fix(auth): add plugin lookup for custom provider in 'Other' flow#5324
Merged
rekram1-node merged 1 commit intoanomalyco:devfrom Dec 10, 2025
Merged
fix(auth): add plugin lookup for custom provider in 'Other' flow#5324rekram1-node merged 1 commit intoanomalyco:devfrom
rekram1-node merged 1 commit intoanomalyco:devfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a bug in the authentication login flow where plugins providing auth for custom providers were not discovered when users selected "Other" and entered a custom provider ID. The solution adds a second plugin lookup after the user inputs the custom provider name, enabling plugins like cursor-auth to work correctly with the OAuth flow.
Key changes:
- Added plugin lookup inside the "Other" flow after user enters custom provider ID
- Duplicated the entire plugin authentication handling logic (~140 lines) to support custom providers
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
When users select 'Other' and enter a custom provider ID, the auth command now performs a second plugin lookup to check if any plugin provides authentication for that provider. This enables plugins like cursor-auth to be discovered and used for OAuth/API key flows. Previously, the plugin lookup only happened at the start with provider='other', so custom providers never matched any plugins. Also refactored the duplicated plugin auth handling code (~135 lines) into a shared handlePluginAuth() function for better maintainability.
Yukaii
force-pushed
the
fix/auth-other-plugin-lookup
branch
from
bf29784 to
3c00d54
Compare
Collaborator
|
where is this cursor auth plugin (out of curiousity) |
Collaborator
|
/review |
Contributor
|
lgtm |
Contributor
Author
|
@rekram1-node preparing not ready for open source yet haha |
shuv1337
added a commit
to Latitudes-Dev/shuvcode
that referenced
this pull request
Dec 11, 2025
* bump bun to 1.3.4 * docs: document accept always behavior (anomalyco#5340) Co-authored-by: Ingo Fruend <ingo@oudyo.com> * stuff adam needs * gen types * chore: format code * ignore: add bash tests * tui: use random free port and enable icon discovery by default - Tauri app now automatically finds an available port instead of defaulting to 4096 - Icon discovery feature is now enabled by default in the Tauri app - Prevents port conflicts when multiple OpenCode instances are running * fix type * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * wip(desktop): progress * tui: pass dynamic port to frontend Frontend now receives the server port via window.__OPENCODE__.port, allowing it to connect when using a random free port instead of hardcoded 4096 * Update Nix flake.lock and hashes * fix(cli): obtain directory data from server (anomalyco#5320) * tweak: small fix * fix(auth): add plugin lookup for custom provider in 'Other' flow (anomalyco#5324) * feat: add helicone docs + helicone session tracking (anomalyco#5265) * feat: use |- for intermediate sub-agent steps (anomalyco#5336) Signed-off-by: Christian Stewart <christian@aperture.us> * tweak: oc -> OC * fix: more descriptive tool or subtask execution failed error (anomalyco#5337) Signed-off-by: Christian Stewart <christian@aperture.us> * wip(desktop): progress * fix: tauri * compaction: improve compaction prompt (anomalyco#5348) * wip(desktop): progress * docs: desktop * core: reposition OpenCode as open source multi-platform coding agent docs: update main intro page to reflect open source positioning and multi-platform availability * fix deploy * desktop: enable zoom hotkeys in Tauri app * Add Cerebras integration header with opencode identifier (anomalyco#5354) * docs(bash): clarify description parameter is required (anomalyco#5353) * fix: light mode visibility for filepath in /undo diff files (anomalyco#5352) * tauri: update icons * desktop: exclude ts-dist from tsconfig sources * tweak: correct thinkingLevel * ignore: tmp transform exclusion * ignore * global.dispose * chore: format code * global bus * ignore * ignore * ci: rm bash tool from opencode ci workflow, reduce risks * docs: update doc sdk.mdx (anomalyco#5315) * sync * fix * domain * remove * ci * use new share url * release: v1.0.144 * prevent indexing of share page * chore: format code * enterprise: add social card meta tags to share pages - Add og:image and twitter:image meta tags for better social sharing - Generate dynamic social card URLs with session title, models, and version - Include description meta tag for search engines * enterprise: add default social card images to HTML head - Add og:image and twitter:image meta tags to entry-server - Provide fallback social card image for pages without specific social cards * Update Nix flake.lock and hashes * ignore: comment out item in project cfg * downgrade bun * opencode config * update * release: v1.0.145 * release: v1.0.146 * sync: record last synced tag v1.0.146 * fix: resolve type errors after upstream merge v1.0.146 - layout.tsx: add theme/font state and accessors for fork customizations - global-sync.tsx: add command property to State type for sync context - font-picker.tsx: remove onHighlight prop (removed upstream), use code-lines icon - theme-picker.tsx: remove onHighlight prop (removed upstream), use glasses icon - app.tsx: update useKittyKeyboard from boolean to object format * chore: format code --------- Signed-off-by: Christian Stewart <christian@aperture.us> Co-authored-by: Aiden Cline <aidenpcline@gmail.com> Co-authored-by: igordertigor <github@ingofruend.net> Co-authored-by: Ingo Fruend <ingo@oudyo.com> Co-authored-by: Dax Raad <d@ironbay.co> Co-authored-by: GitHub Action <action@github.com> Co-authored-by: Adam <2363879+adamdotdevin@users.noreply.github.com> Co-authored-by: OpeOginni <107570612+OpeOginni@users.noreply.github.com> Co-authored-by: Yukai Huang <yukaihuangtw@gmail.com> Co-authored-by: Hammad Shami <46585994+H2Shami@users.noreply.github.com> Co-authored-by: Christian Stewart <christian@aperture.us> Co-authored-by: Shantur Rathore <i@shantur.com> Co-authored-by: Jay V <air@live.ca> Co-authored-by: Seb Duerr <sebastian.duerr@cerebras.net> Co-authored-by: Jinhyeok Lee <zenyr@zenyr.com> Co-authored-by: Koichi Nakayamada <151496024+koichincom@users.noreply.github.com> Co-authored-by: Brendan Allan <brendonovich@outlook.com> Co-authored-by: Ayush Walekar <walekarayush@gmail.com> Co-authored-by: opencode <opencode@sst.dev> Co-authored-by: opencode-agent[bot] <opencode-agent[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Problem
When running
opencode auth login, selecting "Other", and typing a custom provider ID (e.g., "cursor"), OpenCode would prompt for an API key instead of triggering the plugin's OAuth flow.Root cause: The plugin lookup (
Plugin.list().then(x => x.find(x => x.auth?.provider === provider))) happened at the start of the handler whenprovider === "other", so no plugin matched. After the user typed the custom provider name, theprovidervariable was updated, but there was no second plugin lookup - it fell through directly to the API key prompt.Solution
Added a second
Plugin.list()lookup inside the "Other" block after the user enters the custom provider ID. This checks if any plugin provides authentication for that provider and handles the full OAuth/API key flow accordingly.Testing
Tested with a local cursor-auth plugin:
opencode auth login→ Select "Other" → Type "cursor"