Refactor auth coordination to be lazy

- Create lazy auth coordinator that only initializes when needed - Modify connectToRemoteServer to only use auth when receiving an Unauthorized error - Update client.ts and proxy.ts to use the lazy auth approach - Add refactoring plan documentation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-04-17 16:13:41 +10:00 · 2025-04-17 16:13:41 +10:00 · a6e6d0f1e8
commit a6e6d0f1e8
parent 14109a309f
5 changed files with 169 additions and 41 deletions
--- a/src/proxy.ts
+++ b/src/proxy.ts
@ -21,7 +21,7 @@ import {
  MCP_REMOTE_VERSION,
 } from './lib/utils'
 import { NodeOAuthClientProvider } from './lib/node-oauth-client-provider'
-import { coordinateAuth } from './lib/coordination'
+import { createLazyAuthCoordinator } from './lib/coordination'
 import { Client } from '@modelcontextprotocol/sdk/client/index.js'

 /**
@ -34,8 +34,8 @@ async function runProxy(serverUrl: string, callbackPort: number, headers: Record
  // Get the server URL hash for lockfile operations
  const serverUrlHash = getServerUrlHash(serverUrl)

-  // Coordinate authentication with other instances
-  const { server, waitForAuthCode, skipBrowserAuth } = await coordinateAuth(serverUrlHash, callbackPort, events)
+  // Create a lazy auth coordinator
+  const authCoordinator = createLazyAuthCoordinator(serverUrlHash, callbackPort, events)

  // Create the OAuth client provider
  const authProvider = new NodeOAuthClientProvider({
@ -44,17 +44,33 @@ async function runProxy(serverUrl: string, callbackPort: number, headers: Record
    clientName: 'MCP CLI Proxy',
  })

-  // If auth was completed by another instance, just log that we'll use the auth from disk
-  if (skipBrowserAuth) {
-    log('Authentication was completed by another instance - will use tokens from disk')
-    // TODO: remove, the callback is happening before the tokens are exchanged
-    //  so we're slightly too early
-    await new Promise((res) => setTimeout(res, 1_000))
-  }
-
  // Create the STDIO transport for local connections
  const localTransport = new StdioServerTransport()

+  // Keep track of the server instance for cleanup
+  let server: any = null
+
+  // Define an auth initializer function
+  const authInitializer = async () => {
+    const authState = await authCoordinator.initializeAuth()
+    
+    // Store server in outer scope for cleanup
+    server = authState.server
+    
+    // If auth was completed by another instance, just log that we'll use the auth from disk
+    if (authState.skipBrowserAuth) {
+      log('Authentication was completed by another instance - will use tokens from disk')
+      // TODO: remove, the callback is happening before the tokens are exchanged
+      //  so we're slightly too early
+      await new Promise((res) => setTimeout(res, 1_000))
+    }
+    
+    return { 
+      waitForAuthCode: authState.waitForAuthCode, 
+      skipBrowserAuth: authState.skipBrowserAuth 
+    }
+  }
+
  try {
    const client = new Client(
      {
@ -65,8 +81,8 @@ async function runProxy(serverUrl: string, callbackPort: number, headers: Record
        capabilities: {},
      },
    )
-    // Connect to remote server with authentication
-    const remoteTransport = await connectToRemoteServer(client, serverUrl, authProvider, headers, waitForAuthCode, skipBrowserAuth)
+    // Connect to remote server with lazy authentication
+    const remoteTransport = await connectToRemoteServer(client, serverUrl, authProvider, headers, authInitializer)

    // Set up bidirectional proxy between local and remote transports
    mcpProxy({
@ -84,7 +100,10 @@ async function runProxy(serverUrl: string, callbackPort: number, headers: Record
    const cleanup = async () => {
      await remoteTransport.close()
      await localTransport.close()
-      server.close()
+      // Only close the server if it was initialized
+      if (server) {
+        server.close()
+      }
    }
    setupSignalHandlers(cleanup)
  } catch (error) {
@ -111,7 +130,10 @@ to the CA certificate file. If using claude_desktop_config.json, this might look
 }
        `)
    }
-    server.close()
+    // Only close the server if it was initialized
+    if (server) {
+      server.close()
+    }
    process.exit(1)
  }
 }