opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 46 minutes ago verified publisher icon anomalyco

feat(mcp): add OAuth redirect URI configuration for MCP servers

Open christso opened this issue 6 days ago • 1 comments

Summary

This PR implements custom OAuth redirect URI configuration for MCP servers, allowing users to override the default callback URL to match their OAuth server's requirements.

Changes

  • ✅ Added optional redirectUri config parameter to MCP OAuth settings
  • ✅ Implemented parseRedirectUri() helper function to extract port and path
  • ✅ Dynamic callback server configuration based on custom redirect URI
  • ✅ Full test coverage for custom URI parsing and edge cases
  • ✅ Backward compatible - defaults to http://127.0.0.1:19876/mcp/oauth/callback when not specified

User Configuration

{
  "mcp": {
    "my-server": {
      "type": "remote",
      "url": "https://api.example.com",
      "oauth": {
        "clientId": "my-client-id",
        "redirectUri": "https://custom.example.com/callback"  // NEW
      }
    }
  }
}

Files Changed

  • packages/opencode/src/config/config.ts - Added redirectUri to OAuth config schema
  • packages/opencode/src/mcp/oauth-provider.ts - Implement parseRedirectUri() and use configured URI
  • packages/opencode/src/mcp/oauth-callback.ts - Dynamic server configuration with port/path parsing
  • packages/opencode/src/mcp/index.ts - Pass redirectUri through OAuth flow
  • packages/opencode/src/cli/cmd/mcp.ts - Pass redirectUri to OAuth provider in debug command
  • packages/opencode/test/mcp/oauth-callback.test.ts - Comprehensive test suite

Testing

  • Tests cover default behavior (no redirectUri specified)
  • Tests cover custom redirectUri with different ports/paths
  • Tests cover server reconfiguration when redirectUri changes
  • Tests cover invalid URI handling with fallback to defaults
  • All tests passing

Related

Closes #7377 - [FEATURE]: Allow custom OAuth redirect URI configuration for MCP servers

Design Rationale

OpenCode already supports overriding clientId for flexible OAuth client configuration. Since OAuth servers validate both client ID and redirect URI, supporting custom redirectUri is essential for feature completeness. This removes the asymmetry where users could point to any OAuth server/client but were constrained to a hardcoded callback URL.

christso avatar Jan 08 '26 21:01 christso