* Refresh MCP OAuth token
(
source: LoadedSource,
cred: StoredCredential
)
| 708 | * Refresh MCP OAuth token |
| 709 | */ |
| 710 | private async refreshMcp( |
| 711 | source: LoadedSource, |
| 712 | cred: StoredCredential |
| 713 | ): Promise<string | null> { |
| 714 | if (!cred.clientId) { |
| 715 | debug(`[SourceCredentialManager] No clientId for MCP token refresh`); |
| 716 | this.markSourceNeedsReauth(source, 'Missing clientId for token refresh'); |
| 717 | return null; |
| 718 | } |
| 719 | |
| 720 | try { |
| 721 | // Only HTTP/SSE transport can refresh tokens - stdio doesn't use OAuth |
| 722 | if (!source.config.mcp?.url) { |
| 723 | // This is expected for stdio transport - not an error |
| 724 | debug(`[SourceCredentialManager] No URL for MCP token refresh (stdio transport)`); |
| 725 | return null; |
| 726 | } |
| 727 | |
| 728 | const oauth = new CraftOAuth( |
| 729 | { mcpBaseUrl: getMcpBaseUrl(source.config.mcp.url) }, |
| 730 | { |
| 731 | onStatus: () => {}, |
| 732 | onError: () => {}, |
| 733 | } |
| 734 | ); |
| 735 | |
| 736 | const tokens = await oauth.refreshAccessToken(cred.refreshToken!, cred.clientId); |
| 737 | |
| 738 | // Update stored credentials |
| 739 | await this.save(source, { |
| 740 | ...cred, |
| 741 | value: tokens.accessToken, |
| 742 | refreshToken: tokens.refreshToken || cred.refreshToken, |
| 743 | expiresAt: tokens.expiresAt, |
| 744 | }); |
| 745 | |
| 746 | debug(`[SourceCredentialManager] Refreshed MCP token for ${source.config.slug}`); |
| 747 | return tokens.accessToken; |
| 748 | } catch (error) { |
| 749 | const errorMsg = error instanceof Error ? error.message : String(error); |
| 750 | debug(`[SourceCredentialManager] MCP token refresh failed:`, error); |
| 751 | this.markSourceNeedsReauth(source, `Token refresh failed: ${errorMsg}`); |
| 752 | return null; |
| 753 | } |
| 754 | } |
| 755 | } |
| 756 | |
| 757 | // ============================================================ |
no test coverage detected