@lifeaitools/clauth 1.5.28 → 1.5.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/commands/serve.js +10 -1
- package/package.json +1 -1
package/cli/commands/serve.js
CHANGED
|
@@ -2944,8 +2944,17 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
|
|
|
2944
2944
|
return res.end(JSON.stringify({ error: "not_found" }));
|
|
2945
2945
|
}
|
|
2946
2946
|
|
|
2947
|
-
// ── Dynamic Client Registration
|
|
2947
|
+
// ── Dynamic Client Registration — DISABLED ──────────────
|
|
2948
|
+
// claude.ai's OAuth authorization_code flow is bugged (token issued, never used).
|
|
2949
|
+
// If /register returns 201, claude.ai starts OAuth and fails.
|
|
2950
|
+
// If /register returns 404, claude.ai falls back to authless (which works).
|
|
2948
2951
|
if (method === "POST" && reqPath === "/register") {
|
|
2952
|
+
res.writeHead(404, { "Content-Type": "application/json", ...CORS });
|
|
2953
|
+
return res.end(JSON.stringify({ error: "not_found" }));
|
|
2954
|
+
}
|
|
2955
|
+
|
|
2956
|
+
// ── Dynamic Client Registration (kept for future use) ──────────────
|
|
2957
|
+
if (false && method === "POST" && reqPath === "/register") {
|
|
2949
2958
|
let body;
|
|
2950
2959
|
try { body = await readBody(req); } catch {
|
|
2951
2960
|
res.writeHead(400, { "Content-Type": "application/json", ...CORS });
|