promethios-bridge 2.1.1 → 2.1.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "promethios-bridge",
-  "version": "2.1.1",
+  "version": "2.1.4",
   "description": "Run Promethios agent frameworks locally on your computer with full file, terminal, browser access, ambient context capture, and the always-on-top floating chat overlay. Native Framework Mode supports OpenClaw and other frameworks via the bridge.",
   "main": "src/index.js",
   "bin": {

package/src/bridge.js

@@ -210,6 +210,32 @@ async function startBridge({ setupToken, apiBase, port, dev }) {
   // Health check
   app.get('/health', (req, res) => res.json({ ok: true, version: require('../package.json').version }));
 
+  // ── /open-external ─────────────────────────────────────────────────────────
+  // POST /open-external?url=<encoded-url>
+  // Called by the Promethios web app when the user clicks "Open [Provider] ↗"
+  // in a provider thread. Opens the URL in the user's real default browser.
+  // No auth required — only accessible from localhost.
+  app.post('/open-external', (req, res) => {
+    const url = (req.query.url || req.body?.url || '').trim();
+    if (!url || !/^https?:\/\//.test(url)) {
+      return res.status(400).json({ error: 'Invalid or missing url parameter' });
+    }
+    const { exec } = require('child_process');
+    const platform = process.platform;
+    let cmd;
+    if (platform === 'win32') {
+      cmd = `start "" "${url.replace(/"/g, '')}"`;
+    } else if (platform === 'darwin') {
+      cmd = `open "${url.replace(/"/g, '')}"`;
+    } else {
+      cmd = `xdg-open "${url.replace(/"/g, '')}"`;
+    }
+    exec(cmd, (err) => {
+      if (err) console.error('[open-external] Failed to open URL:', err.message);
+    });
+    res.json({ status: 'ok', url });
+  });
+
   // ── /status: used by the Electron overlay to auto-connect without manual token entry ──
   // Only accessible from localhost (127.0.0.1 or ::1) for security.
   let bridgeUsername = null; // set after registerBridge resolves

package/src/overlay/renderer/index.html

@@ -1250,7 +1250,7 @@
       if (hint) hint.style.display = 'none';
     }
 
-    async function startOAuthFlow(provider) {
+    function startOAuthFlow(provider) {
       hideProviderLoginHint();
 
       if (!authToken) {
@@ -1262,56 +1262,22 @@
         return;
       }
 
-      const info = PROVIDER_LABELS[provider] || { name: provider, color: 'rgba(255,255,255,0.1)', text: '#e2e8f0' };
       const btn = document.querySelector(`.btn-connect[data-provider="${provider}"]`);
-      if (btn) { btn.textContent = 'Connecting…'; btn.disabled = true; }
+      if (btn) { btn.textContent = 'Opening…'; btn.disabled = true; }
 
-      try {
-        const res = await fetch(`${RELAY_URL}/api/mcp/oauth/auto-connect`, {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({ bridge_token: authToken, client_id: provider }),
-        });
-        const data = await res.json();
+      // Open OAuth consent page in the user's REAL system browser (Chrome/Edge/Firefox).
+      // shell.openExternal() is the only way that passes Google/Meta's "secure browser" check.
+      // The main process starts a localhost callback server, opens the system browser with the
+      // Promethios OAuth URL, and fires 'oauth-complete' back to us when the token arrives.
+      window.promethios.openOAuth(provider);
 
-        if (!data.success) {
-          const errMsg = (data.error || '').toLowerCase();
-          const isLoginRequired = errMsg.includes('login') || errMsg.includes('not logged') ||
-                                  errMsg.includes('auth') || errMsg.includes('session') ||
-                                  errMsg.includes('sign in') || res.status === 401;
-
-          if (isLoginRequired) {
-            const loginUrl = PROVIDER_LOGIN_URLS[provider] || `https://${provider}.com`;
-            showProviderLoginHint(provider,
-              `<strong>Sign in to ${info.name} first.</strong><br>` +
-              `Click <strong>Open ↗</strong> next to ${info.name} to sign in, then click <strong>Connect</strong> again.`
-            );
-            window.promethios.openExternal(loginUrl);
-          } else {
-            showToast(`Connect failed: ${data.error || 'Unknown error'}`);
-          }
-          if (btn) { btn.textContent = 'Connect'; btn.disabled = false; }
-          return;
+      // Re-enable the button after a short delay so the user can retry if needed
+      setTimeout(() => {
+        if (btn && btn.disabled) {
+          btn.textContent = 'Connect';
+          btn.disabled = false;
         }
-
-        connectedProviders[provider] = { token: data.token, clientId: provider, ts: Date.now() };
-        updateProviderButtons();
-        hideProviderLoginHint();
-
-        modalProviderName.textContent = info.name;
-        modalProviderBadge.textContent = info.name;
-        modalProviderBadge.style.background = info.color;
-        modalProviderBadge.style.color = info.text;
-        modalPromptText.textContent = data.prompt || buildPromptText(provider, data.token);
-        modalCopyBtn.textContent = '⌘ Copy Prompt';
-        modalCopyBtn.classList.remove('copied');
-        promptModal.classList.add('open');
-        showToast(`✓ ${info.name} connected!`);
-
-      } catch (err) {
-        showToast('Network error — check your connection and try again.');
-        if (btn) { btn.textContent = 'Connect'; btn.disabled = false; }
-      }
+      }, 8000);
     }
 
     // Called by main process after OAuth completes successfully