Skip to content

mcp-data-platform-v1.61.1

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 May 23:49
· 124 commits to main since this release
v1.61.1
d3f05cc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

Patch release with two portal improvements:

  1. The admin SPA now recovers cleanly from an expired portal cookie — operators are bounced through OIDC and land back on the same page with their action intact, instead of seeing a confusing authentication required band on the OAuth status card.
  2. The provenance detail modal gets a Copy button for the underlying SQL / formatted parameters, so operators no longer have to manually select multi-line queries to paste them elsewhere.

No schema or config changes. Safe to roll forward from v1.61.0.

What's new

Admin SPA 401 → silent OIDC re-auth with return_to (#394)

Before this release, when an 8-hour portal cookie expired and an operator clicked Connect on a connection settings page, the admin API returned 401 {"detail":"authentication required"}. The SPA rendered that string inline on the OAuth status card — directly next to the Connect button — and operators reasonably read it as "the connection needs auth" rather than "your portal cookie expired."

apiFetch / apiFetchRaw in ui/src/api/admin/client.ts now intercept 401 from /api/v1/admin/* and handle the two auth modes differently:

Mode What expired Recovery
Cookie The signed session cookie OIDC round-trip via /portal/auth/login?return_to=…
API key The key (revoked/rotated) LoginForm re-renders with session-expired banner; no SSO assumed

On the server, LoginHandler accepts an optional return_to query parameter, stores the sanitized value inside the signed state cookie alongside state and verifier, and CallbackHandler honors it as the post-login destination.

Open-redirect class is closed. sanitizeReturnTo accepts only site-relative single-slash paths and rejects absolute URLs, scheme-relative URLs (//evil.com/...), backslash variants, and non-http schemes (javascript:, data:). Sanitization runs at both write (login) and read (callback) so a future tightening can't be bypassed by an old state cookie. Hostile-input coverage in TestCallbackHandlerRejectsHostileReturnTo.

Scope note: the portal (/api/v1/portal/*) and resources (/api/v1/resources/*) clients still call expireSession() on 401 without an OIDC redirect. That's intentional for this release — the operator-hostile surface was the admin OAuth card, and that's what was fixed.

Copy button on the provenance detail modal (#398)

The provenance DetailModal now exposes a Copy button that writes the full SQL query (or formatted JSON parameters for non-SQL entries) to the clipboard. Uses navigator.clipboard.writeText with a document.execCommand("copy") fallback (same pattern as ShareDialog). A green ✓ "Copied" confirmation state shows for 2s after a successful copy. aria-label and title set for accessibility.

Changelog

Features

Bug Fixes

Installation

Homebrew (macOS)

brew install txn2/tap/mcp-data-platform

Claude Code CLI

claude mcp add mcp-data-platform -- mcp-data-platform

Docker

docker pull ghcr.io/txn2/mcp-data-platform:v1.61.1

Verification

All release artifacts are signed with Cosign. Verify with:

cosign verify-blob --bundle mcp-data-platform_1.61.1_linux_amd64.tar.gz.sigstore.json \
  mcp-data-platform_1.61.1_linux_amd64.tar.gz

Contributors

cjimti
Assets 25
Loading