MCPcopy Index your code
hub / github.com/anomalyco/opencode / startOAuthServer

Function startOAuthServer

packages/opencode/src/plugin/snowflake-cortex.ts:160–227  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

158}
159
160async function startOAuthServer() {
161 if (oauthServer) return
162
163 oauthServer = createServer((req, res) => {
164 const host = req.headers.host || `${OAUTH_CALLBACK_HOST}:${oauthServerPort ?? 0}`
165 const url = new URL(req.url || "/", `http://${host}`)
166
167 if (url.pathname !== OAUTH_CALLBACK_PATH) {
168 res.writeHead(404)
169 res.end("Not found")
170 return
171 }
172
173 const state = url.searchParams.get("state")
174 const code = url.searchParams.get("code")
175 const error = url.searchParams.get("error")
176 const errorDescription = url.searchParams.get("error_description")
177
178 // CSRF guard: validate state before processing any callback
179 if (!pendingOAuth || state !== pendingOAuth.state) {
180 const message = "Invalid state - potential CSRF attack"
181 pendingOAuth?.reject(new Error(message))
182 pendingOAuth = undefined
183 res.writeHead(400, { "Content-Type": "text/html" })
184 res.end(OauthCallbackPage.error(message, { provider: "Snowflake" }))
185 return
186 }
187
188 const current = pendingOAuth
189 pendingOAuth = undefined
190
191 if (error) {
192 const message = errorDescription || error
193 current.reject(new Error(message))
194 res.writeHead(200, { "Content-Type": "text/html" })
195 res.end(OauthCallbackPage.error(message, { provider: "Snowflake" }))
196 return
197 }
198
199 if (!code) {
200 const message = "Missing authorization code"
201 current.reject(new Error(message))
202 res.writeHead(400, { "Content-Type": "text/html" })
203 res.end(OauthCallbackPage.error(message, { provider: "Snowflake" }))
204 return
205 }
206
207 exchangeCodeForToken(current.account, code, current.pkce)
208 .then((tokens) => current.resolve(tokens))
209 .catch((err) => current.reject(err instanceof Error ? err : new Error(String(err))))
210
211 res.writeHead(200, { "Content-Type": "text/html" })
212 res.end(OauthCallbackPage.success({ provider: "Snowflake" }))
213 })
214
215 await new Promise<void>((resolve, reject) => {
216 oauthServer!.listen(0, OAUTH_CALLBACK_HOST, () => {
217 const address = oauthServer!.address()

Callers 1

authorizeFunction · 0.70

Calls 6

exchangeCodeForTokenFunction · 0.85
onMethod · 0.80
resolveFunction · 0.70
getMethod · 0.65
rejectFunction · 0.50
rejectMethod · 0.45

Tested by

no test coverage detected