Skip to content

Commit 9300666

Browse files
Document organization deployment and OAuth contract
1 parent 6c48a1e commit 9300666

1 file changed

Lines changed: 59 additions & 0 deletions

File tree

README.md

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,62 @@ This directory is a zero-cost GitHub Pages site for:
66
- `https://link.pythonide.xin/l/{code}` reserved short links
77
- `https://link.pythonide.xin/import?url=...` remote import links
88
- `https://link.pythonide.xin/.well-known/apple-app-site-association` iOS Universal Links
9+
- `https://link.pythonide.xin/mcp-oauth/client.json` MCP OAuth Client ID Metadata Document
10+
- `https://link.pythonide.xin/mcp-oauth/callback` MCP OAuth HTTPS callback
11+
12+
## Repository and deployment
13+
14+
The canonical repository is
15+
[`Python-IDE/pythonide-link`](https://github.com/Python-IDE/pythonide-link). GitHub
16+
Pages deploys from the default branch root with the custom domain
17+
`link.pythonide.xin` and enforced HTTPS.
18+
19+
To publish changes, copy the contents of this `link-site/` directory to that
20+
repository root and verify the Pages deployment. The DNS record is:
21+
22+
```text
23+
Type: CNAME
24+
Host: link
25+
Value: Python-IDE.github.io
26+
TTL: 10 minutes
27+
```
28+
29+
Do not change the root `@` or `www` records used by the main website. Do not
30+
recreate a repository named `pythonide-link` under the previous owner because
31+
that would break GitHub's repository-transfer redirects.
32+
33+
## iOS Requirement
34+
35+
The app entitlements must include:
36+
37+
```text
38+
applinks:link.pythonide.xin
39+
webcredentials:link.pythonide.xin
40+
```
41+
42+
The AASA file currently registers `/s/*` and `/import`. Keep `/l/*` out of AASA until the short-link resolver backend is connected, so unfinished short links still open the web fallback instead of launching the app with no resolved target.
43+
44+
The AASA file must be reachable without redirects:
45+
46+
```text
47+
https://link.pythonide.xin/.well-known/apple-app-site-association
48+
```
49+
50+
## MCP OAuth
51+
52+
The app and hosted files share one callback contract:
53+
54+
```text
55+
Client ID: https://link.pythonide.xin/mcp-oauth/client.json
56+
Redirect URI: https://link.pythonide.xin/mcp-oauth/callback
57+
```
58+
59+
iOS 17.4 and later match the HTTPS callback directly through
60+
`ASWebAuthenticationSession.Callback.https(host:path:)`. On iOS 16.2–17.3,
61+
the callback page forwards the OAuth query to the app-owned
62+
`pythonide://mcp-oauth/callback` compatibility URL. The app converts it back to
63+
the canonical HTTPS URL before the official MCP SDK validates state and PKCE.
64+
65+
Both MCP OAuth files and the AASA file must be deployed together. Do not add
66+
the OAuth callback path to `applinks`; the compatibility page must remain
67+
loadable on iOS versions earlier than 17.4.

0 commit comments

Comments
 (0)