clone/opencode
1
0
Fork 0
mirror of https://github.com/anomalyco/opencode.git synced 2026-02-01 22:48:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(mcp): register OAuth callback before opening browser (#9646)

Browse Source
This commit is contained in:
msvechla
2026-01-20 17:18:49 +01:00
committed by GitHub
parent 733226de9d
commit 8f62d4a5e3
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
packages/opencode/src/mcp/index.ts
View File

@@ -795,6 +795,11 @@ export namespace MCP {
// The SDK has already added the state parameter to the authorization URL
// We just need to open the browser
log.info("opening browser for oauth", { mcpName, url: authorizationUrl, state: oauthState })
// Register the callback BEFORE opening the browser to avoid race condition
// when the IdP has an active SSO session and redirects immediately
const callbackPromise = McpOAuthCallback.waitForCallback(oauthState)
try {
const subprocess = await open(authorizationUrl)
// The open package spawns a detached process and returns immediately.
@@ -822,8 +827,8 @@ export namespace MCP {
Bus.publish(BrowserOpenFailed, { mcpName, url: authorizationUrl })
}
// Wait for callback using the OAuth state parameter
const code = await McpOAuthCallback.waitForCallback(oauthState)
// Wait for callback using the already-registered promise
const code = await callbackPromise
// Validate and clear the state
const storedState = await McpAuth.getOAuthState(mcpName)