huskies

crashlabs/huskies

Fork 0

Commit Graph

Author	SHA1	Message	Date
Timmy	877f69c897	feat: browser-based OAuth login flow (story 406) Add three HTTP endpoints for OAuth login without terminal access: - GET /oauth/authorize — generates PKCE params, redirects to claude.com/cai/oauth/authorize with code=true and full scopes - GET /callback — exchanges auth code for tokens via JSON POST to platform.claude.com/v1/oauth/token, writes ~/.claude/.credentials.json - GET /oauth/status — returns current credential state as JSON Uses SHA-256 (sha2 crate) for PKCE code challenge. The authorize URL targets claude.com/cai/ (not platform.claude.com) which is required for Max/Pro subscriptions to grant user:inference scope. Users visit http://localhost:3001/oauth/authorize in their browser to authenticate. Matrix/WhatsApp can send this link when auth fails. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-26 19:58:18 +00:00

Author

SHA1

Message

Date

Timmy

877f69c897

feat: browser-based OAuth login flow (story 406)

Add three HTTP endpoints for OAuth login without terminal access:
- GET /oauth/authorize — generates PKCE params, redirects to
  claude.com/cai/oauth/authorize with code=true and full scopes
- GET /callback — exchanges auth code for tokens via JSON POST to
  platform.claude.com/v1/oauth/token, writes ~/.claude/.credentials.json
- GET /oauth/status — returns current credential state as JSON

Uses SHA-256 (sha2 crate) for PKCE code challenge. The authorize URL
targets claude.com/cai/ (not platform.claude.com) which is required
for Max/Pro subscriptions to grant user:inference scope.

Users visit http://localhost:3001/oauth/authorize in their browser
to authenticate. Matrix/WhatsApp can send this link when auth fails.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-26 19:58:18 +00:00

1 Commits