diff --git a/CHANGELOG.md b/CHANGELOG.md index 572dace..b5f8462 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ ## [Unreleased] +### CLI + +- Increase the default OAuth browser wait from 60 seconds to 5 minutes so hosted MCP sign-ins have enough time for account and permission review. + ### Config - Preserve existing stdio executable paths that contain spaces instead of diff --git a/README.md b/README.md index 302918a..b9238b6 100644 --- a/README.md +++ b/README.md @@ -172,7 +172,7 @@ Helpful flags: > Tip: You can skip the verb entirely—`mcporter firecrawl` automatically runs `mcporter list firecrawl`, and dotted tokens like `mcporter linear.list_issues` dispatch to the call command (typo fixes included). -Timeouts default to 30 s; override with `MCPORTER_LIST_TIMEOUT` or `MCPORTER_CALL_TIMEOUT` when you expect slow startups. OAuth browser handshakes get a separate 60 s grace period; pass `--oauth-timeout ` (or export `MCPORTER_OAUTH_TIMEOUT_MS`) when you need the CLI to bail out faster while you diagnose stubborn auth flows. +Timeouts default to 30 s; override with `MCPORTER_LIST_TIMEOUT` or `MCPORTER_CALL_TIMEOUT` when you expect slow startups. OAuth browser handshakes get a separate 5 minute grace period; pass `--oauth-timeout ` (or export `MCPORTER_OAUTH_TIMEOUT_MS`) when you need the CLI to bail out faster while you diagnose stubborn auth flows. ### Try an MCP without editing config diff --git a/docs/hang-debug.md b/docs/hang-debug.md index cb14fc3..14c49f1 100644 --- a/docs/hang-debug.md +++ b/docs/hang-debug.md @@ -27,7 +27,7 @@ culprit is a child MCP server process that keeps the stdio transport alive. gathering diagnostics. 6. **Clamp OAuth waits** – when the browser-based sign-in never completes, run with `--oauth-timeout ` (or `MCPORTER_OAUTH_TIMEOUT_MS`) so the CLI - tears down the pending flow instead of waiting the full minute. + tears down the pending flow instead of waiting the full 5 minutes. ## Example Session diff --git a/docs/tmux.md b/docs/tmux.md index 4831a8e..28a6e5d 100644 --- a/docs/tmux.md +++ b/docs/tmux.md @@ -30,4 +30,4 @@ Use `tmux` to verify whether a CLI command actually exits or is stalled on open tmux kill-session -t mcporter-check ``` -This workflow makes it easy to confirm whether `mcporter` commands return promptly after shutdown changes (for example, when debugging lingering MCP stdio servers). Use `MCPORTER_DEBUG_HANG=1` to emit active-handle diagnostics inside the tmux session when necessary. For OAuth flows that keep a session open, set `--oauth-timeout 5000` (or `MCPORTER_OAUTH_TIMEOUT_MS=5000`) so the CLI proves it can exit without waiting a full minute for a browser callback. +This workflow makes it easy to confirm whether `mcporter` commands return promptly after shutdown changes (for example, when debugging lingering MCP stdio servers). Use `MCPORTER_DEBUG_HANG=1` to emit active-handle diagnostics inside the tmux session when necessary. For OAuth flows that keep a session open, set `--oauth-timeout 5000` (or `MCPORTER_OAUTH_TIMEOUT_MS=5000`) so the CLI proves it can exit without waiting the full 5 minute default for a browser callback. diff --git a/src/cli/help-output.ts b/src/cli/help-output.ts index 0467498..2420975 100644 --- a/src/cli/help-output.ts +++ b/src/cli/help-output.ts @@ -144,7 +144,7 @@ function formatGlobalFlags(colorize: boolean): string { }, { flag: '--oauth-timeout ', - summary: 'Time to wait for browser-based OAuth before giving up (default 60000)', + summary: 'Time to wait for browser-based OAuth before giving up (default 300000)', }, ]; const formatted = entries.map((entry) => ` ${entry.flag.padEnd(34)}${entry.summary}`); diff --git a/src/runtime/oauth.ts b/src/runtime/oauth.ts index aaababb..495f0f9 100644 --- a/src/runtime/oauth.ts +++ b/src/runtime/oauth.ts @@ -4,7 +4,7 @@ import type { Logger } from '../logging.js'; import type { OAuthSession } from '../oauth.js'; import { isUnauthorizedError } from '../runtime-oauth-support.js'; -export const DEFAULT_OAUTH_CODE_TIMEOUT_MS = 60_000; +export const DEFAULT_OAUTH_CODE_TIMEOUT_MS = 300_000; const OAUTH_FLOW_ERROR = Symbol('oauth-flow-error'); const POST_AUTH_CONNECT_ERROR = Symbol('post-auth-connect-error'); diff --git a/tests/runtime-oauth-utils.test.ts b/tests/runtime-oauth-utils.test.ts index 18d8e42..d2ef08d 100644 --- a/tests/runtime-oauth-utils.test.ts +++ b/tests/runtime-oauth-utils.test.ts @@ -3,9 +3,9 @@ import { parseOAuthTimeout } from '../src/runtime/oauth.js'; describe('parseOAuthTimeout', () => { it('falls back to default on missing or invalid values', () => { - expect(parseOAuthTimeout(undefined)).toBe(60_000); - expect(parseOAuthTimeout('not-a-number')).toBe(60_000); - expect(parseOAuthTimeout('-500')).toBe(60_000); + expect(parseOAuthTimeout(undefined)).toBe(300_000); + expect(parseOAuthTimeout('not-a-number')).toBe(300_000); + expect(parseOAuthTimeout('-500')).toBe(300_000); }); it('parses valid integer inputs', () => {