feat: add cookie-based authentication support for enterprise GitLab (#101)
* feat: add cookie-based authentication support for GitLab instances 🍪 - Add GITLAB_AUTH_COOKIE_PATH environment variable support - Handle #HttpOnly_ prefix in cookie files properly - Enable redirect following when cookies are present - Maintain compatibility with existing token-based auth * chore: prepare fork for npm publishing as @mattweg/gitlab-mcp - Update package name to @mattweg/gitlab-mcp - Bump version to 1.0.63-fork.1 - Add attribution to original author zereight - Add deprecation notice referencing upstream PR #100 - Add repository and homepage URLs for fork * fix: remove duplicate documentation line - removed the duplicate GITLAB_AUTH_COOKIE_PATH from README.md * fix: move cookie header outside conditional block for universal auth support - Move cookie header setting outside if/else block to ensure it applies to both old (Private-Token) and new (Bearer) GitLab authentication - Fixes issue where cookies were only set for Bearer token auth - Maintains backward compatibility with existing authentication methods - Enables cookie-based authentication for all GitLab instance types Resolves authentication failures when using GITLAB_AUTH_COOKIE_PATH with GitLab instances that require cookie-based authentication. * 1.0.63 * fix: add support for macOS cookie format in auth cookie parsing 🍪 - Add fallback parsing for macOS cookie format - Handle cookie files with different structure than standard Netscape format - Maintain compatibility with existing Linux cookie parsing - Extract cookie name and value from space-separated format Resolves authentication failures when using GITLAB_AUTH_COOKIE_PATH on macOS systems. * 1.0.64 * chore: update version to 1.0.63-fork.3 * fix: implement proper cookie jar authentication for macOS - Replace static cookie string with fetch-cookie + tough-cookie - Add proper Netscape cookie format parsing with domain context - Enable automatic cookie handling during OAuth2 redirects - Fixes authentication issues on macOS with enterprise SSO * chore: update version to 1.0.63-fork.4 * feat: add cookie-based authentication support for enterprise GitLab instances Add support for Netscape cookie file authentication to enable access to enterprise GitLab instances that use SSO/OAuth2 redirects. - Add GITLAB_AUTH_COOKIE_PATH environment variable - Implement cookie jar with proper domain handling for redirects - Use conditional fetch assignment: cookie-enabled when path configured - Maintains backward compatibility: no cookies = original behavior - Zero changes to existing fetch() calls throughout codebase Enables authentication flows like: curl -L -b ~/.midway/cookie Useful for enterprise environments with federated authentication. * chore: update to fork version 1.0.63-fork.5 with cookie auth support * feat: add cookie-based authentication support for enterprise GitLab instances Add support for Netscape cookie file authentication to enable access to enterprise GitLab instances that use SSO/OAuth2 redirects. - Add GITLAB_AUTH_COOKIE_PATH environment variable - Implement cookie jar with proper domain handling for redirects - Use conditional fetch assignment: cookie-enabled when path configured - Maintains backward compatibility: no cookies = original behavior - Zero changes to existing fetch() calls throughout codebase Enables authentication flows like: curl -L -b ~/.midway/cookie Useful for enterprise environments with federated authentication. * feat: implement robust cookie-based authentication with hybrid parsing - Add support for Netscape cookie file format with #HttpOnly_ prefix handling - Implement hybrid approach using tough-cookie's parse() for robust cookie parsing - Add automatic session establishment for enterprise GitLab authentication - Support cookie file path via GITLAB_AUTH_COOKIE_PATH environment variable - Integrate with fetch-cookie for automatic redirect handling and session persistence - Ensure compatibility with Midway enterprise authentication flow This enables seamless authentication with enterprise GitLab instances that require cookie-based authentication while maintaining clean, maintainable code using widely-supported packages (tough-cookie + fetch-cookie). * chore: bump version to 1.0.63-fork.6 with ultra-clean cookie auth * fix: correct package name to @mattweg/gitlab-mcp for proper npx dependency resolution - Fix package name mismatch that prevented npx from installing dependencies - Bump version to 1.0.63-fork.7 - This resolves cookie authentication issues by ensuring fetch-cookie and tough-cookie are properly installed * Improve cookie authentication with robust session establishment * feat: add cookie-based authentication support This feature adds support for cookie-based authentication with GitLab instances by: - Adding a new GITLAB_AUTH_COOKIE_PATH environment variable to specify the path to a Netscape-format cookie file - Implementing a cookie jar parser that handles standard Netscape cookie format - Adding session establishment logic that checks for GitLab session cookies - Ensuring all API requests use the authenticated session This allows the MCP server to authenticate with GitLab instances that use cookie-based authentication, which is particularly useful for instances that require SSO or other authentication methods that don't support personal access tokens. --------- Co-authored-by: Moon (mattweg's AI assistant) <moon+ai-assistant@mattweg.dev> Co-authored-by: Matt Weg <mattweg@amazon.com>
This commit is contained in:
mattweg
@ -111,6 +111,7 @@ $ sh scripts/image_push.sh docker_user_name
|
||||
- `USE_GITLAB_WIKI`: When set to 'true', enables the wiki-related tools (list_wiki_pages, get_wiki_page, create_wiki_page, update_wiki_page, delete_wiki_page). By default, wiki features are disabled.
|
||||
- `USE_MILESTONE`: When set to 'true', enables the milestone-related tools (list_milestones, get_milestone, create_milestone, edit_milestone, delete_milestone, get_milestone_issue, get_milestone_merge_requests, promote_milestone, get_milestone_burndown_events). By default, milestone features are disabled.
|
||||
- `USE_PIPELINE`: When set to 'true', enables the pipeline-related tools (list_pipelines, get_pipeline, list_pipeline_jobs, get_pipeline_job, get_pipeline_job_output, create_pipeline, retry_pipeline, cancel_pipeline). By default, pipeline features are disabled.
|
||||
- `GITLAB_AUTH_COOKIE_PATH`: Path to an authentication cookie file for GitLab instances that require cookie-based authentication. When provided, the cookie will be included in all GitLab API requests.
|
||||
|
||||
## Tools 🛠️
|
||||
|
||||
|
||||
Reference in New Issue
Block a user