Skip to content

feat: implement MCP OAuth remote authorization flow#21704

Open
lumincui wants to merge 6 commits intoanomalyco:devfrom
lumincui:dev
Open

feat: implement MCP OAuth remote authorization flow#21704
lumincui wants to merge 6 commits intoanomalyco:devfrom
lumincui:dev

Conversation

@lumincui
Copy link
Copy Markdown

@lumincui lumincui commented Apr 9, 2026
edited
Loading

Issue for this PR

Closes #7377

Type of change

  • Bug fix
  • New feature
  • Refactor / code improvement
  • Documentation

What does this PR do?

Implements MCP OAuth remote authorization flow via the main server's /oauth/callback route. Instead of starting a separate callback server on 127.0.0.1:19876, OAuth callbacks are now handled by the main OpenCode server, making it work better in constrained environments (WSL2, devcontainer, agent sandbox) where binding to 0.0.0.0 or additional ports may not be feasible.

How did you verify your code works?

  • Manually tested OAuth flow end-to-end in TUI web mode with a remote MCP server
  • Unit tests pass for all new functionality
image image

Checklist

  • I have tested my changes locally
  • I have not included unrelated changes in this PR

@lumincui
feat: implement MCP OAuth remote authorization flow
18c3fed 
- Implement MCP OAuth remote authorization flow
- Add unit tests for MCP OAuth remote authorization flow
- Show MCP OAuth auth prompts inline below each MCP item
- Show toast with auth URL when browser open fails in TUI MCP toggle
- Fix use correct protocol for OAuth callback URL and show toast on browser open failure
@lumincui lumincui requested a review from adamdotdevin as a code owner April 9, 2026 15:38
@github-actions github-actions bot added needs:compliance This means the issue will auto-close after 2 hours. and removed needs:compliance This means the issue will auto-close after 2 hours. labels Apr 9, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 9, 2026

Thanks for updating your PR! It now meets our contributing guidelines. 👍

lumincui added 2 commits April 9, 2026 23:47
@lumincui
Merge branch 'dev' into dev
327602e
@lumincui
chore(mcp): remove old callback server startup
194b402 
The OAuth callback is now handled by the main server's /oauth/callback route.
No longer need to start a separate callback server on 127.0.0.1:19876.
@github-actions github-actions bot added needs:compliance This means the issue will auto-close after 2 hours. and removed needs:compliance This means the issue will auto-close after 2 hours. labels Apr 9, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 9, 2026

Thanks for updating your PR! It now meets our contributing guidelines. 👍

@egze
Copy link
Copy Markdown
Contributor

egze commented Apr 10, 2026

Looks really nice

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adamdotdevin adamdotdevin Awaiting requested review from adamdotdevin adamdotdevin is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEATURE]: Allow custom OAuth redirect URI configuration for MCP servers

2 participants

@lumincui @egze