feat: improve oauth login inputs and callback UX#31
Conversation
271ed70 to
ba1f7c4
Compare
There was a problem hiding this comment.
This PR introduces solid improvements to the OAuth login flow by adding convenient configuration flags and enhancing the local callback server's UX and test coverage. The implementation is clean and will noticeably streamline the authentication process. There is just a minor piece of dead code noted in the client ID prompt logic to review, where the fallback handling for existing client IDs might need a small adjustment depending on the intended prompt behavior.
There was a problem hiding this comment.
This pull request improves the OAuth login workflow by introducing support for client ID and base URL flags and enhancing the callback server with styled HTML feedback. These updates provide greater flexibility for various environments while ensuring a more polished and reliable authentication experience for users, and no issues were flagged during the review.
# 1.0.0 (2026-03-25) ### Bug Fixes * broaden CI detection to handle all truthy values ([7dc2806](7dc2806)) * exclude dist from biome checks ([0dc49a3](0dc49a3)) ### Features * add API Spinner Proxy ([#17](#17)) ([a3bc75a](a3bc75a)) * add fuzzy reference resolution ([#19](#19)) ([6c1c6f9](6c1c6f9)) * add npm publishing, new agent skills, and skill auto-update ([#36](#36)) ([bcb2e75](bcb2e75)), closes [Doist/todoist-cli#176](Doist/todoist-cli#176) [Doist/bob-cli#17](Doist/bob-cli#17) [Doist/twist-cli#101](Doist/twist-cli#101) * add structured error formatting with codes and hints ([#18](#18)) ([17658d2](17658d2)) * implement OAuth PKCE browser login ([#20](#20)) ([b7f6eec](b7f6eec)), closes [#7](#7) [outline/outline#11254](outline/outline#11254) * improve oauth login inputs and callback UX ([#31](#31)) ([3011b28](3011b28))
|
🎉 This PR is included in version 1.0.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
✅ |
This updates
ol auth loginto accept--client-idand--base-urlflags while following a bring-your-own OAuth credentials approach, with no hardcoded client ID in the repo.The login flow now resolves base URL from
--base-url, thenOUTLINE_URL, and prompts only when neither is provided. The localhost OAuth callback server now returns styled UTF-8 HTML success/error pages with escaped messages, and the promise cleanup path was adjusted to avoid unhandled rejection noise.README auth docs were updated for the new flags and OAuth callback behavior is covered by a new test file for success, state mismatch, and provider error cases.
Demo