[codex] preserve OAuth authorization redirect after login#278
Merged
Conversation
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
/oauth/authorize?requestId=...after password/passkey/OAuth login instead of/home./homeor/profile.Why
When an HTTP MCP OAuth authorization starts while the user is logged out, the frontend sends them to
/login?redirect=.... Some login and registration paths could still lose that target, fall back to the app home page, or pause on optional setup UI, preventing the consent screen from appearing.OAuth provider error and cancel callbacks also need to restore the login URL stored in the signed state token so the nested authorization redirect survives unsuccessful third-party login attempts.
Validation
cd server && bun run lintcd server && bun run buildcd web && bun run lintcd web && bun run build/oauth/authorize?requestId=...redirected to/login?redirect=...; after login it returned to/oauth/authorize?requestId=...and displayed拒绝/允许./oauth/authorize?requestId=...and displayed拒绝/允许without showing the optional passkey setup prompt.