fix(core): restore auth consent in headless mode and add unit tests

[ehedlund]

Summary

This PR fixes the authentication consent logic for headless/non-interactive mode which was inadvertently broken in a recent commit. It also adds a comprehensive set of unit tests to packages/core/src/utils/authConsent.test.ts to prevent future regressions.

Details

• Fixed getConsentForOauth in packages/core/src/utils/authConsent.ts to correctly handle headless mode using readline instead of throwing an error when UI listeners are absent.
• Reorganized packages/core/src/utils/authConsent.test.ts for better readability and organization.

Related Issues

Fixes #19677

How to Validate

1. Run the new unit tests:

   npm test -w @google/gemini-cli-core -- src/utils/authConsent.test.ts

2. Verify all 6 tests pass.
3. (Optional) Run the CLI in a non-TTY environment or with -p and trigger an OAuth flow to confirm it prompts correctly on stdin.

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
• Windows
• Linux

[gemini-code-assist]

Summary of Changes

Hello @ehedlund, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request fixes a critical regression in the CLI's authentication consent mechanism for headless environments, ensuring that users can properly authenticate even without an interactive UI. Concurrently, it introduces a significant security enhancement by adding deceptive URL detection to tool confirmation messages, providing users with warnings about potentially malicious links. These changes improve both the functionality and security posture of the application.

Highlights

• Authentication Consent Restoration: Restored the authentication consent logic for headless/non-interactive mode, which was previously broken, ensuring the CLI can correctly prompt for OAuth consent in environments without a graphical user interface.
• Enhanced Authentication Unit Tests: Added a comprehensive set of unit tests to packages/core/src/utils/authConsent.test.ts to cover interactive and non-interactive consent flows, preventing future regressions.
• Deceptive URL Detection: Implemented a new security feature to detect and warn users about deceptive URLs within ToolConfirmationMessage components, enhancing user safety by identifying Punycode and non-ASCII characters in URLs.
• URL Security Utilities and Tests: Introduced new utility functions in packages/cli/src/ui/utils/urlSecurityUtils.ts for URL security analysis and added dedicated unit tests for these utilities.

Changelog

• packages/cli/src/ui/components/messages/ToolConfirmationMessage.test.tsx
  • Added tests to verify the display of warning messages for deceptive URLs in 'info' type confirmations.
  • Included tests to ensure deceptive URL warnings are shown for 'exec' type commands.
  • Added a test to confirm shell delimiters are excluded when extracting URLs from 'exec' commands.
  • Implemented a test to check that multiple deceptive URLs are aggregated into a single warning message.
• packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx
  • Imported URL security utility functions and the WarningMessage component.
  • Added useMemo hooks to detect deceptive URLs and generate warning text based on confirmation details.
  • Modified the useMemo hook for question, bodyContent, and options to include securityWarnings.
  • Updated return objects in useMemo to include securityWarnings: null for specific confirmation types.
  • Adjusted the infoProps.urls mapping to convert URLs to Unicode for display.
  • Included deceptiveUrlWarningText in the dependency array for the main useMemo hook.
  • Rendered securityWarnings within the component's output when present.
• packages/cli/src/ui/utils/urlSecurityUtils.test.ts
  • Added a new test file for urlSecurityUtils.
  • Included tests for toUnicodeUrl to verify conversion of Punycode URLs to Unicode, handling complex URLs, and returning original strings for invalid or safe URLs.
  • Added tests for getDeceptiveUrlDetails to check for full details on deceptive URLs, null returns for safe URLs, and handling of already Punycoded hostnames.
• packages/cli/src/ui/utils/urlSecurityUtils.ts
  • Added a new utility file for URL security.
  • Defined DeceptiveUrlDetails interface for structured warning information.
  • Implemented containsDeceptiveMarkers function to check hostnames for Punycode or non-ASCII characters.
  • Created toUnicodeUrl function to convert URL strings or objects to their Unicode representation, manually reconstructing the URL to preserve Unicode hostnames.
  • Developed getDeceptiveUrlDetails function to extract details about potentially deceptive URLs, returning null if no deception is detected or parsing fails.
• packages/core/src/utils/authConsent.test.ts
  • Added beforeEach hook to restore all mocks before each test.
  • Reorganized tests into 'in interactive mode' and 'in non-interactive mode' describe blocks for clarity.
  • Expanded interactive mode tests to cover emitting consent requests, user declining via UI, and throwing FatalAuthenticationError when no UI listeners are present.
  • Added non-interactive mode tests to cover using readline for consent, accepting empty responses as 'yes', and user declining via readline.
• packages/core/src/utils/authConsent.ts
  • Modified getConsentForOauth to prioritize headless mode handling using getOauthConsentNonInteractive.
  • Updated getConsentForOauth to use getOauthConsentInteractive only when UI listeners are present in non-headless mode.
  • Changed the error condition in getConsentForOauth to throw FatalAuthenticationError if no consent mechanism (headless or interactive UI) can be engaged.

Activity

• The pull request was created by ehedlund.
• The author provided a detailed summary, specific changes, related issue, and validation steps.
• The pre-merge checklist indicates that tests were added/updated and validated on MacOS.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

The pull request addresses a critical bug where authentication consent in headless mode was broken and adds comprehensive unit tests to prevent future regressions. It also introduces URL security utilities to detect and warn about deceptive URLs in tool confirmation messages, enhancing user security. The changes are well-tested and improve the robustness and security of the CLI.

I am having trouble creating individual review comments. Click here to see my feedback.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (561-564)

This block correctly renders the securityWarnings component when present. Placing it before the main question ensures that critical security information is presented to the user prominently and early in the confirmation flow. This is vital for user awareness and decision-making.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (37-42)

The introduction of WarningMessage, getDeceptiveUrlDetails, toUnicodeUrl, and DeceptiveUrlDetails is a significant security enhancement. This allows the UI to proactively warn users about potentially deceptive URLs, which is crucial for preventing phishing and other social engineering attacks. This directly addresses a potential security vulnerability.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (108-137)

The deceptiveUrlWarnings and deceptiveUrlWarningText memos correctly identify and format warnings for deceptive URLs. This logic is well-placed to ensure that all relevant URLs, whether from info or exec type commands, are checked for deceptive characteristics. This is a critical security feature.

packages/core/src/utils/authConsent.ts (20-29)

This revised logic for getConsentForOauth correctly prioritizes headless mode consent via getOauthConsentNonInteractive and then checks for interactive UI listeners. The previous implementation incorrectly threw an error in headless mode when no UI listeners were present, which is now fixed. The FatalAuthenticationError is now correctly thrown only when no suitable consent mechanism (headless or interactive UI) is available, ensuring robust error handling in critical authentication paths. This is a critical fix for the authentication flow.

packages/cli/src/ui/utils/urlSecurityUtils.ts (1-90)

The new urlSecurityUtils.ts file introduces essential functions for detecting and handling deceptive URLs. toUnicodeUrl correctly converts Punycode to Unicode for display, and getDeceptiveUrlDetails identifies URLs that might be used in homograph attacks. This is a critical addition to the CLI's security features, protecting users from malicious links. The manual reconstruction of the URL in toUnicodeUrl is a clever and necessary workaround for the WHATWG URL class's automatic Punycode conversion, ensuring that the visually deceptive Unicode version is correctly presented to the user.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (488-491)

Using toUnicodeUrl(urlString) when displaying URLs to fetch is a crucial step in mitigating homograph attacks. By converting Punycode URLs back to their Unicode representation, users can visually inspect the actual domain, preventing them from being tricked by deceptive look-alike domains. This is a critical security improvement.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.test.tsx (90-204)

The new tests for deceptive URLs are a great addition, significantly improving the security posture of the application by ensuring that potential phishing attempts are flagged to the user. This is a critical improvement for user safety.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (510)

Returning securityWarnings from the useMemo hook is essential for the ToolConfirmationMessage component to render any detected security issues. This ensures that the warnings are passed up to the rendering logic.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (517)

Including deceptiveUrlWarningText in the dependency array for the useMemo hook ensures that the question, bodyContent, options, and securityWarnings are re-calculated whenever the deceptive URL warning text changes. This is important for keeping the UI up-to-date with security alerts.

packages/cli/src/ui/utils/urlSecurityUtils.test.ts (1-65)

The new urlSecurityUtils.test.ts file provides comprehensive unit tests for toUnicodeUrl and getDeceptiveUrlDetails. These tests cover various scenarios, including Punycode conversion, complex URLs, and handling of invalid URLs, ensuring the reliability and correctness of the URL security utilities. This is crucial for maintaining the integrity of the security features.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (310-312)

This conditional rendering of WarningMessage based on deceptiveUrlWarningText ensures that security warnings are displayed prominently when detected. This is a direct implementation of the new security feature.

packages/core/src/utils/authConsent.test.ts (30-142)

The refactoring of getConsentForOauth tests into interactive mode and non-interactive mode describes blocks, along with the addition of new test cases, significantly improves test coverage and clarity. This ensures that both interactive UI-based consent and headless readline-based consent mechanisms are thoroughly validated, preventing regressions in a critical authentication flow. This is a high-quality improvement for maintainability and correctness.

packages/cli/src/ui/components/messages/ToolConfirmationMessage.tsx (300-304)

Adding securityWarnings to the useMemo return type ensures that the UI can display security-related messages, such as deceptive URL warnings. This is a necessary structural change to integrate the new security features into the existing component.