lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add manual callback URL entry for headless OAuth flow

Browse Source
This commit is contained in:
mrbeandev
2026-02-17 08:16:33 +05:30
parent 848aaedc24
commit 29e07ec7b4
1 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/auth/oauth.go
+29 -2
View File
@@ -1,6 +1,7 @@
package auth package auth
import ( import (
"bufio"
"context" "context"
"crypto/rand" "crypto/rand"
"encoding/base64" "encoding/base64"
@@ -11,6 +12,7 @@ import (
"net" "net"
"net/http" "net/http"
"net/url" "net/url"
"os"
"os/exec" "os/exec"
"runtime" "runtime"
"strconv" "strconv"
@@ -127,8 +129,17 @@ func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error) {
fmt.Printf("Could not open browser automatically.\nPlease open this URL manually:\n\n%s\n\n", authURL) fmt.Printf("Could not open browser automatically.\nPlease open this URL manually:\n\n%s\n\n", authURL)
} }
fmt.Println("If you're running in a headless environment, use: picoclaw auth login --provider openai --device-code") fmt.Printf("Wait! If you are in a headless environment (like Coolify/VPS) and cannot reach localhost:%d,\n", cfg.Port)
fmt.Println("Waiting for authentication in browser...") fmt.Println("please complete the login in your local browser and then PASTE the final redirect URL (or just the code) here.")
fmt.Println("Waiting for authentication (browser or manual paste)...")
// Start manual input in a goroutine
manualCh := make(chan string)
go func() {
reader := bufio.NewReader(os.Stdin)
input, _ := reader.ReadString('\n')
manualCh <- strings.TrimSpace(input)
}()
select { select {
case result := <-resultCh: case result := <-resultCh:
@@ -136,6 +147,22 @@ func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error) {
return nil, result.err return nil, result.err
} }
return exchangeCodeForTokens(cfg, result.code, pkce.CodeVerifier, redirectURI) return exchangeCodeForTokens(cfg, result.code, pkce.CodeVerifier, redirectURI)
case manualInput := <-manualCh:
if manualInput == "" {
return nil, fmt.Errorf("manual input cancelled")
}
// Extract code from URL if it's a full URL
code := manualInput
if strings.Contains(manualInput, "?") {
u, err := url.Parse(manualInput)
if err == nil {
code = u.Query().Get("code")
}
}
if code == "" {
return nil, fmt.Errorf("could not find authorization code in input")
}
return exchangeCodeForTokens(cfg, code, pkce.CodeVerifier, redirectURI)
case <-time.After(5 * time.Minute): case <-time.After(5 * time.Minute):
return nil, fmt.Errorf("authentication timed out after 5 minutes") return nil, fmt.Errorf("authentication timed out after 5 minutes")
} }