACJ,CAAC;IACD,IACE,CAAC,MAAM,CAAC,sBAAsB;QAC9B,MAAM,CAAC,yBAAyB,KAAK,SAAS;QAC9C,MAAM,CAAC,MAAM,KAAK,QAAQ,EAC1B,CAAC;QACD,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;KACvC,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;QACjC,aAAa,EAAE,MAAM;QACrB,SAAS,EAAE,QAAQ;QACnB,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,KAAK;QACL,cAAc,EAAE,SAAS,CAAC,QAAQ,CAAC;QACnC,qBAAqB,EAAE,MAAM;KAC9B,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM;QAAE,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAEvE,MAAM,YAAY,GAAG,MAAM,CAAC,qBAAqB,CAAC;IAClD,IAAI,CAAC,YAAY;QACf,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,6BAA6B,CAAC,CAAC;IACjE,OAAO,EAAE,GAAG,EAAE,GAAG,YAAY,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC;AAChE,CAAC;AAOD,KAAK,UAAU,YAAY,CACzB,MAAoB,EACpB,IAAY,EACZ,QAAgB,EAChB,QAAgB,EAChB,YAAgC;IAOhC,IAAI,CAAC,MAAM,CAAC,aAAa;QACvB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,qBAAqB,CAAC,CAAC;IACzD,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,oBAAoB;QAChC,IAAI;QACJ,YAAY,EAAE,MAAM,CAAC,WAAW;QAChC,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,QAAQ;KACxB,CAAC,CAAC;IACH,IAAI,YAAY;QAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IAE1D,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,mCAAmC;YACnD,MAAM,EAAE,kBAAkB;SAC3B;QACD,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACjD,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,MAAM,KAAK,OAAO,EAAE,CAC5D,CAAC;IACJ,CAAC;IACD,oFAAoF;IACpF,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACjD,IAAI,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;YAChB,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CACpE,CAAC;QACJ,OAAO;YACL,YAAY,EAAE,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE;YACzC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS;YAClD,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YACzE,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS;SACnC,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAKvB,CAAC;AACJ,CAAC;AAED,wDAAwD;AACxD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAoB,EACpB,IAAY,EACZ,KAAa,EACb,OAAgC;IAEhC,SAAS,EAAE,CAAC;IACZ,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAC;IACtE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACtB,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;QAC5B,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,4BAA4B,CAAC,CAAC;IAEhE,MAAM,GAAG,GAAG,MAAM,YAAY,CAC5B,MAAM,EACN,IAAI,EACJ,CAAC,CAAC,QAAQ,EACV,CAAC,CAAC,QAAQ,EACV,CAAC,CAAC,YAAY,CACf,CAAC;IACF,IAAI,CAAC,GAAG,CAAC,YAAY;QACnB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,sBAAsB,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,GAAG,CAAC,UAAU;QAC9B,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,UAAU,GAAG,IAAI;QACpC,CAAC,CAAC,SAAS,CAAC;IAEd,aAAa,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,CAAC,CAAC,QAAQ;QACrB,aAAa,EAAE,CAAC,CAAC,YAAY;QAC7B,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,aAAa,EAAE,GAAG,CAAC,aAAa;QAChC,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtC,OAAO;KACR,CAAC,CAAC;IACH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC/B,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,eAAe,CAC5B,MAAoB,EACpB,IAAkB;IAElB,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,0CAA0C;IAClE,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,MAAM;QAAE,OAAO,IAAI,CAAC;IAC3E,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QACxB,yEAAyE;QACzE,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CACb,GAAG,IAAI,CAAC,MAAM,sDAAsD,IAAI,CAAC,MAAM,YAAY,CAC5F,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,aAAa;QAAE,OAAO,IAAI,CAAC;IAEvC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,eAAe;QAC3B,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,SAAS,EAAE,IAAI,CAAC,SAAS;KAC1B,CAAC,CAAC;IACH,IAAI,IAAI,CAAC,aAAa;QAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IAEtE,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,mCAAmC;YACnD,MAAM,EAAE,kBAAkB;SAC3B;QACD,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CACb,GAAG,IAAI,CAAC,MAAM,2BAA2B,GAAG,CAAC,MAAM,wCAAwC,IAAI,CAAC,MAAM,YAAY,CACnH,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAI7B,CAAC;IACF,MAAM,OAAO,GAAiB;QAC5B,GAAG,IAAI;QACP,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa;QACvD,UAAU,EAAE,IAAI,CAAC,UAAU;YACzB,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;YACrC,CAAC,CAAC,SAAS;KACd,CAAC;IACF,aAAa,CAAC,OAAO,CAAC,CAAC;IACvB,OAAO,OAAO,CAAC;AACjB,CAAC;AAWD,MAAM,UAAU,kBAAkB,CAAC,MAAgB;IACjD,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;IACnE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC;IAClC,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5D,MAAM,WAAW,GACf,CAAC,IAAI,CAAC,aAAa,IAAI,SAAS,KAAK,SAAS,IAAI,GAAG,IAAI,SAAS,CAAC;IACrE,OAAO;QACL,MAAM;QACN,SAAS,EAAE,IAAI;QACf,SAAS;QACT,WAAW;QACX,WAAW;QACX,OAAO,EAAE,IAAI,CAAC,OAAO;KACtB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,MAAM,OAAO,GAAe,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC3D,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;AACzC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,MAAgB;IACnD,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,iBAAiB,CAAC,CAAC;IACvD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClD,OAAO,KAAK,CAAC,YAAY,CAAC;AAC5B,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,MAAgB;IAC3C,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,IAAI,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAC/B,KAAK,EAAE,IAAI,CAAC,YAAY;YACxB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,aAAa;YAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACtE,MAAM,KAAK,CAAC,MAAM,CAAC,kBAAkB,EAAE;YACrC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACtB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACrB,CAAC;IACD,eAAe,CAAC,MAAM,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAgB;IAC1C,OAAO,aAAa,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC;AACxC,CAAC"}

package/dist/connectors/sentry.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Sentry connector — routes through Sentry's official MCP server.
+ *
+ * Endpoint: https://mcp.sentry.dev/mcp
+ * Auth:     OAuth 2.1 w/ PKCE; dynamic client registration (RFC 7591).
+ *
+ * HTTP routes (wired in src/server.ts):
+ *   GET    /connections/sentry/authorize — returns { url } for popup
+ *   GET    /connections/sentry/callback  — token exchange
+ *   POST   /connections/sentry/test      — ping MCP server
+ *   DELETE /connections/sentry           — revoke + delete token
+ *
+ * MCP tool: fetchSentryIssue — fetches a Sentry issue/event and returns
+ * the stack trace string, ready to pass into enrichStackTrace.
+ */
+export interface SentryTokens {
+    auth_token: string;
+    org?: string;
+    connected_at: string;
+}
+export interface ConnectorStatus {
+    id: string;
+    status: "connected" | "disconnected";
+    lastSync?: string;
+    org?: string;
+}
+export interface ConnectorHandlerResult {
+    status: number;
+    body: string;
+    contentType?: string;
+    redirect?: string;
+}
+export declare function loadTokens(): SentryTokens | null;
+export declare function getStatus(): ConnectorStatus;
+export declare function fetchIssueStackTrace(issueIdOrUrl: string, signal?: AbortSignal): Promise<{
+    stackTrace: string;
+    title: string;
+    issueId: string;
+}>;
+export declare function handleSentryAuthorize(): Promise<ConnectorHandlerResult>;
+export declare function handleSentryCallback(code: string | null, state: string | null, error: string | null): Promise<ConnectorHandlerResult>;
+export declare function handleSentryTest(): Promise<ConnectorHandlerResult>;
+export declare function handleSentryDisconnect(): Promise<ConnectorHandlerResult>;

package/dist/connectors/sentry.js

@@ -0,0 +1,197 @@
+/**
+ * Sentry connector — routes through Sentry's official MCP server.
+ *
+ * Endpoint: https://mcp.sentry.dev/mcp
+ * Auth:     OAuth 2.1 w/ PKCE; dynamic client registration (RFC 7591).
+ *
+ * HTTP routes (wired in src/server.ts):
+ *   GET    /connections/sentry/authorize — returns { url } for popup
+ *   GET    /connections/sentry/callback  — token exchange
+ *   POST   /connections/sentry/test      — ping MCP server
+ *   DELETE /connections/sentry           — revoke + delete token
+ *
+ * MCP tool: fetchSentryIssue — fetches a Sentry issue/event and returns
+ * the stack trace string, ready to pass into enrichStackTrace.
+ */
+import { McpClient } from "./mcpClient.js";
+import { completeAuthorize, getAccessToken, loadTokenFile, revoke, startAuthorize, vendorConfig, } from "./mcpOAuth.js";
+const SENTRY_MCP_ENDPOINT = "https://mcp.sentry.dev/mcp";
+// ── MCP client ───────────────────────────────────────────────────────────────
+let _client = null;
+function client() {
+    if (!_client) {
+        _client = new McpClient(SENTRY_MCP_ENDPOINT, () => getAccessToken("sentry"));
+    }
+    return _client;
+}
+// ── Back-compat ──────────────────────────────────────────────────────────────
+export function loadTokens() {
+    const file = loadTokenFile("sentry");
+    if (!file)
+        return null;
+    return {
+        auth_token: file.access_token,
+        org: file.profile?.org,
+        connected_at: file.connected_at,
+    };
+}
+export function getStatus() {
+    const file = loadTokenFile("sentry");
+    return {
+        id: "sentry",
+        status: file ? "connected" : "disconnected",
+        lastSync: file?.connected_at,
+        org: file?.profile?.org,
+    };
+}
+// ── Issue fetch ──────────────────────────────────────────────────────────────
+function extractIssueId(issueIdOrUrl) {
+    const urlMatch = issueIdOrUrl.match(/\/issues\/(\d+)/);
+    if (urlMatch)
+        return urlMatch[1];
+    const trimmed = issueIdOrUrl.trim();
+    if (/^\d+$/.test(trimmed))
+        return trimmed;
+    throw new Error(`Cannot parse Sentry issue ID from: ${issueIdOrUrl}`);
+}
+function extractOrgSlug(issueIdOrUrl) {
+    const m = issueIdOrUrl.match(/https?:\/\/([^.]+)\.sentry\.io/);
+    return m ? m[1] : null;
+}
+function buildSentryIssueUrl(issueId, orgSlug) {
+    return `https://${orgSlug}.sentry.io/issues/${issueId}/`;
+}
+export async function fetchIssueStackTrace(issueIdOrUrl, signal) {
+    if (!loadTokens())
+        throw new Error("Sentry not connected. GET /connections/sentry/authorize first.");
+    const issueId = extractIssueId(issueIdOrUrl);
+    const orgSlug = extractOrgSlug(issueIdOrUrl) ?? loadTokenFile("sentry")?.profile?.org;
+    if (!orgSlug)
+        throw new Error("Cannot determine Sentry org slug. Pass full sentry.io issue URL.");
+    const issueUrl = buildSentryIssueUrl(issueId, orgSlug);
+    const res = await client().callTool("get_sentry_resource", { url: issueUrl }, { signal });
+    // get_sentry_resource returns markdown text — extract title and stacktrace
+    const text = res.content?.[0]?.text ?? "";
+    const titleMatch = text.match(/\*\*Description\*\*:\s*(.+)/);
+    const title = titleMatch
+        ? titleMatch[1].trim()
+        : `Sentry issue ${issueId}`;
+    // Extract stacktrace block
+    const stMatch = text.match(/```(?:\w+)?\n([\s\S]*?)\n```/);
+    if (!stMatch) {
+        throw new Error(`Sentry returned no stack trace for issue ${issueId}`);
+    }
+    const stackTrace = stMatch[1].trim();
+    return { stackTrace, title, issueId };
+}
+// ── HTTP handlers ────────────────────────────────────────────────────────────
+export async function handleSentryAuthorize() {
+    try {
+        const { url } = await startAuthorize(vendorConfig("sentry"));
+        return { status: 302, body: "", redirect: url };
+    }
+    catch (err) {
+        return {
+            status: 400,
+            contentType: "application/json",
+            body: JSON.stringify({
+                ok: false,
+                error: err instanceof Error ? err.message : String(err),
+            }),
+        };
+    }
+}
+export async function handleSentryCallback(code, state, error) {
+    if (error) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Sentry connect failed</h2><pre>${error}</pre></body></html>`,
+        };
+    }
+    if (!code || !state) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Sentry connect failed</h2><pre>missing code/state</pre></body></html>`,
+        };
+    }
+    try {
+        await completeAuthorize(vendorConfig("sentry"), code, state);
+        // Best-effort org capture
+        try {
+            const res = await client().callTool("find_organizations", {}, {
+                timeoutMs: 10_000,
+            });
+            const orgs = McpClient.extractJson(res);
+            const first = Array.isArray(orgs)
+                ? orgs[0]
+                : (orgs.organizations ?? [])[0];
+            const org = first?.slug;
+            if (org) {
+                const file = loadTokenFile("sentry");
+                if (file) {
+                    const { writeFileSync, mkdirSync } = await import("node:fs");
+                    const { homedir } = await import("node:os");
+                    const path = await import("node:path");
+                    const p = path.join(homedir(), ".patchwork", "tokens", "sentry-mcp.json");
+                    mkdirSync(path.dirname(p), { recursive: true, mode: 0o700 });
+                    file.profile = { ...(file.profile ?? {}), org };
+                    writeFileSync(p, JSON.stringify(file, null, 2), { mode: 0o600 });
+                }
+            }
+        }
+        catch {
+            // Profile fetch is best-effort
+        }
+        return {
+            status: 200,
+            contentType: "text/html",
+            body: `<html><body><h2>Sentry connected</h2><script>window.close();</script></body></html>`,
+        };
+    }
+    catch (err) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Sentry connect failed</h2><pre>${err instanceof Error ? err.message : String(err)}</pre></body></html>`,
+        };
+    }
+}
+export async function handleSentryTest() {
+    if (!loadTokens()) {
+        return {
+            status: 400,
+            contentType: "application/json",
+            body: JSON.stringify({ ok: false, error: "Sentry not connected" }),
+        };
+    }
+    try {
+        const ok = await client().ping({ timeoutMs: 10_000 });
+        return {
+            status: ok ? 200 : 400,
+            contentType: "application/json",
+            body: JSON.stringify({ ok, message: ok ? "connected" : "ping failed" }),
+        };
+    }
+    catch (err) {
+        return {
+            status: 400,
+            contentType: "application/json",
+            body: JSON.stringify({
+                ok: false,
+                error: err instanceof Error ? err.message : String(err),
+            }),
+        };
+    }
+}
+export async function handleSentryDisconnect() {
+    await revoke("sentry");
+    _client = null;
+    return {
+        status: 200,
+        contentType: "application/json",
+        body: JSON.stringify({ ok: true }),
+    };
+}
+//# sourceMappingURL=sentry.js.map

package/dist/connectors/sentry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sentry.js","sourceRoot":"","sources":["../../src/connectors/sentry.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,aAAa,EACb,MAAM,EACN,cAAc,EACd,YAAY,GACb,MAAM,eAAe,CAAC;AAEvB,MAAM,mBAAmB,GAAG,4BAA4B,CAAC;AAsBzD,gFAAgF;AAEhF,IAAI,OAAO,GAAqB,IAAI,CAAC;AACrC,SAAS,MAAM;IACb,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,GAAG,IAAI,SAAS,CAAC,mBAAmB,EAAE,GAAG,EAAE,CAChD,cAAc,CAAC,QAAQ,CAAC,CACzB,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,gFAAgF;AAEhF,MAAM,UAAU,UAAU;IACxB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACrC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,OAAO;QACL,UAAU,EAAE,IAAI,CAAC,YAAY;QAC7B,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG;QACtB,YAAY,EAAE,IAAI,CAAC,YAAY;KAChC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,SAAS;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACrC,OAAO;QACL,EAAE,EAAE,QAAQ;QACZ,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc;QAC3C,QAAQ,EAAE,IAAI,EAAE,YAAY;QAC5B,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG;KACxB,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF,SAAS,cAAc,CAAC,YAAoB;IAC1C,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACvD,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC,CAAC,CAAW,CAAC;IAC3C,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,EAAE,CAAC;IACpC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC;IAC1C,MAAM,IAAI,KAAK,CAAC,sCAAsC,YAAY,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,cAAc,CAAC,YAAoB;IAC1C,MAAM,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;IAC/D,OAAO,CAAC,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,CAAY,CAAC,CAAC,CAAC,IAAI,CAAC;AACrC,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe,EAAE,OAAe;IAC3D,OAAO,WAAW,OAAO,qBAAqB,OAAO,GAAG,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,YAAoB,EACpB,MAAoB;IAEpB,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,IAAI,KAAK,CACb,gEAAgE,CACjE,CAAC;IAEJ,MAAM,OAAO,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;IAC7C,MAAM,OAAO,GACX,cAAc,CAAC,YAAY,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC;IACxE,IAAI,CAAC,OAAO;QACV,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;IAEJ,MAAM,QAAQ,GAAG,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,GAAG,GAAG,MAAM,MAAM,EAAE,CAAC,QAAQ,CACjC,qBAAqB,EACrB,EAAE,GAAG,EAAE,QAAQ,EAAE,EACjB,EAAE,MAAM,EAAE,CACX,CAAC;IAEF,2EAA2E;IAC3E,MAAM,IAAI,GAAI,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAmC,EAAE,IAAI,IAAI,EAAE,CAAC;IAC7E,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;IAC7D,MAAM,KAAK,GAAG,UAAU;QACtB,CAAC,CAAE,UAAU,CAAC,CAAC,CAAY,CAAC,IAAI,EAAE;QAClC,CAAC,CAAC,gBAAgB,OAAO,EAAE,CAAC;IAE9B,2BAA2B;IAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC3D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,4CAA4C,OAAO,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,UAAU,GAAI,OAAO,CAAC,CAAC,CAAY,CAAC,IAAI,EAAE,CAAC;IAEjD,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AACxC,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,qBAAqB;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,cAAc,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC7D,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;IAClD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,kBAAkB;YAC/B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;aACxD,CAAC;SACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,IAAmB,EACnB,KAAoB,EACpB,KAAoB;IAEpB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,WAAW;YACxB,IAAI,EAAE,kDAAkD,KAAK,sBAAsB;SACpF,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACpB,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,WAAW;YACxB,IAAI,EAAE,uFAAuF;SAC9F,CAAC;IACJ,CAAC;IACD,IAAI,CAAC;QACH,MAAM,iBAAiB,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;QAC7D,0BAA0B;QAC1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,MAAM,EAAE,CAAC,QAAQ,CACjC,oBAAoB,EACpB,EAAE,EACF;gBACE,SAAS,EAAE,MAAM;aAClB,CACF,CAAC;YACF,MAAM,IAAI,GAAG,SAAS,CAAC,WAAW,CAEhC,GAAG,CAAC,CAAC;YACP,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;gBAC/B,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;gBACT,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAClC,MAAM,GAAG,GAAG,KAAK,EAAE,IAAI,CAAC;YACxB,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;gBACrC,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;oBAC7D,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;oBAC5C,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;oBACvC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CACjB,OAAO,EAAE,EACT,YAAY,EACZ,QAAQ,EACR,iBAAiB,CAClB,CAAC;oBACF,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;oBAC7D,IAAI,CAAC,OAAO,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC;oBAChD,aAAa,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBACnE,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;QACD,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,WAAW;YACxB,IAAI,EAAE,qFAAqF;SAC5F,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,WAAW;YACxB,IAAI,EAAE,kDAAkD,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,sBAAsB;SAC/H,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC;QAClB,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,kBAAkB;YAC/B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC;SACnE,CAAC;IACJ,CAAC;IACD,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;QACtD,OAAO;YACL,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;YACtB,WAAW,EAAE,kBAAkB;YAC/B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;SACxE,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,kBAAkB;YAC/B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;aACxD,CAAC;SACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;IACvB,OAAO,GAAG,IAAI,CAAC;IACf,OAAO;QACL,MAAM,EAAE,GAAG;QACX,WAAW,EAAE,kBAAkB;QAC/B,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;KACnC,CAAC;AACJ,CAAC"}