fix: fix OAuth PKCE verifier overwrite and transport authProvider lookup#19280
fix: fix OAuth PKCE verifier overwrite and transport authProvider lookup#19280Vishal2002 wants to merge 2 commits into
Conversation
github-actions
Bot
added
the
needs:compliance
|
The following comment was made by an LLM, it may be inaccurate: Found one potentially related PR: PR #18674 - "fix: vendor Anthropic OAuth plugin and fix PKCE state security issue (fixes #18652)" This PR also addresses PKCE-related security issues in the OAuth flow, though it focuses on a different issue (#18652 vs #17822). Both PRs involve OAuth PKCE fixes, so there's a chance of overlap in the areas being modified. |
github-actions
Bot
removed
the
needs:compliance
|
Thanks for updating your PR! It now meets our contributing guidelines. 👍 |
Vishal2002
force-pushed
the
fix/mcp-oauth-nonstandard-error-response
branch
from
0ad3cbf to
8e0a0d7
Compare
|
Automated PR Cleanup Thank you for contributing to opencode. Due to the high volume of PRs from users and AI agents, we periodically close older PRs using automated criteria so maintainers can focus review time on the most active and community-supported contributions. This PR was closed because it matched the following cleanup criteria:
PRs created within the last month are not affected by this cleanup. If you believe this PR was closed incorrectly, or if you are still actively working on it, please leave a comment explaining why it should be reopened. A maintainer can review and reopen it if appropriate. Thanks again for taking the time to contribute. |
2 participants
Issue for this PR
Closes #17822
Type of change
What does this PR do?
Fixes an issue where OAuth remained stuck in
needs_authafter a successful login.saveCodeVerifiercalls causinginvalid_grantauthProvideraccess (_authProvider)How did you verify your code works?
Tested locally with Notion MCP and Atlassian MCP.
OAuth flow completes successfully, tokens persist, and client is reused across runs.
Screenshots / recordings
N/A
Checklist