From 76d04569bbc27928ed9fef7fe11b448e384642c8 Mon Sep 17 00:00:00 2001
From: chilang <chilang@gmail.com>
Date: Fri, 10 Apr 2026 19:03:54 +0100
Subject: [PATCH] fix(auth): pass username argument to OAuth2Flow in auth
 oauth2 command
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The `auth oauth2` command always passes an empty string to
`OAuth2Flow()`, ignoring any positional username argument. This forces
the flow through `fetchUsername()` which calls `GET /2/users/me` — an
endpoint that has been returning 403 for many developers since the
March 2026 platform regression.

When a username is provided (`xurl auth oauth2 alice`), pass it
through so `OAuth2Flow` skips the broken `/2/users/me` lookup and
stores the token under the given username directly.

Fixes #47
---
 cli/auth.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/cli/auth.go b/cli/auth.go
index 6fa04d6..908fee4 100644
--- a/cli/auth.go
+++ b/cli/auth.go
@@ -56,10 +56,15 @@ func createAuthBearerCmd(a *auth.Auth) *cobra.Command {
 
 func createAuthOAuth2Cmd(a *auth.Auth) *cobra.Command {
 	cmd := &cobra.Command{
-		Use:   "oauth2",
+		Use:   "oauth2 [USERNAME]",
 		Short: "Configure OAuth2 authentication",
+		Args:  cobra.MaximumNArgs(1),
 		Run: func(cmd *cobra.Command, args []string) {
-			_, err := a.OAuth2Flow("")
+			username := ""
+			if len(args) > 0 {
+				username = args[0]
+			}
+			_, err := a.OAuth2Flow(username)
 			if err != nil {
 				fmt.Println("OAuth2 authentication failed:", err)
 				os.Exit(1)