feat(claude-code): add manual auth code flow for remote environments #10550
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds out-of-band (OOB) OAuth flow for Claude Code sign-in that works in remote environments like GitHub Codespaces and SSH sessions where localhost callbacks do not work. Changes: - Add OOB redirect URI constant and buildOobAuthorizationUrl function - Add exchangeOobCodeForTokens function for manual code exchange - Add startOobAuthorizationFlow and exchangeManualCode methods to manager - Add claudeCodeStartOobFlow and claudeCodeExchangeManualCode message types - Add webview handlers for the new message types - Update ClaudeCode.tsx with manual auth UI (step-by-step flow) - Add i18n translations for the new auth flow Fixes #10531
Contributor
Author
Review completed. No actionable issues found. The OOB OAuth flow implementation is well-structured and follows existing patterns. The code correctly uses PKCE for security, handles errors appropriately, and maintains proper state management. Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues. |
hannesrudolph
added
the
Issue/PR - Triage
hannesrudolph
changed the title
hannesrudolph
changed the title
hannesrudolph
changed the title
hannesrudolph
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR attempts to address Issue #10531 - Claude Code Sign In broken on remote environments due to hardcoded localhost redirectUri.
Problem
The OAuth flow for Claude Code uses a hardcoded localhost redirect URI (
http://localhost:54545/callback) which does not work in remote environments like GitHub Codespaces, SSH sessions, or vscode.dev on mobile devices.Solution
Implements an out-of-band (OOB) OAuth flow as suggested by @soundyogi, similar to how Claude Code CLI handles this:
Changes
buildOobAuthorizationUrl(),exchangeOobCodeForTokens()functions, andstartOobAuthorizationFlow(),exchangeManualCode(),hasPendingOobFlow()methods to the OAuth managerclaudeCodeStartOobFlowandclaudeCodeExchangeManualCodemessage typesTesting
urn:ietf:wg:oauth:2.0:oob)Feedback and guidance are welcome!
Important
Adds manual OAuth flow for remote environments in
oauth.tsandClaudeCode.tsx, allowing users to authenticate using an out-of-band redirect URI.oauth.tsusing OOB redirect URI (urn:ietf:wg:oauth:2.0:oob).ClaudeCode.tsxUI after signing in on Anthropic's page.buildOobAuthorizationUrl(),exchangeOobCodeForTokens()inoauth.ts.startOobAuthorizationFlow(),exchangeManualCode(),hasPendingOobFlow()methods toClaudeCodeOAuthManager.ClaudeCode.tsxto include manual auth flow UI components.settings.json.claudeCodeStartOobFlow,claudeCodeExchangeManualCodemessage types inWebviewMessage.ts.webviewMessageHandler.ts.This description was created by
for 40a9d5a. You can customize this summary. It will automatically update as commits are pushed.