feat(cookie): implement LinkedIn cookie extraction and usage

[stickerdaniel]

Add functionality to extract LinkedIn session cookies for Docker setup. Introduce a new command-line flag --get-cookie to facilitate cookie retrieval. Update configuration to support cookie management via environment variables and keyring. Enhance login process to prioritize cookie authentication, falling back to credentials if necessary. Update manifest and schema to reflect changes in cookie handling.

[claude]

Claude finished @stickerdaniel's task —— View job

---

Code Review Analysis ✅

Reviewing PR #21: feat(cookie): implement LinkedIn cookie extraction and usage

Review Checklist:

• Read and analyze main authentication implementation
• Review cookie handling and storage security
• Check error handling and logging practices
• Evaluate code organization and maintainability
• Assess potential security vulnerabilities
• Review configuration management
• Check for test coverage
• Provide comprehensive feedback

---

🔍 Code Quality Analysis

Strengths:

• Clean Architecture: Well-structured separation of concerns with dedicated modules for authentication, setup, and driver management
• Comprehensive Error Handling: Excellent error handling with specific exception types and user-friendly messages
• Security-First Design: Proper use of system keyring for credential storage and secure cookie handling
• Consistent Logging: Structured JSON logging with good debug information
• Interactive UX: Thoughtful user experience with clear prompts and fallback options

Code Organization:

• authentication.py: Clean, focused module with single responsibility ✅
• setup.py: Well-organized interactive setup flows ✅
• chrome.py: Simplified and focused on driver management ✅
• Configuration management is well-structured ✅

---

🔒 Security Assessment

Good Security Practices:

• ✅ Credentials stored in system keyring (macOS Keychain, Windows Credential Locker)
• ✅ Cookie validation before storage
• ✅ Clear separation of authentication phases
• ✅ Automatic cleanup of invalid credentials
• ✅ No hardcoded credentials or sensitive data

Security Concerns & Recommendations:

1. Cookie Validation Logic (authentication.py:120-145)

   • The validation is quite permissive - accepts any string >10 chars without =
   • Recommendation: Add more robust validation (e.g., check for expected cookie format/length)

2. Error Information Exposure (setup.py:290-308)

   • Login errors are logged with full exception details
   • Recommendation: Be cautious about logging sensitive information in production

3. Clipboard Cookie Handling (main.py:84-87)

   • Cookie copied to clipboard could be visible in clipboard history
   • Recommendation: Consider adding a warning about clipboard security

---

🐛 Potential Issues & Bugs

1. Race Condition in Driver Management (chrome.py:193-244)

   • Global active_drivers dict could have race conditions in multi-threaded scenarios
   • Recommendation: Add thread safety mechanisms or document single-threaded usage

2. Cookie Format Inconsistency (setup.py:222-225)

   • Cookie normalization logic strips li_at= prefix but validation logic expects it
   • Recommendation: Standardize cookie format handling across modules

3. Driver Cleanup Edge Case (chrome.py:250-258)

   • Exception during driver.quit() could leave resources uncleaned
   • Recommendation: Add more robust cleanup with try/except for individual operations

4. Missing Input Validation (authentication.py:75-97)

   • No validation of cookie parameter in store_authentication()
   • Recommendation: Add cookie format validation before storage

---

🚀 Performance Considerations

Good Performance Practices:

• ✅ Lazy driver initialization option
• ✅ Driver session reuse
• ✅ Efficient cookie validation with timeouts
• ✅ Proper resource cleanup

Performance Improvements:

• Consider adding connection pooling for multiple concurrent requests
• Cookie validation timeout could be configurable
• Memory usage monitoring for long-running sessions

---

📋 Test Coverage Assessment

Missing Test Coverage:

• No unit tests for authentication module
• No integration tests for setup flows
• No tests for error handling scenarios
• No tests for cookie validation logic

Critical Testing Needs:

1. Cookie validation edge cases
2. Keyring integration testing
3. Error handling scenarios
4. Driver lifecycle management
5. Configuration loading

Recommendation: Add comprehensive test suite covering:

# Example test structure needed
def test_cookie_validation():
    # Test valid/invalid cookie formats
    
def test_keyring_integration():
    # Test storage/retrieval from keyring
    
def test_authentication_flow():
    # Test end-to-end authentication scenarios

---

🔧 Code Improvements

1. Type Hints Enhancement (setup.py:81, 163)

   • Some functions use dict[str, str] instead of Dict[str, str]
   • Recommendation: Consistent typing imports and usage

2. Magic Numbers (authentication.py:19-20)

   • Magic numbers for cookie length validation
   • Recommendation: Make constants configurable or better documented

3. Duplicate Code (config/secrets.py vs authentication.py)

   • Similar authentication logic exists in both modules
   • Recommendation: Consolidate to avoid duplication

4. Configuration Validation

   • Missing validation for configuration schema
   • Recommendation: Add pydantic or similar for config validation

---

📚 Documentation & User Experience

Strengths:

• Clear docstrings and comments
• Good error messages with actionable guidance
• Comprehensive README updates
• Interactive setup with helpful prompts

Areas for Improvement:

• Add code examples for programmatic usage
• Document security considerations
• Add troubleshooting section for common issues

---

🎯 Final Recommendations

High Priority:

1. Add comprehensive test coverage (critical for security-sensitive code)
2. Fix cookie format inconsistencies
3. Add thread safety to driver management
4. Improve cookie validation robustness

Medium Priority:

1. Consolidate duplicate authentication logic
2. Add configuration validation
3. Improve error logging practices
4. Add performance monitoring

Low Priority:

1. Enhance type hints consistency
2. Make magic numbers configurable
3. Add advanced configuration options

---

✅ Overall Assessment

This is a well-architected and thoughtfully implemented feature that significantly improves the authentication experience. The code demonstrates good security practices and clean architecture principles. The main areas for improvement are test coverage and some edge case handling.

Recommendation: Approve with suggestions - This is high-quality code that adds significant value, but would benefit from the test coverage and minor fixes mentioned above.

[Copilot]

Pull Request Overview

This PR overhauls authentication to use LinkedIn session cookies, adding extraction, storage, and CLI support while deprecating direct email/password usage.

• Introduce --get-cookie flag and related modes for cookie extraction
• Update configuration schema, loaders, and keyring providers to manage a linkedin_cookie
• Restructure main.py, driver logic, and error handling to prioritize cookie authentication

Reviewed Changes

Copilot reviewed 14 out of 15 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
manifest.json	Swap out LINKEDIN_EMAIL/PASSWORD for LINKEDIN_COOKIE in Docker run
main.py	Add cookie-extraction mode, phased auth/driver setup, and new CLI flags
linkedin_mcp_server/setup.py	Implement interactive and non-interactive cookie/credential capture flows
linkedin_mcp_server/logging_config.py	Change default log level to WARNING and tighten specific logger levels
linkedin_mcp_server/error_handler.py	Rename credentials_not_found error to authentication_not_found
linkedin_mcp_server/drivers/chrome.py	Refactor driver creation, separate cookie vs. credential login
linkedin_mcp_server/config/secrets.py	Add cookie keyring support and prompt flows
linkedin_mcp_server/config/schema.py	Extend LinkedInConfig and ServerConfig with cookie fields/flags
linkedin_mcp_server/config/providers.py	Add get_/save_/clear_cookie_from_keyring providers
linkedin_mcp_server/config/loaders.py	Load LINKEDIN_COOKIE and --get-cookie/--cookie CLI args
linkedin_mcp_server/config/init.py	Reorder imports to expose new cookie APIs
linkedin_mcp_server/authentication.py	New pure auth module for cookie validation and storage
README.md	Expand Docker and local setup docs with cookie extraction instructions
.vscode/tasks.json	Add VS Code task for bundling the DXT package

Comments suppressed due to low confidence (6)

linkedin_mcp_server/error_handler.py:71

• Changing the error code from credentials_not_found to authentication_not_found may break existing clients. Consider documenting this breaking change or versioning the API.

            "error": "authentication_not_found",

README.md:70

• [nitpick] The "Getting the LinkedIn Cookie" section is duplicated across Docker and Claude Desktop docs. Consider consolidating into one section to reduce redundancy.

<summary><b>🐳 Docker get-cookie method</b></summary>

README.md:264

• The code block fence should be json instead of **json** to enable proper syntax highlighting.

```**json**

main.py:237

• The try: block under the InvalidCredentialsError handler appears mis-indented, causing a syntax error. Please adjust indentation so the try/except is properly nested within the if block.

            try:

linkedin_mcp_server/config/secrets.py:97

• The file uses inquirer.confirm and inquirer.text but does not import inquirer. Please add import inquirer at the top of this module.

    has_cookie = inquirer.confirm("Do you have a LinkedIn cookie?", default=False)

linkedin_mcp_server/logging_config.py:88

• [nitpick] Switching the default log level to WARNING will suppress INFO messages in production; confirm that you won’t lose visibility into important events.

    log_level = logging.DEBUG if debug else logging.WARNING

[claude]

Claude encountered an error —— View job

---

I'll analyze this and get back to you.