feat(integrations): MCP OAuth providers #3
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![cubic-dev-local[bot]](https://avatars.githubusercontent.com/u/189440881?s=60&v=4){kind=small}
Implements Model Context Protocol (MCP) OAuth 2.1 authorization code flow with: - MCPAuthProvider base class with dynamic endpoint discovery - PKCE enabled by default for OAuth 2.1 compliance - Resource parameter to identify MCP servers - RunReveal MCP provider for security data analysis - Atlassian MCP provider for Jira, Confluence, Compass OAuth endpoints are discovered automatically from /.well-known/oauth-authorization-server, eliminating the need for hardcoded endpoints. Scopes are determined by the authorization server based on user permissions. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
- Fix empty scopes handling in BaseOAuthProvider to avoid sending scope="" - Add fallback OAuth endpoint support for providers without discovery - Simplify GitHub and Microsoft MCP providers to use fallback pattern - Ensure all MCP providers handle empty scopes correctly 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
…mentation links - Simplified descriptions for GitHub, Linear, Microsoft Learn, Notion, RunReveal, and Sentry MCP providers to better reflect their functionalities. - Updated API documentation URLs for Linear, Microsoft Learn, and Sentry MCP providers to point to the correct resources.
- Introduced a utility function to identify MCP providers, allowing for tailored UI behavior. - Updated the ProviderDetailPage and ProviderConfigForm components to conditionally render content based on MCP status. - Simplified the configuration tab visibility and button actions for MCP providers, ensuring a streamlined user experience. - Added informative messaging for MCP providers to clarify the lack of required client credentials.
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
5 issues found across 10 files
Prompt for AI agents (all 5 issues)
Understand the root cause of the following 5 issues and fix them.
<file name="tracecat/integrations/providers/sentry/mcp.py">
<violation number="1" location="tracecat/integrations/providers/sentry/mcp.py:33">
Minor grammar: use "issue tracking" instead of "issues tracking" in the provider description.
*DEV MODE: This violation would have been filtered out by screening filters. Failing filters: functionalImpact.*</violation>
</file>
<file name="frontend/src/app/workspaces/[workspaceId]/integrations/[providerId]/page.tsx">
<violation number="1" location="frontend/src/app/workspaces/[workspaceId]/integrations/[providerId]/page.tsx:112">
Suffix-based MCP detection hides the Configuration tab for all “*_mcp” providers; fallback MCPs that require configuration will be blocked. Use an explicit metadata flag for self-configuring MCPs instead of id suffix.</violation>
<violation number="2" location="frontend/src/app/workspaces/[workspaceId]/integrations/[providerId]/page.tsx:309">
MCP “Connect” button calls handleOAuthConnect, but failures only set errorMessage, which is no longer rendered—users get no feedback on errors.</violation>
</file>
<file name="frontend/src/components/provider-config-form.tsx">
<violation number="1" location="frontend/src/components/provider-config-form.tsx:185">
`additionalButtons` is ignored in the MCP branch, so action controls (e.g., Connect) passed by parent won't render here, causing inconsistent UX and potentially hiding critical actions.</violation>
</file>
<file name="tracecat/integrations/providers/linear/mcp.py">
<violation number="1" location="tracecat/integrations/providers/linear/mcp.py:32">
Typo in provider description: 'providerfor' should be 'provider for' to improve readability.</violation>
</file>
React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.
| metadata: ClassVar[ProviderMetadata] = ProviderMetadata( | ||
| id="sentry_mcp", | ||
| name="Sentry MCP", | ||
| description="Sentry MCP provider for issues tracking and performance monitoring", |
There was a problem hiding this comment.
Minor grammar: use "issue tracking" instead of "issues tracking" in the provider description.
DEV MODE: This violation would have been filtered out by screening filters. Failing filters: functionalImpact.
Prompt for AI agents
Address the following comment on tracecat/integrations/providers/sentry/mcp.py at line 33:
<comment>Minor grammar: use "issue tracking" instead of "issues tracking" in the provider description.
*DEV MODE: This violation would have been filtered out by screening filters. Failing filters: functionalImpact.*</comment>
<file context>
@@ -0,0 +1,48 @@
+ metadata: ClassVar[ProviderMetadata] = ProviderMetadata(
+ id="sentry_mcp",
+ name="Sentry MCP",
+ description="Sentry MCP provider for issues tracking and performance monitoring",
+ enabled=True,
+ requires_config=False,
</file context>
[internal] Confidence score: 10/10
[internal] Posted by: General AI Review Agent
| */ | ||
| function isMCPProvider(provider: ProviderRead): boolean { | ||
| // MCP providers follow the naming convention of ending with "_mcp" | ||
| return provider.metadata.id.endsWith("_mcp") |
There was a problem hiding this comment.
Suffix-based MCP detection hides the Configuration tab for all “*_mcp” providers; fallback MCPs that require configuration will be blocked. Use an explicit metadata flag for self-configuring MCPs instead of id suffix.
Prompt for AI agents
Address the following comment on frontend/src/app/workspaces/[workspaceId]/integrations/[providerId]/page.tsx at line 112:
<comment>Suffix-based MCP detection hides the Configuration tab for all “*_mcp” providers; fallback MCPs that require configuration will be blocked. Use an explicit metadata flag for self-configuring MCPs instead of id suffix.</comment>
<file context>
@@ -103,18 +103,30 @@ export default function ProviderDetailPage() {
+ */
+function isMCPProvider(provider: ProviderRead): boolean {
+ // MCP providers follow the naming convention of ending with "_mcp"
+ return provider.metadata.id.endsWith("_mcp")
+}
+
</file context>
[internal] Confidence score: 7/10
[internal] Posted by: General AI Review Agent
| className="h-[22px] px-2 py-0 text-xs font-medium" | ||
| onClick={() => handleTabChange("configuration")} | ||
| disabled={!isEnabled} | ||
| onClick={ |
There was a problem hiding this comment.
MCP “Connect” button calls handleOAuthConnect, but failures only set errorMessage, which is no longer rendered—users get no feedback on errors.
Prompt for AI agents
Address the following comment on frontend/src/app/workspaces/[workspaceId]/integrations/[providerId]/page.tsx at line 309:
<comment>MCP “Connect” button calls handleOAuthConnect, but failures only set errorMessage, which is no longer rendered—users get no feedback on errors.</comment>
<file context>
@@ -294,11 +306,21 @@ function ProviderDetailContent({ provider }: { provider: ProviderRead }) {
className="h-[22px] px-2 py-0 text-xs font-medium"
- onClick={() => handleTabChange("configuration")}
- disabled={!isEnabled}
+ onClick={
+ isMCP
+ ? handleOAuthConnect
</file context>
[internal] Confidence score: 9/10
[internal] Posted by: General AI Review Agent
| } | ||
|
|
||
| // For MCP providers, show a simplified message | ||
| if (isMCP) { |
There was a problem hiding this comment.
additionalButtons is ignored in the MCP branch, so action controls (e.g., Connect) passed by parent won't render here, causing inconsistent UX and potentially hiding critical actions.
Prompt for AI agents
Address the following comment on frontend/src/components/provider-config-form.tsx at line 185:
<comment>`additionalButtons` is ignored in the MCP branch, so action controls (e.g., Connect) passed by parent won't render here, causing inconsistent UX and potentially hiding critical actions.</comment>
<file context>
@@ -171,6 +181,42 @@ export function ProviderConfigForm({
}
+ // For MCP providers, show a simplified message
+ if (isMCP) {
+ return (
+ <div className="flex flex-col gap-6">
</file context>
[internal] Confidence score: 7/10
[internal] Posted by: General AI Review Agent
| metadata: ClassVar[ProviderMetadata] = ProviderMetadata( | ||
| id="linear_mcp", | ||
| name="Linear MCP", | ||
| description="Linear MCP providerfor issue tracking and project management", |
There was a problem hiding this comment.
Typo in provider description: 'providerfor' should be 'provider for' to improve readability.
Prompt for AI agents
Address the following comment on tracecat/integrations/providers/linear/mcp.py at line 32:
<comment>Typo in provider description: 'providerfor' should be 'provider for' to improve readability.</comment>
<file context>
@@ -0,0 +1,46 @@
+ metadata: ClassVar[ProviderMetadata] = ProviderMetadata(
+ id="linear_mcp",
+ name="Linear MCP",
+ description="Linear MCP providerfor issue tracking and project management",
+ enabled=True,
+ requires_config=False,
</file context>
[internal] Confidence score: 10/10
[internal] Posted by: General AI Review Agent
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary by cubic
Add MCP OAuth 2.1 support with dynamic discovery and UI changes for seamless “Connect” flows. Introduces GitHub, Linear, Notion, RunReveal, and Sentry MCP integrations.
New Features
Bug Fixes