Prompter presents authorization prompts to the user out of band from the LLM context — for example via MCP elicitation. Keeping prompts out of the model's context prevents the authorization URL (and any session-bound state) from leaking into tool arguments or transcripts. A nil Prompter is valid an
| 36 | // its last-resort channel. Implementations wrap a transport-specific client |
| 37 | // (e.g. an MCP session); see the ghmcp adapter. |
| 38 | type Prompter interface { |
| 39 | // CanPromptURL reports whether the client can display a URL securely via |
| 40 | // URL-mode elicitation. |
| 41 | CanPromptURL() bool |
| 42 | |
| 43 | // PromptURL securely presents an authorization URL to the user and blocks |
| 44 | // until the user acknowledges, declines, or ctx is done. Returning nil means |
| 45 | // the prompt was shown (not that authorization completed); the caller waits |
| 46 | // for the OAuth flow itself to finish. It returns ErrPromptDeclined if the |
| 47 | // user declines or cancels, or ErrPromptUnavailable if the prompt could not |
| 48 | // be delivered. |
| 49 | PromptURL(ctx context.Context, p Prompt) error |
| 50 | |
| 51 | // CanPromptForm reports whether the client supports form elicitation, used |
| 52 | // to display a device code when URL elicitation is unavailable. |
| 53 | CanPromptForm() bool |
| 54 | |
| 55 | // PromptForm presents a textual acknowledgement prompt and blocks until the |
| 56 | // user responds. It returns ErrPromptDeclined if the user declines, or |
| 57 | // ErrPromptUnavailable if the prompt could not be delivered. |
| 58 | PromptForm(ctx context.Context, p Prompt) error |
| 59 | } |
| 60 | |
| 61 | // canPromptURL reports URL support, tolerating a nil Prompter. |
| 62 | func canPromptURL(p Prompter) bool { return p != nil && p.CanPromptURL() } |
no outgoing calls
no test coverage detected