Fix OAuth server for macOS bash 3.x (#24)

Three issues broke the OAuth callback server on macOS: 1. echo -e doesn't work in bash 3.x — \r\n appears as literal text in the HTTP response, browser gets malformed headers. Fix: pre-write response with printf to a file before the subshell. 2. local variables inside ( ... ) & subshell — undefined behavior in bash 3.x since subshells aren't function scope. Fix: use plain variables in subshells. 3. ((elapsed++)) when elapsed=0 evaluates to falsy — set -e kills the script on the first iteration of the timeout loop. Fix: use elapsed=$((elapsed + 1)) instead. Also simplified nc_listen detection to only check for BusyBox (the -p flag check could misfire on macOS nc). Applied to all 10 lib/common.sh files. Co-authored-by: Sprite <noreply@sprite.dev> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-04 23:00:20 +00:00 · 2026-02-07 14:21:47 -08:00 · 2026-02-07 14:21:47 -08:00 · 6ac59e6bb3
commit 6ac59e6bb3
parent 13896ba52d
14 changed files with 922 additions and 159 deletions
--- a/lambda/lib/common.sh
+++ b/lambda/lib/common.sh
@ -25,7 +25,7 @@ safe_read() {

 nc_listen() {
    local port=$1; shift
-    if nc --help 2>&1 | grep -q "BusyBox\|busybox" || nc --help 2>&1 | grep -q "\-p "; then
+    if nc --help 2>&1 | grep -q "BusyBox\|busybox"; then
        nc -l -p "$port" "$@"
    else nc -l "$port" "$@"; fi
 }
@ -62,23 +62,29 @@ try_oauth_flow() {
    local auth_url="https://openrouter.ai/auth?callback_url=${callback_url}"
    local oauth_dir=$(mktemp -d) code_file="$oauth_dir/code"
    log_warn "Starting local OAuth server on port ${callback_port}..."
+
+    # Write the HTTP response to a file (using printf for macOS bash 3.x compat)
+    local response_tpl="$oauth_dir/response.http"
+    printf 'HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<html><head><style>body{font-family:system-ui;display:flex;justify-content:center;align-items:center;height:100vh;margin:0;background:#1a1a2e}.card{text-align:center;color:#fff}h1{color:#00d4aa}p{color:#ffffffcc}</style></head><body><div class="card"><h1>Authentication Successful!</h1><p>You can close this tab</p></div><script>setTimeout(function(){try{window.close()}catch(e){}},3000)</script></body></html>' > "$response_tpl"
+    
+    # Background listener
    (
-        local success_response='HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<html><head><style>body{font-family:system-ui;display:flex;justify-content:center;align-items:center;height:100vh;margin:0;background:#1a1a2e}.card{text-align:center;color:#fff}h1{color:#00d4aa}p{color:#ffffffcc}</style></head><body><div class="card"><h1>Authentication Successful!</h1><p>You can close this tab</p></div><script>setTimeout(function(){try{window.close()}catch(e){}},3000)</script></body></html>'
        while true; do
-            local response_file=$(mktemp); echo -e "$success_response" > "$response_file"
-            local request=$(nc_listen "$callback_port" < "$response_file" 2>/dev/null | head -1)
-            local nc_status=$?; rm -f "$response_file"
-            if [[ $nc_status -ne 0 ]]; then break; fi
-            if [[ "$request" == *"/callback?code="* ]]; then
-                echo "$request" | sed -n 's/.*code=\([^ &]*\).*/\1/p' > "$code_file"; break
-            fi
+            request=$(nc_listen "$callback_port" < "$response_tpl" 2>/dev/null | head -1) || break
+            
+            case "$request" in
+                *"/callback?code="*)
+                    echo "$request" | sed -n 's/.*code=\([^ &]*\).*/\1/p' > "$code_file"
+                    break
+                    ;;
+            esac
        done
    ) </dev/null &
    local server_pid=$!; sleep 1
    if ! kill -0 $server_pid 2>/dev/null; then log_warn "Failed to start OAuth server"; rm -rf "$oauth_dir"; return 1; fi
    log_warn "Opening browser to authenticate with OpenRouter..."; open_browser "$auth_url"
    local timeout=120 elapsed=0
-    while [[ ! -f "$code_file" ]] && [[ $elapsed -lt $timeout ]]; do sleep 1; ((elapsed++)); done
+    while [[ ! -f "$code_file" ]] && [[ $elapsed -lt $timeout ]]; do sleep 1; elapsed=$((elapsed + 1)); done
    kill $server_pid 2>/dev/null || true; wait $server_pid 2>/dev/null || true
    if [[ ! -f "$code_file" ]]; then log_warn "OAuth timeout"; rm -rf "$oauth_dir"; return 1; fi
    local oauth_code=$(cat "$code_file"); rm -rf "$oauth_dir"
@ -245,7 +251,7 @@ print(d.get('error', {}).get('message', d.get('error', 'Unknown error')))
            return 0
        fi
        log_warn "Instance status: $status ($attempt/$max_attempts)"
-        sleep 10; ((attempt++))
+        sleep 10; attempt=$((attempt + 1))
    done
    log_error "Instance did not become active in time"; return 1
 }
@ -257,7 +263,7 @@ verify_server_connectivity() {
        if ssh $SSH_OPTS -o ConnectTimeout=5 "ubuntu@$ip" "echo ok" >/dev/null 2>&1; then
            log_info "SSH connection established"; return 0
        fi
-        log_warn "Waiting for SSH... ($attempt/$max_attempts)"; sleep 5; ((attempt++))
+        log_warn "Waiting for SSH... ($attempt/$max_attempts)"; sleep 5; attempt=$((attempt + 1))
    done
    log_error "Server failed to respond via SSH after $max_attempts attempts"; return 1
 }