feat: add OAuth provider abstraction for CLI configuration #3157
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
from
4759ee5 to
aaefe7c
Compare
Contributor
|
@atarantino thanks so much for working on this, a few community members have been testing it out with some success. Can you work on fixing the build please to get this reviewed. thanks! |
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
2 times, most recently
from
91afdfe to
17c5e91
Compare
Contributor
Author
|
@EbonyLouis Thanks for the feedback. I have added the required sign-offs to my commits so the DCO Check is passing. I believe the remaining checks run after an approval. Looking forward to hearing additional feedback, thanks! |
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
from
345910c to
876dae2
Compare
Contributor
Author
|
@EbonyLouis @baxen I've merged the upstream changes from main to keep this up-to-date. I've successfully compiled, tested, formatted, and linted the code locally on my machine with cargo. When it's convenient, can we trigger the pending workflows? Thanks! |
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
2 times, most recently
from
f505991 to
4e86732
Compare
- Add configure_oauth() method to Provider trait for OAuth authentication - Implement OAuth configuration in GithubCopilotProvider using existing device code flow - Refactor CLI configure.rs to use provider abstraction instead of hard-coded logic - Extract common configuration logic into configure_key() helper function - Add comprehensive documentation for OAuth flow and ConfigKey fields This eliminates architectural violations by: - Removing tight coupling between configuration layer and provider implementations - Eliminating code duplication in configuration logic - Replacing hard-coded provider matching with generic factory pattern - Providing consistent error handling and proper abstraction boundaries Signed-off-by: Adam Tarantino <[email protected]>
- Add provider_display_name parameter to configure_key function - Restore original prompt format: 'Provider X requires Y, please enter a value' - Update all configure_key calls to pass provider display name - Maintains user-friendly prompts that were accidentally simplified Signed-off-by: Adam Tarantino <[email protected]>
- Remove consolidated `configure_key` helper function to inline manual configuration logic
- Extract OAuth-specific logic into `handle_oauth_configuration` helper to eliminate duplication
- Preserve different messaging contexts: "Enter new value for {}" for updates vs "Provider {} requires..." for initial setup
- Maintain oauth_flow field checking while improving code organization
This keeps OAuth logic DRY while allowing manual configuration to have context-specific messaging.
Signed-off-by: Adam Tarantino <[email protected]>
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
from
4e86732 to
dd5d7e4
Compare
Signed-off-by: Adam Tarantino <[email protected]>
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
from
dd5d7e4 to
9a6936c
Compare
Signed-off-by: Adam Tarantino <[email protected]>
atarantino
force-pushed
the
feature/oauth-provider-abstraction
branch
from
241a78b to
b4d13dd
Compare
DOsinga
approved these changes
Aug 5, 2025
Add oauth_flow field to ConfigKey struct and comprehensive documentation for all fields to improve provider configuration UX. Signed-off-by: Adam Tarantino <[email protected]>
Contributor
Author
|
Thanks for the approval @DOsinga. I noticed the CI workflow failed, so I went ahead and ran |
Collaborator
|
thanks! generate-openapi feels like it needs to be run sometimes in unexpected places |
katzdave
added a commit
that referenced
this pull request
Aug 6, 2025
* 'main' of github.com:block/goose: Make the window title reflect what we are doing (#3883) additional metrics + Ui implementation (#3871) feat: Add session description editing functionality (#3819) Update filename in contributing docs (#3866) Fix voice dictation provider selection bug (#3862) doc: Update supported container runtimes (#3874) feat: add OAuth provider abstraction for CLI configuration (#3157) Don't ignore lockfiles on linux/windows builds (#3859) Use RMCP for StreamableHTTP OAuth support (#3845) Try to keep key order for Databricks (#3876) Fix OpenAI Provider with GitHub Models (#3875) Cmd click open finder (#3807) fix: recipe parameter form max height and not scrolling (#3879) fix: optimise reading large file content (#3767) fix: replace glob/grep tool with shell (#3834) docs: Add Youtube Link to dev.to tutorial (#3869)
katzdave
added a commit
that referenced
this pull request
Aug 6, 2025
* 'main' of github.com:block/goose: Make the window title reflect what we are doing (#3883) additional metrics + Ui implementation (#3871) feat: Add session description editing functionality (#3819) Update filename in contributing docs (#3866) Fix voice dictation provider selection bug (#3862) doc: Update supported container runtimes (#3874) feat: add OAuth provider abstraction for CLI configuration (#3157) Don't ignore lockfiles on linux/windows builds (#3859) Use RMCP for StreamableHTTP OAuth support (#3845) Try to keep key order for Databricks (#3876) Fix OpenAI Provider with GitHub Models (#3875) Cmd click open finder (#3807) fix: recipe parameter form max height and not scrolling (#3879) fix: optimise reading large file content (#3767) fix: replace glob/grep tool with shell (#3834) docs: Add Youtube Link to dev.to tutorial (#3869)
michaelneale
added a commit
that referenced
this pull request
Aug 7, 2025
* main: Upgrade to MCP-UI ~5.6.2 and handle internalized auto iframe resizing (#3889) docs: recipe updates (#3844) added notes about reducing context window by referencing external files (#3895) Make the window title reflect what we are doing (#3883) additional metrics + Ui implementation (#3871) feat: Add session description editing functionality (#3819) Update filename in contributing docs (#3866) Fix voice dictation provider selection bug (#3862) doc: Update supported container runtimes (#3874) feat: add OAuth provider abstraction for CLI configuration (#3157) Don't ignore lockfiles on linux/windows builds (#3859) Use RMCP for StreamableHTTP OAuth support (#3845) Try to keep key order for Databricks (#3876) Fix OpenAI Provider with GitHub Models (#3875) Cmd click open finder (#3807) fix: recipe parameter form max height and not scrolling (#3879)
Merged
atarantino
pushed a commit
to atarantino/goose
that referenced
this pull request
Aug 10, 2025
- Add OAuth-capable config key for Anthropic provider (CLI can drive OAuth) - Implement PKCE OAuth flow with token exchange and secure storage - Add access token refresh and Custom auth for Bearer injection - Set required anthropic-beta: oauth-2025-04-20 header in OAuth mode - Prepend Claude Code spoof system prompt when using OAuth tokens - Fallback to API key mode when OAuth not configured This brings goose in line with opencode’s Pro/Max integration while leveraging the new Provider::configure_oauth abstraction from PR block#3157. 🤖 Generated with [opencode](https://opencode.ai) Co-Authored-By: opencode <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
It states in the getting started / providers page that GitHub CoPilot uses device code authentication flow for secure access. Unfortunately, the cli and web app prompt the user for a GITHUB_COPILOT_TOKEN instead. There is an open issue about this as well.
These changes only fix this for the cli. However, once you successfully configure CoPilot from the cli, the web app will use those credentials.
The contents of this pull request were substantially written using opencode with Claude 4. I've reviewed to the best of my ability (I have not extensively programmed in Rust).