feat: add cookie-based authentication support for enterprise GitLab (#101)
* feat: add cookie-based authentication support for GitLab instances 🍪 - Add GITLAB_AUTH_COOKIE_PATH environment variable support - Handle #HttpOnly_ prefix in cookie files properly - Enable redirect following when cookies are present - Maintain compatibility with existing token-based auth * chore: prepare fork for npm publishing as @mattweg/gitlab-mcp - Update package name to @mattweg/gitlab-mcp - Bump version to 1.0.63-fork.1 - Add attribution to original author zereight - Add deprecation notice referencing upstream PR #100 - Add repository and homepage URLs for fork * fix: remove duplicate documentation line - removed the duplicate GITLAB_AUTH_COOKIE_PATH from README.md * fix: move cookie header outside conditional block for universal auth support - Move cookie header setting outside if/else block to ensure it applies to both old (Private-Token) and new (Bearer) GitLab authentication - Fixes issue where cookies were only set for Bearer token auth - Maintains backward compatibility with existing authentication methods - Enables cookie-based authentication for all GitLab instance types Resolves authentication failures when using GITLAB_AUTH_COOKIE_PATH with GitLab instances that require cookie-based authentication. * 1.0.63 * fix: add support for macOS cookie format in auth cookie parsing 🍪 - Add fallback parsing for macOS cookie format - Handle cookie files with different structure than standard Netscape format - Maintain compatibility with existing Linux cookie parsing - Extract cookie name and value from space-separated format Resolves authentication failures when using GITLAB_AUTH_COOKIE_PATH on macOS systems. * 1.0.64 * chore: update version to 1.0.63-fork.3 * fix: implement proper cookie jar authentication for macOS - Replace static cookie string with fetch-cookie + tough-cookie - Add proper Netscape cookie format parsing with domain context - Enable automatic cookie handling during OAuth2 redirects - Fixes authentication issues on macOS with enterprise SSO * chore: update version to 1.0.63-fork.4 * feat: add cookie-based authentication support for enterprise GitLab instances Add support for Netscape cookie file authentication to enable access to enterprise GitLab instances that use SSO/OAuth2 redirects. - Add GITLAB_AUTH_COOKIE_PATH environment variable - Implement cookie jar with proper domain handling for redirects - Use conditional fetch assignment: cookie-enabled when path configured - Maintains backward compatibility: no cookies = original behavior - Zero changes to existing fetch() calls throughout codebase Enables authentication flows like: curl -L -b ~/.midway/cookie Useful for enterprise environments with federated authentication. * chore: update to fork version 1.0.63-fork.5 with cookie auth support * feat: add cookie-based authentication support for enterprise GitLab instances Add support for Netscape cookie file authentication to enable access to enterprise GitLab instances that use SSO/OAuth2 redirects. - Add GITLAB_AUTH_COOKIE_PATH environment variable - Implement cookie jar with proper domain handling for redirects - Use conditional fetch assignment: cookie-enabled when path configured - Maintains backward compatibility: no cookies = original behavior - Zero changes to existing fetch() calls throughout codebase Enables authentication flows like: curl -L -b ~/.midway/cookie Useful for enterprise environments with federated authentication. * feat: implement robust cookie-based authentication with hybrid parsing - Add support for Netscape cookie file format with #HttpOnly_ prefix handling - Implement hybrid approach using tough-cookie's parse() for robust cookie parsing - Add automatic session establishment for enterprise GitLab authentication - Support cookie file path via GITLAB_AUTH_COOKIE_PATH environment variable - Integrate with fetch-cookie for automatic redirect handling and session persistence - Ensure compatibility with Midway enterprise authentication flow This enables seamless authentication with enterprise GitLab instances that require cookie-based authentication while maintaining clean, maintainable code using widely-supported packages (tough-cookie + fetch-cookie). * chore: bump version to 1.0.63-fork.6 with ultra-clean cookie auth * fix: correct package name to @mattweg/gitlab-mcp for proper npx dependency resolution - Fix package name mismatch that prevented npx from installing dependencies - Bump version to 1.0.63-fork.7 - This resolves cookie authentication issues by ensuring fetch-cookie and tough-cookie are properly installed * Improve cookie authentication with robust session establishment * feat: add cookie-based authentication support This feature adds support for cookie-based authentication with GitLab instances by: - Adding a new GITLAB_AUTH_COOKIE_PATH environment variable to specify the path to a Netscape-format cookie file - Implementing a cookie jar parser that handles standard Netscape cookie format - Adding session establishment logic that checks for GitLab session cookies - Ensuring all API requests use the authenticated session This allows the MCP server to authenticate with GitLab instances that use cookie-based authentication, which is particularly useful for instances that require SSO or other authentication methods that don't support personal access tokens. --------- Co-authored-by: Moon (mattweg's AI assistant) <moon+ai-assistant@mattweg.dev> Co-authored-by: Matt Weg <mattweg@amazon.com>
This commit is contained in:
mattweg
@ -33,11 +33,13 @@
|
||||
"@modelcontextprotocol/sdk": "1.8.0",
|
||||
"@types/node-fetch": "^2.6.12",
|
||||
"express": "^5.1.0",
|
||||
"fetch-cookie": "^3.1.0",
|
||||
"form-data": "^4.0.0",
|
||||
"http-proxy-agent": "^7.0.2",
|
||||
"https-proxy-agent": "^7.0.6",
|
||||
"node-fetch": "^3.3.2",
|
||||
"socks-proxy-agent": "^8.0.5",
|
||||
"tough-cookie": "^5.1.2",
|
||||
"zod-to-json-schema": "^3.23.5"
|
||||
},
|
||||
"devDependencies": {
|
||||
|
||||
Reference in New Issue
Block a user