spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-06 16:31:08 +00:00

History

A 3280a44c45 feat: add browser-based OAuth login for Fly.io + token sanitizer (#1506 ) Replace the prompt-first auth flow with a browser-based CLI session flow (same as `fly auth login`). The new auth chain is: 1. Environment variable (FLY_API_TOKEN) 2. Saved config file (~/.config/spawn/fly.json) 3. flyctl CLI (`fly auth token`) 4. Browser OAuth via Fly.io CLI Sessions API (NEW) 5. Manual token prompt (last resort fallback) The browser flow creates a CLI session via POST /api/v1/cli_sessions, opens the auth URL in the user's browser, then polls for the access token. This is the same mechanism flyctl uses internally. Also add _sanitize_fly_token() to handle the Fly dashboard copy button which includes the display name before the token (e.g. "Deploy Token FlyV1 fm2_..."). The sanitizer strips everything before "FlyV1" or extracts bare "fm2_" tokens, and trims whitespace/newlines. Applied at every token entry point (env var, config, manual prompt). Co-authored-by: lab <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-02-19 22:50:19 -08:00
..
common.sh	feat: add browser-based OAuth login for Fly.io + token sanitizer (#1506 )	2026-02-19 22:50:19 -08:00

feat: add browser-based OAuth login for Fly.io + token sanitizer (#1506 )

Replace the prompt-first auth flow with a browser-based CLI session
flow (same as `fly auth login`). The new auth chain is:

1. Environment variable (FLY_API_TOKEN)
2. Saved config file (~/.config/spawn/fly.json)
3. flyctl CLI (`fly auth token`)
4. Browser OAuth via Fly.io CLI Sessions API (NEW)
5. Manual token prompt (last resort fallback)

The browser flow creates a CLI session via POST /api/v1/cli_sessions,
opens the auth URL in the user's browser, then polls for the access
token. This is the same mechanism flyctl uses internally.

Also add _sanitize_fly_token() to handle the Fly dashboard copy button
which includes the display name before the token (e.g. "Deploy Token
FlyV1 fm2_..."). The sanitizer strips everything before "FlyV1" or
extracts bare "fm2_" tokens, and trims whitespace/newlines. Applied
at every token entry point (env var, config, manual prompt).

Co-authored-by: lab <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-02-19 22:50:19 -08:00

common.sh

feat: add browser-based OAuth login for Fly.io + token sanitizer (#1506 )

2026-02-19 22:50:19 -08:00