Dark-Alex-17/loki
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Dark-Alex-17:92ea0f624e9569fc13744a7f9cabf82889ba6d59
Branches Tags
Dark-Alex-17:main Dark-Alex-17:restful-api Dark-Alex-17:develop Dark-Alex-17:tree-sitter-tools Dark-Alex-17:gemini-oauth
Dark-Alex-17:v0.1.3 Dark-Alex-17:v0.1.2 Dark-Alex-17:v0.1.1
..
compare: Dark-Alex-17:gemini-oauth
Branches Tags
Dark-Alex-17:restful-api Dark-Alex-17:develop Dark-Alex-17:tree-sitter-tools Dark-Alex-17:main Dark-Alex-17:gemini-oauth
Dark-Alex-17:v0.1.3 Dark-Alex-17:v0.1.2 Dark-Alex-17:v0.1.1

1 Commits
92ea0f624e .. gemini-oauth

Author SHA1 Message Date
Alex Clarke
83581d9d18 feat: Initial scaffolding work for Gemini OAuth support (Claude generated, Alex updated) 2026-03-11 14:18:55 -06:00
13 changed files with 41 additions and 129 deletions
Expand all files Collapse all files
assets/agents/coder/tools.sh
+6 -26
View File
@@ -14,28 +14,11 @@ _project_dir() {
(cd "${dir}" 2>/dev/null && pwd) || echo "${dir}" (cd "${dir}" 2>/dev/null && pwd) || echo "${dir}"
} }
# Normalize a path to be relative to project root.
# Strips the project_dir prefix if the LLM passes an absolute path.
# Usage: local rel_path; rel_path=$(_normalize_path "/abs/or/rel/path")
_normalize_path() {
local input_path="$1"
local project_dir
project_dir=$(_project_dir)
if [[ "${input_path}" == /* ]]; then
input_path="${input_path#"${project_dir}"/}"
fi
input_path="${input_path#./}"
echo "${input_path}"
}
# @cmd Read a file's contents before modifying # @cmd Read a file's contents before modifying
# @option --path! Path to the file (relative to project root) # @option --path! Path to the file (relative to project root)
read_file() { read_file() {
local file_path
# shellcheck disable=SC2154 # shellcheck disable=SC2154
file_path=$(_normalize_path "${argc_path}") local file_path="${argc_path}"
local project_dir local project_dir
project_dir=$(_project_dir) project_dir=$(_project_dir)
local full_path="${project_dir}/${file_path}" local full_path="${project_dir}/${file_path}"
@@ -56,8 +39,7 @@ read_file() {
# @option --path! Path for the file (relative to project root) # @option --path! Path for the file (relative to project root)
# @option --content! Complete file contents to write # @option --content! Complete file contents to write
write_file() { write_file() {
local file_path local file_path="${argc_path}"
file_path=$(_normalize_path "${argc_path}")
# shellcheck disable=SC2154 # shellcheck disable=SC2154
local content="${argc_content}" local content="${argc_content}"
local project_dir local project_dir
@@ -65,7 +47,7 @@ write_file() {
local full_path="${project_dir}/${file_path}" local full_path="${project_dir}/${file_path}"
mkdir -p "$(dirname "${full_path}")" mkdir -p "$(dirname "${full_path}")"
printf '%s' "${content}" > "${full_path}" echo "${content}" > "${full_path}"
green "Wrote: ${file_path}" >> "$LLM_OUTPUT" green "Wrote: ${file_path}" >> "$LLM_OUTPUT"
} }
@@ -73,8 +55,7 @@ write_file() {
# @cmd Find files similar to a given path (for pattern matching) # @cmd Find files similar to a given path (for pattern matching)
# @option --path! Path to find similar files for # @option --path! Path to find similar files for
find_similar_files() { find_similar_files() {
local file_path local file_path="${argc_path}"
file_path=$(_normalize_path "${argc_path}")
local project_dir local project_dir
project_dir=$(_project_dir) project_dir=$(_project_dir)
@@ -90,14 +71,14 @@ find_similar_files() {
! -name "$(basename "${file_path}")" \ ! -name "$(basename "${file_path}")" \
! -name "*test*" \ ! -name "*test*" \
! -name "*spec*" \ ! -name "*spec*" \
2>/dev/null | sed "s|^${project_dir}/||" | head -3) 2>/dev/null | head -3)
if [[ -z "${results}" ]]; then if [[ -z "${results}" ]]; then
results=$(find "${project_dir}/src" -type f -name "*.${ext}" \ results=$(find "${project_dir}/src" -type f -name "*.${ext}" \
! -name "*test*" \ ! -name "*test*" \
! -name "*spec*" \ ! -name "*spec*" \
-not -path '*/target/*' \ -not -path '*/target/*' \
2>/dev/null | sed "s|^${project_dir}/||" | head -3) 2>/dev/null | head -3)
fi fi
if [[ -n "${results}" ]]; then if [[ -n "${results}" ]]; then
@@ -205,7 +186,6 @@ search_code() {
grep -v '/target/' | \ grep -v '/target/' | \
grep -v '/node_modules/' | \ grep -v '/node_modules/' | \
grep -v '/.git/' | \ grep -v '/.git/' | \
sed "s|^${project_dir}/||" | \
head -20) || true head -20) || true
if [[ -n "${results}" ]]; then if [[ -n "${results}" ]]; then
assets/agents/explore/tools.sh
+4 -22
View File
@@ -14,21 +14,6 @@ _project_dir() {
(cd "${dir}" 2>/dev/null && pwd) || echo "${dir}" (cd "${dir}" 2>/dev/null && pwd) || echo "${dir}"
} }
# Normalize a path to be relative to project root.
# Strips the project_dir prefix if the LLM passes an absolute path.
_normalize_path() {
local input_path="$1"
local project_dir
project_dir=$(_project_dir)
if [[ "${input_path}" == /* ]]; then
input_path="${input_path#"${project_dir}"/}"
fi
input_path="${input_path#./}"
echo "${input_path}"
}
# @cmd Get project structure and layout # @cmd Get project structure and layout
get_structure() { get_structure() {
local project_dir local project_dir
@@ -93,7 +78,6 @@ search_content() {
grep -v '/node_modules/' | \ grep -v '/node_modules/' | \
grep -v '/.git/' | \ grep -v '/.git/' | \
grep -v '/dist/' | \ grep -v '/dist/' | \
sed "s|^${project_dir}/||" | \
head -30) || true head -30) || true
if [[ -n "${results}" ]]; then if [[ -n "${results}" ]]; then
@@ -107,9 +91,8 @@ search_content() {
# @option --path! Path to the file (relative to project root) # @option --path! Path to the file (relative to project root)
# @option --lines Maximum lines to read (default: 200) # @option --lines Maximum lines to read (default: 200)
read_file() { read_file() {
local file_path
# shellcheck disable=SC2154 # shellcheck disable=SC2154
file_path=$(_normalize_path "${argc_path}") local file_path="${argc_path}"
local max_lines="${argc_lines:-200}" local max_lines="${argc_lines:-200}"
local project_dir local project_dir
project_dir=$(_project_dir) project_dir=$(_project_dir)
@@ -139,8 +122,7 @@ read_file() {
# @cmd Find similar files to a given file (for pattern matching) # @cmd Find similar files to a given file (for pattern matching)
# @option --path! Path to the reference file # @option --path! Path to the reference file
find_similar() { find_similar() {
local file_path local file_path="${argc_path}"
file_path=$(_normalize_path "${argc_path}")
local project_dir local project_dir
project_dir=$(_project_dir) project_dir=$(_project_dir)
@@ -156,7 +138,7 @@ find_similar() {
! -name "$(basename "${file_path}")" \ ! -name "$(basename "${file_path}")" \
! -name "*test*" \ ! -name "*test*" \
! -name "*spec*" \ ! -name "*spec*" \
2>/dev/null | sed "s|^${project_dir}/||" | head -5) 2>/dev/null | head -5)
if [[ -n "${results}" ]]; then if [[ -n "${results}" ]]; then
echo "${results}" >> "$LLM_OUTPUT" echo "${results}" >> "$LLM_OUTPUT"
@@ -165,7 +147,7 @@ find_similar() {
! -name "$(basename "${file_path}")" \ ! -name "$(basename "${file_path}")" \
! -name "*test*" \ ! -name "*test*" \
-not -path '*/target/*' \ -not -path '*/target/*' \
2>/dev/null | sed "s|^${project_dir}/||" | head -5) 2>/dev/null | head -5)
if [[ -n "${results}" ]]; then if [[ -n "${results}" ]]; then
echo "${results}" >> "$LLM_OUTPUT" echo "${results}" >> "$LLM_OUTPUT"
else else
assets/agents/oracle/tools.sh
+4 -23
View File
@@ -14,38 +14,21 @@ _project_dir() {
(cd "${dir}" 2>/dev/null && pwd) || echo "${dir}" (cd "${dir}" 2>/dev/null && pwd) || echo "${dir}"
} }
# Normalize a path to be relative to project root.
# Strips the project_dir prefix if the LLM passes an absolute path.
_normalize_path() {
local input_path="$1"
local project_dir
project_dir=$(_project_dir)
if [[ "${input_path}" == /* ]]; then
input_path="${input_path#"${project_dir}"/}"
fi
input_path="${input_path#./}"
echo "${input_path}"
}
# @cmd Read a file for analysis # @cmd Read a file for analysis
# @option --path! Path to the file (relative to project root) # @option --path! Path to the file (relative to project root)
read_file() { read_file() {
local project_dir local project_dir
project_dir=$(_project_dir) project_dir=$(_project_dir)
local file_path
# shellcheck disable=SC2154 # shellcheck disable=SC2154
file_path=$(_normalize_path "${argc_path}") local full_path="${project_dir}/${argc_path}"
local full_path="${project_dir}/${file_path}"
if [[ ! -f "${full_path}" ]]; then if [[ ! -f "${full_path}" ]]; then
error "File not found: ${file_path}" >> "$LLM_OUTPUT" error "File not found: ${argc_path}" >> "$LLM_OUTPUT"
return 1 return 1
fi fi
{ {
info "Reading: ${file_path}" info "Reading: ${argc_path}"
echo "" echo ""
cat "${full_path}" cat "${full_path}"
} >> "$LLM_OUTPUT" } >> "$LLM_OUTPUT"
@@ -97,7 +80,6 @@ search_code() {
grep -v '/target/' | \ grep -v '/target/' | \
grep -v '/node_modules/' | \ grep -v '/node_modules/' | \
grep -v '/.git/' | \ grep -v '/.git/' | \
sed "s|^${project_dir}/||" | \
head -30) || true head -30) || true
if [[ -n "${results}" ]]; then if [[ -n "${results}" ]]; then
@@ -131,8 +113,7 @@ analyze_with_command() {
# @cmd List directory contents # @cmd List directory contents
# @option --path Path to list (default: project root) # @option --path Path to list (default: project root)
list_directory() { list_directory() {
local dir_path local dir_path="${argc_path:-.}"
dir_path=$(_normalize_path "${argc_path:-.}")
local project_dir local project_dir
project_dir=$(_project_dir) project_dir=$(_project_dir)
local full_path="${project_dir}/${dir_path}" local full_path="${project_dir}/${dir_path}"
assets/functions/mcp.json
+1 -5
View File
@@ -16,15 +16,11 @@
}, },
"atlassian": { "atlassian": {
"command": "npx", "command": "npx",
"args": ["-y", "mcp-remote@0.1.13", "https://mcp.atlassian.com/v1/mcp"] "args": ["-y", "mcp-remote@0.1.13", "https://mcp.atlassian.com/v1/sse"]
}, },
"docker": { "docker": {
"command": "uvx", "command": "uvx",
"args": ["mcp-server-docker"] "args": ["mcp-server-docker"]
},
"ddg-search": {
"command": "uvx",
"args": ["duckduckgo-mcp-server"]
} }
} }
} }
config.agent.example.yaml
+1 -1
View File
@@ -32,7 +32,7 @@ max_concurrent_agents: 4 # Maximum number of agents that can run simulta
max_agent_depth: 3 # Maximum nesting depth for sub-agents (prevents runaway spawning) max_agent_depth: 3 # Maximum nesting depth for sub-agents (prevents runaway spawning)
inject_spawn_instructions: true # Inject the default agent spawning instructions into the agent's system prompt inject_spawn_instructions: true # Inject the default agent spawning instructions into the agent's system prompt
summarization_model: null # Model to use for summarizing sub-agent output (e.g. 'openai:gpt-4o-mini'); defaults to current model summarization_model: null # Model to use for summarizing sub-agent output (e.g. 'openai:gpt-4o-mini'); defaults to current model
summarization_threshold: 4000 # Character threshold above which sub-agent output is summarized before returning to parent summarization_threshold: 4000 # Character threshold above which sub-agent output is summarized before returning to parent
escalation_timeout: 300 # Seconds a sub-agent waits for a user interaction response before timing out (default: 5 minutes) escalation_timeout: 300 # Seconds a sub-agent waits for a user interaction response before timing out (default: 5 minutes)
mcp_servers: # Optional list of MCP servers that the agent utilizes mcp_servers: # Optional list of MCP servers that the agent utilizes
- github # Corresponds to the name of an MCP server in the `<loki-config-dir>/functions/mcp.json` file - github # Corresponds to the name of an MCP server in the `<loki-config-dir>/functions/mcp.json` file
config.example.yaml
+1 -1
View File
@@ -77,7 +77,7 @@ visible_tools: # Which tools are visible to be compiled (and a
mcp_server_support: true # Enables or disables MCP servers (globally). mcp_server_support: true # Enables or disables MCP servers (globally).
mapping_mcp_servers: # Alias for an MCP server or set of servers mapping_mcp_servers: # Alias for an MCP server or set of servers
git: github,gitmcp git: github,gitmcp
enabled_mcp_servers: null # Which MCP servers to enable by default (e.g. 'github,slack,ddg-search') enabled_mcp_servers: null # Which MCP servers to enable by default (e.g. 'github,slack')
# ---- Session ---- # ---- Session ----
# See the [Session documentation](./docs/SESSIONS.md) for more information # See the [Session documentation](./docs/SESSIONS.md) for more information
docs/AGENTS.md
-1
View File
@@ -714,7 +714,6 @@ Loki comes packaged with some useful built-in agents:
* `code-reviewer`: A [CodeRabbit](https://coderabbit.ai)-style code reviewer that spawns per-file reviewers using the teammate messaging pattern * `code-reviewer`: A [CodeRabbit](https://coderabbit.ai)-style code reviewer that spawns per-file reviewers using the teammate messaging pattern
* `demo`: An example agent to use for reference when learning to create your own agents * `demo`: An example agent to use for reference when learning to create your own agents
* `explore`: An agent designed to help you explore and understand your codebase * `explore`: An agent designed to help you explore and understand your codebase
* `file-reviewer`: An agent designed to perform code-review on a single file (used by the `code-reviewer` agent)
* `jira-helper`: An agent that assists you with all your Jira-related tasks * `jira-helper`: An agent that assists you with all your Jira-related tasks
* `oracle`: An agent for high-level architecture, design decisions, and complex debugging * `oracle`: An agent for high-level architecture, design decisions, and complex debugging
* `sisyphus`: A powerhouse orchestrator agent for writing complex code and acting as a natural language interface for your codebase (similar to ClaudeCode, Gemini CLI, Codex, or OpenCode). Uses sub-agent spawning to delegate to `explore`, `coder`, and `oracle`. * `sisyphus`: A powerhouse orchestrator agent for writing complex code and acting as a natural language interface for your codebase (similar to ClaudeCode, Gemini CLI, Codex, or OpenCode). Uses sub-agent spawning to delegate to `explore`, `coder`, and `oracle`.
docs/clients/CLIENTS.md
-19
View File
@@ -142,25 +142,6 @@ temporary localhost server to capture the callback automatically (e.g. Gemini) o
code back into the terminal (e.g. Claude). Loki stores the tokens in `~/.cache/loki/oauth` and automatically refreshes code back into the terminal (e.g. Claude). Loki stores the tokens in `~/.cache/loki/oauth` and automatically refreshes
them when they expire. them when they expire.
#### Gemini OAuth Note
Loki uses the following scopes for OAuth with Gemini:
* https://www.googleapis.com/auth/generative-language.peruserquota
* https://www.googleapis.com/auth/userinfo.email
* https://www.googleapis.com/auth/generative-language.retriever (Sensitive)
Since the `generative-language.retriever` scope is a sensitive scope, Google needs to verify Loki, which requires full
branding (logo, official website, privacy policy, terms of service, etc.). The Loki app is open-source and is designed
to be used as a simple CLI. As such, there's no terms of service or privacy policy associated with it, and thus Google
cannot verify Loki.
So, when you kick off OAuth with Gemini, you may see a page similar to the following:
![](../images/clients/gemini-oauth-page.png)
Simply click the `Advanced` link and click `Go to Loki (unsafe)` to continue the OAuth flow.
![](../images/clients/gemini-oauth-unverified.png)
![](../images/clients/gemini-oauth-unverified-allow.png)
**Step 3: Use normally** **Step 3: Use normally**
Once authenticated, the client works like any other. Loki uses the stored OAuth tokens automatically: Once authenticated, the client works like any other. Loki uses the stored OAuth tokens automatically:
docs/function-calling/MCP-SERVERS.md
-1
View File
@@ -55,7 +55,6 @@ Loki ships with a `functions/mcp.json` file that includes some useful MCP server
* [github](https://github.com/github/github-mcp-server) - Interact with GitHub repositories, issues, pull requests, and more. * [github](https://github.com/github/github-mcp-server) - Interact with GitHub repositories, issues, pull requests, and more.
* [docker](https://github.com/ckreiling/mcp-server-docker) - Manage your local Docker containers with natural language * [docker](https://github.com/ckreiling/mcp-server-docker) - Manage your local Docker containers with natural language
* [slack](https://github.com/korotovsky/slack-mcp-server) - Interact with Slack * [slack](https://github.com/korotovsky/slack-mcp-server) - Interact with Slack
* [ddg-search](https://github.com/nickclyde/duckduckgo-mcp-server) - Perform web searches with the DuckDuckGo search engine
## Loki Configuration ## Loki Configuration
MCP servers, like tools, can be used in a handful of contexts: MCP servers, like tools, can be used in a handful of contexts:
models.yaml
-7
View File
@@ -3,13 +3,6 @@
# - https://platform.openai.com/docs/api-reference/chat # - https://platform.openai.com/docs/api-reference/chat
- provider: openai - provider: openai
models: models:
- name: gpt-5.2
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 1.75
output_price: 14
supports_vision: true
supports_function_calling: true
- name: gpt-5.1 - name: gpt-5.1
max_input_tokens: 400000 max_input_tokens: 400000
max_output_tokens: 128000 max_output_tokens: 128000
src/client/gemini_oauth.rs
+2 -1
View File
@@ -2,6 +2,7 @@ use super::oauth::{OAuthProvider, TokenRequestFormat};
pub struct GeminiOAuthProvider; pub struct GeminiOAuthProvider;
// TODO: Replace with real credentials after registering Loki with Google Cloud Console
const GEMINI_CLIENT_ID: &str = const GEMINI_CLIENT_ID: &str =
"50826443741-upqcebrs4gctqht1f08ku46qlbirkdsj.apps.googleusercontent.com"; "50826443741-upqcebrs4gctqht1f08ku46qlbirkdsj.apps.googleusercontent.com";
const GEMINI_CLIENT_SECRET: &str = "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"; const GEMINI_CLIENT_SECRET: &str = "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";
@@ -28,7 +29,7 @@ impl OAuthProvider for GeminiOAuthProvider {
} }
fn scopes(&self) -> &str { fn scopes(&self) -> &str {
"https://www.googleapis.com/auth/generative-language.peruserquota https://www.googleapis.com/auth/generative-language.retriever https://www.googleapis.com/auth/userinfo.email" "https://www.googleapis.com/auth/cloud-platform.readonly https://www.googleapis.com/auth/userinfo.email"
} }
fn client_secret(&self) -> Option<&str> { fn client_secret(&self) -> Option<&str> {
src/client/oauth.rs
+21 -20
View File
@@ -1,12 +1,12 @@
use super::ClientConfig; use super::ClientConfig;
use super::access_token::{is_valid_access_token, set_access_token}; use super::access_token::{is_valid_access_token, set_access_token};
use crate::config::Config; use crate::config::Config;
use anyhow::{Result, anyhow, bail}; use anyhow::{Result, bail};
use base64::Engine; use base64::Engine;
use base64::engine::general_purpose::URL_SAFE_NO_PAD; use base64::engine::general_purpose::URL_SAFE_NO_PAD;
use chrono::Utc; use chrono::Utc;
use inquire::Text; use inquire::Text;
use reqwest::{Client as ReqwestClient, RequestBuilder}; use reqwest::Client as ReqwestClient;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::Value; use serde_json::Value;
use sha2::{Digest, Sha256}; use sha2::{Digest, Sha256};
@@ -76,6 +76,7 @@ pub async fn run_oauth_flow(provider: &dyn OAuthProvider, client_name: &str) ->
let listener = TcpListener::bind("127.0.0.1:0")?; let listener = TcpListener::bind("127.0.0.1:0")?;
let port = listener.local_addr()?.port(); let port = listener.local_addr()?.port();
let uri = format!("http://127.0.0.1:{port}/callback"); let uri = format!("http://127.0.0.1:{port}/callback");
// Drop the listener so run_oauth_flow can re-bind below
drop(listener); drop(listener);
uri uri
} else { } else {
@@ -148,15 +149,15 @@ pub async fn run_oauth_flow(provider: &dyn OAuthProvider, client_name: &str) ->
let access_token = response["access_token"] let access_token = response["access_token"]
.as_str() .as_str()
.ok_or_else(|| anyhow!("Missing access_token in response: {response}"))? .ok_or_else(|| anyhow::anyhow!("Missing access_token in response: {response}"))?
.to_string(); .to_string();
let refresh_token = response["refresh_token"] let refresh_token = response["refresh_token"]
.as_str() .as_str()
.ok_or_else(|| anyhow!("Missing refresh_token in response: {response}"))? .ok_or_else(|| anyhow::anyhow!("Missing refresh_token in response: {response}"))?
.to_string(); .to_string();
let expires_in = response["expires_in"] let expires_in = response["expires_in"]
.as_i64() .as_i64()
.ok_or_else(|| anyhow!("Missing expires_in in response: {response}"))?; .ok_or_else(|| anyhow::anyhow!("Missing expires_in in response: {response}"))?;
let expires_at = Utc::now().timestamp() + expires_in; let expires_at = Utc::now().timestamp() + expires_in;
@@ -213,7 +214,7 @@ pub async fn refresh_oauth_token(
let access_token = response["access_token"] let access_token = response["access_token"]
.as_str() .as_str()
.ok_or_else(|| anyhow!("Missing access_token in refresh response: {response}"))? .ok_or_else(|| anyhow::anyhow!("Missing access_token in refresh response: {response}"))?
.to_string(); .to_string();
let refresh_token = response["refresh_token"] let refresh_token = response["refresh_token"]
.as_str() .as_str()
@@ -221,7 +222,7 @@ pub async fn refresh_oauth_token(
.unwrap_or_else(|| tokens.refresh_token.clone()); .unwrap_or_else(|| tokens.refresh_token.clone());
let expires_in = response["expires_in"] let expires_in = response["expires_in"]
.as_i64() .as_i64()
.ok_or_else(|| anyhow!("Missing expires_in in refresh response: {response}"))?; .ok_or_else(|| anyhow::anyhow!("Missing expires_in in refresh response: {response}"))?;
let expires_at = Utc::now().timestamp() + expires_in; let expires_at = Utc::now().timestamp() + expires_in;
@@ -265,7 +266,7 @@ fn build_token_request(
client: &ReqwestClient, client: &ReqwestClient,
provider: &(impl OAuthProvider + ?Sized), provider: &(impl OAuthProvider + ?Sized),
params: &[(&str, &str)], params: &[(&str, &str)],
) -> RequestBuilder { ) -> reqwest::RequestBuilder {
let mut request = match provider.token_request_format() { let mut request = match provider.token_request_format() {
TokenRequestFormat::Json => { TokenRequestFormat::Json => {
let body: serde_json::Map<String, Value> = params let body: serde_json::Map<String, Value> = params
@@ -307,7 +308,7 @@ fn listen_for_oauth_callback(redirect_uri: &str) -> Result<(String, String)> {
let host = url.host_str().unwrap_or("127.0.0.1"); let host = url.host_str().unwrap_or("127.0.0.1");
let port = url let port = url
.port() .port()
.ok_or_else(|| anyhow!("No port in redirect URI"))?; .ok_or_else(|| anyhow::anyhow!("No port in redirect URI"))?;
let path = url.path(); let path = url.path();
println!("Waiting for OAuth callback on {redirect_uri} ...\n"); println!("Waiting for OAuth callback on {redirect_uri} ...\n");
@@ -322,11 +323,19 @@ fn listen_for_oauth_callback(redirect_uri: &str) -> Result<(String, String)> {
let request_path = request_line let request_path = request_line
.split_whitespace() .split_whitespace()
.nth(1) .nth(1)
.ok_or_else(|| anyhow!("Malformed HTTP request from OAuth callback"))?; .ok_or_else(|| anyhow::anyhow!("Malformed HTTP request from OAuth callback"))?;
let full_url = format!("http://{host}:{port}{request_path}"); let full_url = format!("http://{host}:{port}{request_path}");
let parsed: Url = full_url.parse()?; let parsed: Url = full_url.parse()?;
let response_body = "<html><body><h2>Authentication successful!</h2><p>You can close this tab and return to your terminal.</p></body></html>";
let response = format!(
"HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nContent-Length: {}\r\nConnection: close\r\n\r\n{}",
response_body.len(),
response_body
);
stream.write_all(response.as_bytes())?;
if !parsed.path().starts_with(path) { if !parsed.path().starts_with(path) {
bail!("Unexpected callback path: {}", parsed.path()); bail!("Unexpected callback path: {}", parsed.path());
} }
@@ -341,22 +350,14 @@ fn listen_for_oauth_callback(redirect_uri: &str) -> Result<(String, String)> {
.find(|(k, _)| k == "error") .find(|(k, _)| k == "error")
.map(|(_, v)| v.to_string()) .map(|(_, v)| v.to_string())
.unwrap_or_else(|| "unknown".to_string()); .unwrap_or_else(|| "unknown".to_string());
anyhow!("OAuth callback returned error: {error}") anyhow::anyhow!("OAuth callback returned error: {error}")
})?; })?;
let returned_state = parsed let returned_state = parsed
.query_pairs() .query_pairs()
.find(|(k, _)| k == "state") .find(|(k, _)| k == "state")
.map(|(_, v)| v.to_string()) .map(|(_, v)| v.to_string())
.ok_or_else(|| anyhow!("Missing state parameter in OAuth callback"))?; .ok_or_else(|| anyhow::anyhow!("Missing state parameter in OAuth callback"))?;
let response_body = "<html><body><h2>Authentication successful!</h2><p>You can close this tab and return to your terminal.</p></body></html>";
let response = format!(
"HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nContent-Length: {}\r\nConnection: close\r\n\r\n{}",
response_body.len(),
response_body
);
stream.write_all(response.as_bytes())?;
Ok((code, returned_state)) Ok((code, returned_state))
} }
src/repl/mod.rs
+1 -2
View File
@@ -428,8 +428,7 @@ pub async fn run_repl_command(
None => println!("Usage: .model <name>"), None => println!("Usage: .model <name>"),
}, },
".authenticate" => { ".authenticate" => {
let current_model = config.read().current_model().clone(); let client = init_client(config, None)?;
let client = init_client(config, Some(current_model))?;
if !client.supports_oauth() { if !client.supports_oauth() {
bail!( bail!(
"Client '{}' doesn't either support OAuth or isn't configured to use it (i.e. uses an API key instead)", "Client '{}' doesn't either support OAuth or isn't configured to use it (i.e. uses an API key instead)",