Problem
When doing OAuth from a remote/server setup (SSH into a host, browser on another machine), gog auth add --remote --step 1 generates an auth URL with a fixed redirect URI (http://localhost:1).
In my setup, I expected to use the host's Tailscale FQDN (for example https://molty2.tail8108.ts.net) as callback target, but there appears to be no way to override callback host/redirect URI.
Reproduction
- On a remote host, run:
gog auth add user@example.com --services gmail --remote --step 1
- Observe generated URL includes:
redirect_uri=http%3A%2F%2Flocalhost%3A1
- Check help for
gog auth add:
- It exposes
--remote, --step, --auth-url, --manual, but no callback/redirect override flag.
Actual Behavior
- Redirect URI is hard-coded to localhost in remote mode.
- No CLI option to set callback host/port or full redirect URI.
Expected Behavior
One of:
- Add an explicit override flag (for example
--redirect-uri or --callback-url) for auth flows.
- Add host/port flags (for example
--callback-host, --callback-port) and derive redirect URI from those.
- At least document that remote mode is intentionally localhost-only and why.
Why this matters
Remote/server operators often authenticate from a laptop browser against services running on another machine (Tailscale, SSH, cloud VMs). A configurable callback URL would make auth flow clearer and easier to automate in those environments.
If this is a deliberate design choice, I’m happy to open a docs PR clarifying the intended remote workflow.
Problem
When doing OAuth from a remote/server setup (SSH into a host, browser on another machine),
gog auth add --remote --step 1generates an auth URL with a fixed redirect URI (http://localhost:1).In my setup, I expected to use the host's Tailscale FQDN (for example
https://molty2.tail8108.ts.net) as callback target, but there appears to be no way to override callback host/redirect URI.Reproduction
redirect_uri=http%3A%2F%2Flocalhost%3A1gog auth add:--remote,--step,--auth-url,--manual, but no callback/redirect override flag.Actual Behavior
Expected Behavior
One of:
--redirect-urior--callback-url) for auth flows.--callback-host,--callback-port) and derive redirect URI from those.Why this matters
Remote/server operators often authenticate from a laptop browser against services running on another machine (Tailscale, SSH, cloud VMs). A configurable callback URL would make auth flow clearer and easier to automate in those environments.
If this is a deliberate design choice, I’m happy to open a docs PR clarifying the intended remote workflow.