npm - agentgui - Versions diffs - 1.0.209 → 1.0.210 - Mend

agentgui 1.0.209 → 1.0.210

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "agentgui",
-  "version": "1.0.209",
+  "version": "1.0.210",
   "description": "Multi-agent ACP client with real-time communication",
   "type": "module",
   "main": "server.js",

package/server.js CHANGED Viewed

@@ -333,11 +333,11 @@ function geminiOAuthResultPage(title, message, success) {
 </div></body></html>`;
 }
-async function startGeminiOAuth(baseUrl) {
+async function startGeminiOAuth() {
   const creds = getGeminiOAuthCreds();
   if (!creds) throw new Error('Could not find Gemini CLI OAuth credentials. Install gemini CLI first.');
-  const redirectUri = `${baseUrl}${BASE_URL}/oauth2callback`;
+  const redirectUri = `http://localhost:${PORT}${BASE_URL}/oauth2callback`;
   const state = crypto.randomBytes(32).toString('hex');
   const client = new OAuth2Client({
@@ -365,71 +365,74 @@ async function startGeminiOAuth(baseUrl) {
   return authUrl;
 }
-async function handleGeminiOAuthCallback(req, res) {
-  const reqUrl = new URL(req.url, buildBaseUrl(req));
-  if (!geminiOAuthPending) {
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(geminiOAuthResultPage('Authentication Failed', 'No pending OAuth flow.', false));
-    return;
-  }
-  const error = reqUrl.searchParams.get('error');
-  if (error) {
-    const desc = reqUrl.searchParams.get('error_description') || error;
-    geminiOAuthState = { status: 'error', error: desc, email: null };
-    geminiOAuthPending = null;
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(geminiOAuthResultPage('Authentication Failed', desc, false));
-    return;
-  }
+async function exchangeGeminiOAuthCode(code, state) {
+  if (!geminiOAuthPending) throw new Error('No pending OAuth flow. Please start authentication again.');
   const { client, redirectUri, state: expectedState } = geminiOAuthPending;
-  if (reqUrl.searchParams.get('state') !== expectedState) {
+  if (state !== expectedState) {
     geminiOAuthState = { status: 'error', error: 'State mismatch', email: null };
     geminiOAuthPending = null;
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(geminiOAuthResultPage('Authentication Failed', 'State mismatch.', false));
-    return;
+    throw new Error('State mismatch - possible CSRF attack.');
   }
-  const code = reqUrl.searchParams.get('code');
   if (!code) {
-    geminiOAuthState = { status: 'error', error: 'No authorization code', email: null };
+    geminiOAuthState = { status: 'error', error: 'No authorization code received', email: null };
     geminiOAuthPending = null;
+    throw new Error('No authorization code received.');
+  }
+  const { tokens } = await client.getToken({ code, redirect_uri: redirectUri });
+  client.setCredentials(tokens);
+  let email = '';
+  try {
+    const { token } = await client.getAccessToken();
+    if (token) {
+      const resp = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
+        headers: { Authorization: `Bearer ${token}` }
+      });
+      if (resp.ok) {
+        const info = await resp.json();
+        email = info.email || '';
+      }
+    }
+  } catch (_) {}
+  saveGeminiCredentials(tokens, email);
+  geminiOAuthState = { status: 'success', error: null, email };
+  geminiOAuthPending = null;
+  return email;
+}
+async function handleGeminiOAuthCallback(req, res) {
+  const reqUrl = new URL(req.url, `http://localhost:${PORT}`);
+  if (!geminiOAuthPending) {
     res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(geminiOAuthResultPage('Authentication Failed', 'No authorization code received.', false));
+    res.end(geminiOAuthResultPage('Authentication Failed', 'No pending OAuth flow.', false));
     return;
   }
   try {
-    const { tokens } = await client.getToken({ code, redirect_uri: redirectUri });
-    client.setCredentials(tokens);
-    let email = '';
-    try {
-      const { token } = await client.getAccessToken();
-      if (token) {
-        const resp = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
-          headers: { Authorization: `Bearer ${token}` }
-        });
-        if (resp.ok) {
-          const info = await resp.json();
-          email = info.email || '';
-        }
-      }
-    } catch (_) {}
+    const error = reqUrl.searchParams.get('error');
+    if (error) {
+      const desc = reqUrl.searchParams.get('error_description') || error;
+      geminiOAuthState = { status: 'error', error: desc, email: null };
+      geminiOAuthPending = null;
+      res.writeHead(200, { 'Content-Type': 'text/html' });
+      res.end(geminiOAuthResultPage('Authentication Failed', desc, false));
+      return;
+    }
-    saveGeminiCredentials(tokens, email);
-    geminiOAuthState = { status: 'success', error: null, email };
-    geminiOAuthPending = null;
+    const code = reqUrl.searchParams.get('code');
+    const state = reqUrl.searchParams.get('state');
+    const email = await exchangeGeminiOAuthCode(code, state);
     res.writeHead(200, { 'Content-Type': 'text/html' });
     res.end(geminiOAuthResultPage('Authentication Successful', email ? `Signed in as ${email}` : 'Gemini CLI credentials saved.', true));
   } catch (e) {
-    geminiOAuthState = { status: 'error', error: e.message, email: null };
-    geminiOAuthPending = null;
     res.writeHead(200, { 'Content-Type': 'text/html' });
     res.end(geminiOAuthResultPage('Authentication Failed', e.message, false));
   }
@@ -1127,7 +1130,7 @@ const server = http.createServer(async (req, res) => {
     if (pathOnly === '/api/gemini-oauth/start' && req.method === 'POST') {
       try {
-        const authUrl = await startGeminiOAuth(buildBaseUrl(req));
+        const authUrl = await startGeminiOAuth();
         sendJSON(req, res, 200, { authUrl });
       } catch (e) {
         console.error('[gemini-oauth] /api/gemini-oauth/start failed:', e);
@@ -1141,6 +1144,42 @@ const server = http.createServer(async (req, res) => {
       return;
     }
+    if (pathOnly === '/api/gemini-oauth/complete' && req.method === 'POST') {
+      try {
+        const body = await parseBody(req);
+        const pastedUrl = (body.url || '').trim();
+        if (!pastedUrl) {
+          sendJSON(req, res, 400, { error: 'No URL provided' });
+          return;
+        }
+        let parsed;
+        try { parsed = new URL(pastedUrl); } catch (_) {
+          sendJSON(req, res, 400, { error: 'Invalid URL. Paste the full URL from the browser address bar.' });
+          return;
+        }
+        const error = parsed.searchParams.get('error');
+        if (error) {
+          const desc = parsed.searchParams.get('error_description') || error;
+          geminiOAuthState = { status: 'error', error: desc, email: null };
+          geminiOAuthPending = null;
+          sendJSON(req, res, 200, { error: desc });
+          return;
+        }
+        const code = parsed.searchParams.get('code');
+        const state = parsed.searchParams.get('state');
+        const email = await exchangeGeminiOAuthCode(code, state);
+        sendJSON(req, res, 200, { success: true, email });
+      } catch (e) {
+        geminiOAuthState = { status: 'error', error: e.message, email: null };
+        geminiOAuthPending = null;
+        sendJSON(req, res, 400, { error: e.message });
+      }
+      return;
+    }
     const agentAuthMatch = pathOnly.match(/^\/api\/agents\/([^/]+)\/auth$/);
     if (agentAuthMatch && req.method === 'POST') {
       const agentId = agentAuthMatch[1];
@@ -1149,7 +1188,7 @@ const server = http.createServer(async (req, res) => {
       if (agentId === 'gemini') {
         try {
-          const authUrl = await startGeminiOAuth(buildBaseUrl(req));
+          const authUrl = await startGeminiOAuth();
           const conversationId = '__agent_auth__';
           broadcastSync({ type: 'script_started', conversationId, script: 'auth-gemini', agentId: 'gemini', timestamp: Date.now() });
           broadcastSync({ type: 'script_output', conversationId, data: `\x1b[36mOpening Google OAuth in your browser...\x1b[0m\r\n\r\nIf it doesn't open automatically, visit:\r\n${authUrl}\r\n`, stream: 'stdout', timestamp: Date.now() });

package/static/js/agent-auth.js CHANGED Viewed

@@ -130,6 +130,81 @@
   function closeDropdown() { dropdown.classList.remove('open'); editingProvider = null; }
+  var oauthPollInterval = null, oauthPollTimeout = null;
+  function cleanupOAuthPolling() {
+    if (oauthPollInterval) { clearInterval(oauthPollInterval); oauthPollInterval = null; }
+    if (oauthPollTimeout) { clearTimeout(oauthPollTimeout); oauthPollTimeout = null; }
+  }
+  function showOAuthPasteModal() {
+    removeOAuthPasteModal();
+    var overlay = document.createElement('div');
+    overlay.id = 'oauthPasteModal';
+    overlay.style.cssText = 'position:fixed;inset:0;background:rgba(0,0,0,0.7);display:flex;align-items:center;justify-content:center;z-index:9999;';
+    var s = function(c) { return 'font-size:0.8rem;color:var(--color-text-secondary,#d1d5db);margin:0 0 ' + (c ? '0' : '0.5rem') + ';'; };
+    overlay.innerHTML = '<div style="background:var(--color-bg-secondary,#1f2937);border-radius:1rem;padding:2rem;max-width:28rem;width:calc(100% - 2rem);box-shadow:0 25px 50px rgba(0,0,0,0.5);color:var(--color-text-primary,white);font-family:system-ui,sans-serif;" onclick="event.stopPropagation()">' +
+      '<div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:1rem;">' +
+      '<h2 style="font-size:1.125rem;font-weight:700;margin:0;">Complete Google Sign-In</h2>' +
+      '<button id="oauthPasteClose" style="background:none;border:none;color:var(--color-text-secondary,#9ca3af);font-size:1.5rem;cursor:pointer;padding:0;line-height:1;">\u00d7</button></div>' +
+      '<div style="margin-bottom:1rem;padding:1rem;background:var(--color-bg-tertiary,rgba(255,255,255,0.05));border-radius:0.5rem;">' +
+      '<p style="' + s() + '">1. A Google sign-in page has opened in a new tab.</p>' +
+      '<p style="' + s() + '">2. Complete the sign-in process with Google.</p>' +
+      '<p style="' + s() + '">3. After signing in, you will be redirected to a page that <span style="color:#facc15;font-weight:600;">may not load</span> (this is expected).</p>' +
+      '<p style="' + s(1) + '">4. Copy the <span style="color:white;font-weight:600;">entire URL</span> from the address bar and paste it below.</p></div>' +
+      '<label style="display:block;font-size:0.8rem;color:var(--color-text-secondary,#d1d5db);margin-bottom:0.5rem;">Paste the redirect URL here:</label>' +
+      '<input type="text" id="oauthPasteInput" placeholder="http://localhost:3000/gm/oauth2callback?code=..." style="width:100%;box-sizing:border-box;padding:0.75rem 1rem;background:var(--color-bg-primary,#374151);border:1px solid var(--color-border,#4b5563);border-radius:0.5rem;color:var(--color-text-primary,white);font-size:0.8rem;font-family:monospace;outline:none;" />' +
+      '<p id="oauthPasteError" style="font-size:0.75rem;color:#ef4444;margin:0.5rem 0 0;display:none;"></p>' +
+      '<div style="display:flex;gap:0.75rem;margin-top:1.25rem;">' +
+      '<button id="oauthPasteCancel" style="flex:1;padding:0.625rem;border-radius:0.5rem;border:1px solid var(--color-border,#4b5563);background:transparent;color:var(--color-text-primary,white);font-size:0.8rem;cursor:pointer;font-weight:600;">Cancel</button>' +
+      '<button id="oauthPasteSubmit" style="flex:1;padding:0.625rem;border-radius:0.5rem;border:none;background:var(--color-primary,#3b82f6);color:white;font-size:0.8rem;cursor:pointer;font-weight:600;">Complete Sign-In</button></div>' +
+      '<p style="font-size:0.7rem;color:var(--color-text-secondary,#6b7280);margin-top:1rem;text-align:center;">If the redirect page loaded successfully, this dialog will close automatically.</p></div>';
+    document.body.appendChild(overlay);
+    var dismiss = function() { cleanupOAuthPolling(); authRunning = false; removeOAuthPasteModal(); };
+    document.getElementById('oauthPasteClose').addEventListener('click', dismiss);
+    document.getElementById('oauthPasteCancel').addEventListener('click', dismiss);
+    document.getElementById('oauthPasteSubmit').addEventListener('click', submitOAuthPasteUrl);
+    document.getElementById('oauthPasteInput').addEventListener('keydown', function(e) { if (e.key === 'Enter') submitOAuthPasteUrl(); });
+    setTimeout(function() { var i = document.getElementById('oauthPasteInput'); if (i) i.focus(); }, 100);
+  }
+  function removeOAuthPasteModal() {
+    var el = document.getElementById('oauthPasteModal');
+    if (el) el.remove();
+  }
+  function submitOAuthPasteUrl() {
+    var input = document.getElementById('oauthPasteInput');
+    var errorEl = document.getElementById('oauthPasteError');
+    var submitBtn = document.getElementById('oauthPasteSubmit');
+    if (!input) return;
+    var url = input.value.trim();
+    if (!url) {
+      if (errorEl) { errorEl.textContent = 'Please paste the URL from the redirected page.'; errorEl.style.display = 'block'; }
+      return;
+    }
+    if (submitBtn) { submitBtn.disabled = true; submitBtn.textContent = 'Verifying...'; }
+    if (errorEl) errorEl.style.display = 'none';
+    fetch(BASE + '/api/gemini-oauth/complete', {
+      method: 'POST', headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ url: url })
+    }).then(function(r) { return r.json(); }).then(function(data) {
+      if (data.success) {
+        cleanupOAuthPolling();
+        authRunning = false;
+        removeOAuthPasteModal();
+        refresh();
+      } else {
+        if (errorEl) { errorEl.textContent = data.error || 'Failed to complete authentication.'; errorEl.style.display = 'block'; }
+        if (submitBtn) { submitBtn.disabled = false; submitBtn.textContent = 'Complete Sign-In'; }
+      }
+    }).catch(function(e) {
+      if (errorEl) { errorEl.textContent = e.message; errorEl.style.display = 'block'; }
+      if (submitBtn) { submitBtn.disabled = false; submitBtn.textContent = 'Complete Sign-In'; }
+    });
+  }
   function triggerAuth(agentId) {
     if (authRunning) return;
     fetch(BASE + '/api/agents/' + agentId + '/auth', {
@@ -141,6 +216,28 @@
         if (term) { term.clear(); term.writeln('\x1b[36m[authenticating ' + agentId + ']\x1b[0m\r\n'); }
         if (data.authUrl) {
           window.open(data.authUrl, '_blank');
+          if (agentId === 'gemini') {
+            showOAuthPasteModal();
+            cleanupOAuthPolling();
+            oauthPollInterval = setInterval(function() {
+              fetch(BASE + '/api/gemini-oauth/status').then(function(r) { return r.json(); }).then(function(status) {
+                if (status.status === 'success') {
+                  cleanupOAuthPolling();
+                  authRunning = false;
+                  removeOAuthPasteModal();
+                  refresh();
+                } else if (status.status === 'error') {
+                  cleanupOAuthPolling();
+                  authRunning = false;
+                  removeOAuthPasteModal();
+                }
+              }).catch(function() {});
+            }, 1500);
+            oauthPollTimeout = setTimeout(function() {
+              cleanupOAuthPolling();
+              if (authRunning) { authRunning = false; removeOAuthPasteModal(); }
+            }, 5 * 60 * 1000);
+          }
         }
       }
     }).catch(function() {});
@@ -159,6 +256,8 @@
       if (term) term.write(data.data);
     } else if (data.type === 'script_stopped') {
       authRunning = false;
+      removeOAuthPasteModal();
+      cleanupOAuthPolling();
       var term = getTerminal();
       var msg = data.error ? data.error : ('exited with code ' + (data.code || 0));
       if (term) term.writeln('\r\n\x1b[90m[auth ' + msg + ']\x1b[0m');