mirror of
https://github.com/lobehub/lobe-chat.git
synced 2026-06-13 19:20:04 +00:00
LiJian
6d47c1d07e
* ✨ feat(connector): support API key / custom header / OAuth auth in custom connector Make the connector backend a full replacement for the legacy custom-MCP plugin form: - connector create/update now accept bearer/apikey/header credentials (encrypted at rest); oauth2 stays callback-only - map apikey → bearer auth and header → request headers in both the sync path (syncTools + callTool) and the agent-runtime manifest path - pass custom HTTP headers through to the MCP client - AddConnectorModal becomes a rich form: MCP type (HTTP/STDIO), auth type (None / API Key / Custom Headers / OAuth), reusing the plugin form inputs; OAuth keeps the existing popup authorize flow, others create + sync directly Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * ♻️ refactor(connector): fold OAuth into the PluginDevModal MCP form Pivot the custom-MCP entry to reuse the rich PluginDevModal / MCPManifestForm instead of a bespoke connector modal, and add OAuth as an auth type inside it: - MCPManifestForm: gated `enableOAuth` adds an "OAuth" auth type with Client ID / Secret (optional) + redirect-URI hint. Only the custom-connector entry enables it, so plain custom-plugin DevModal callers (editing plugins, agent tools, …) are unaffected. - DevModal: opens the OAuth popup synchronously on the save click (browsers block window.open once an async boundary is crossed), validates, then hands the popup to onSave which navigates it to the authorize URL. - New CustomConnectorModal wraps DevModal and persists every auth type onto the connector backend (none / bearer / custom headers → create + sync; OAuth → create with OIDC config + run the authorize popup). - settings/skill entry now opens CustomConnectorModal; the standalone AddConnectorModal rich rewrite from the previous commit is reverted to the canary original (it is only referenced by the unused ConnectorList). - i18n: dev.mcp.auth.oauth* keys (default + en-US + zh-CN). Backend stays as in the prior commit (connector create/update accept bearer/apikey/header credentials; sync + manifest paths apply them). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * 🐛 fix(connector): route the OAuth auth type through the authorize flow, not the token-less manifest test Selecting OAuth and clicking "Test connection" called the plugin manifest test (getStreamableMcpServerManifest), which connects with no token and 401s on any OAuth-gated server (e.g. Linear MCP / DCR). For OAuth there is nothing to test without authorizing first, so the button now becomes "Authorize & Connect" and runs the connector OAuth flow (discovery + DCR + authorize popup), shared with the footer save button via DevModal.runOAuthFlow. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * 🐛 fix(connector): make connector.create idempotent on (user, identifier) Re-adding or re-authorizing a custom connector with an existing identifier hit the user_connectors unique constraint and 500'd. Now an existing row is updated (reset to disconnected, refreshed name/url/oidcConfig/credentials) and its id reused, instead of inserting a duplicate. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * ♻️ refactor(skill-store): route Add Custom MCP through the connector modal, drop the Custom tab - Skill Store "Add → Add Custom MCP Skill" now opens CustomConnectorModal (connector backend + OAuth), matching the settings/skill entry, instead of the legacy plugin DevModal (installCustomPlugin + togglePlugin). - Remove the now-redundant "Custom" tab from the Skill Store (custom MCP lives in the connector list now): drop SkillStoreTab.Custom, its tab option, CustomList render, and the matching search branch. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>