MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-12 12:54:07 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): restore auth consent in headless mode and add unit tests (#19689)

Browse Source
This commit is contained in:
Emily Hedlund
2026-02-20 15:31:43 -05:00
committed by GitHub
parent a01d7e9a05
commit c04602f209
4 changed files with 133 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/src/code_assist/oauth2.test.ts
+10
View File
@@ -32,6 +32,7 @@ import { writeToStdout } from '../utils/stdio.js';
import { FatalCancellationError } from '../utils/errors.js'; import { FatalCancellationError } from '../utils/errors.js';
import process from 'node:process'; import process from 'node:process';
import { coreEvents } from '../utils/events.js'; import { coreEvents } from '../utils/events.js';
import { isHeadlessMode } from '../utils/headless.js';
vi.mock('node:os', async (importOriginal) => { vi.mock('node:os', async (importOriginal) => {
const actual = await importOriginal<typeof import('node:os')>(); const actual = await importOriginal<typeof import('node:os')>();
@@ -54,6 +55,9 @@ vi.mock('http');
vi.mock('open'); vi.mock('open');
vi.mock('crypto'); vi.mock('crypto');
vi.mock('node:readline'); vi.mock('node:readline');
vi.mock('../utils/headless.js', () => ({
isHeadlessMode: vi.fn(),
}));
vi.mock('../utils/browser.js', () => ({ vi.mock('../utils/browser.js', () => ({
shouldAttemptBrowserLaunch: () => true, shouldAttemptBrowserLaunch: () => true,
})); }));
@@ -98,6 +102,12 @@ global.fetch = vi.fn();
describe('oauth2', () => { describe('oauth2', () => {
beforeEach(() => { beforeEach(() => {
vi.mocked(isHeadlessMode).mockReturnValue(false);
(readline.createInterface as Mock).mockReturnValue({
question: vi.fn((_query, callback) => callback('')),
close: vi.fn(),
on: vi.fn(),
});
vi.spyOn(coreEvents, 'listenerCount').mockReturnValue(1); vi.spyOn(coreEvents, 'listenerCount').mockReturnValue(1);
vi.spyOn(coreEvents, 'emitConsentRequest').mockImplementation((payload) => { vi.spyOn(coreEvents, 'emitConsentRequest').mockImplementation((payload) => {
payload.onConfirm(true); payload.onConfirm(true);
packages/core/src/mcp/oauth-provider.test.ts
+17
View File
@@ -36,6 +36,23 @@ vi.mock('../utils/events.js', () => ({
vi.mock('../utils/authConsent.js', () => ({ vi.mock('../utils/authConsent.js', () => ({
getConsentForOauth: vi.fn(() => Promise.resolve(true)), getConsentForOauth: vi.fn(() => Promise.resolve(true)),
})); }));
vi.mock('../utils/headless.js', () => ({
isHeadlessMode: vi.fn(() => false),
}));
vi.mock('node:readline', () => ({
default: {
createInterface: vi.fn(() => ({
question: vi.fn((_query, callback) => callback('')),
close: vi.fn(),
on: vi.fn(),
})),
},
createInterface: vi.fn(() => ({
question: vi.fn((_query, callback) => callback('')),
close: vi.fn(),
on: vi.fn(),
})),
}));
import { describe, it, expect, beforeEach, afterEach } from 'vitest'; import { describe, it, expect, beforeEach, afterEach } from 'vitest';
import * as http from 'node:http'; import * as http from 'node:http';
packages/core/src/utils/authConsent.test.ts
+97 -54
View File
@@ -4,7 +4,7 @@
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
*/ */
import { describe, it, expect, vi } from 'vitest'; import { describe, it, expect, vi, beforeEach } from 'vitest';
import type { Mock } from 'vitest'; import type { Mock } from 'vitest';
import readline from 'node:readline'; import readline from 'node:readline';
import process from 'node:process'; import process from 'node:process';
@@ -27,73 +27,116 @@ vi.mock('./stdio.js', () => ({
})); }));
describe('getConsentForOauth', () => { describe('getConsentForOauth', () => {
it('should use coreEvents when listeners are present', async () => { beforeEach(() => {
vi.restoreAllMocks(); vi.restoreAllMocks();
const mockEmitConsentRequest = vi.spyOn(coreEvents, 'emitConsentRequest'); });
const mockListenerCount = vi
.spyOn(coreEvents, 'listenerCount')
.mockReturnValue(1);
mockEmitConsentRequest.mockImplementation((payload) => { describe('in interactive mode', () => {
payload.onConfirm(true); beforeEach(() => {
(isHeadlessMode as Mock).mockReturnValue(false);
}); });
const result = await getConsentForOauth('Login required.'); it('should emit consent request when UI listeners are present', async () => {
const mockEmitConsentRequest = vi.spyOn(coreEvents, 'emitConsentRequest');
vi.spyOn(coreEvents, 'listenerCount').mockReturnValue(1);
expect(result).toBe(true); mockEmitConsentRequest.mockImplementation((payload) => {
expect(mockEmitConsentRequest).toHaveBeenCalledWith( payload.onConfirm(true);
expect.objectContaining({ });
prompt: expect.stringContaining(
'Login required. Opening authentication page in your browser.',
),
}),
);
mockListenerCount.mockRestore(); const result = await getConsentForOauth('Login required.');
mockEmitConsentRequest.mockRestore();
expect(result).toBe(true);
expect(mockEmitConsentRequest).toHaveBeenCalledWith(
expect.objectContaining({
prompt: expect.stringContaining(
'Login required. Opening authentication page in your browser.',
),
}),
);
});
it('should return false when user declines via UI', async () => {
const mockEmitConsentRequest = vi.spyOn(coreEvents, 'emitConsentRequest');
vi.spyOn(coreEvents, 'listenerCount').mockReturnValue(1);
mockEmitConsentRequest.mockImplementation((payload) => {
payload.onConfirm(false);
});
const result = await getConsentForOauth('Login required.');
expect(result).toBe(false);
});
it('should throw FatalAuthenticationError when no UI listeners are present', async () => {
vi.spyOn(coreEvents, 'listenerCount').mockReturnValue(0);
await expect(getConsentForOauth('Login required.')).rejects.toThrow(
FatalAuthenticationError,
);
});
}); });
it('should use readline when no listeners are present and not headless', async () => { describe('in non-interactive mode', () => {
vi.restoreAllMocks(); beforeEach(() => {
const mockListenerCount = vi (isHeadlessMode as Mock).mockReturnValue(true);
.spyOn(coreEvents, 'listenerCount') });
.mockReturnValue(0);
(isHeadlessMode as Mock).mockReturnValue(false);
const mockReadline = { it('should use readline to prompt for consent', async () => {
on: vi.fn((event, callback) => { const mockReadline = {
if (event === 'line') { on: vi.fn((event, callback) => {
callback('y'); if (event === 'line') {
} callback('y');
}), }
close: vi.fn(), }),
}; close: vi.fn(),
(readline.createInterface as Mock).mockReturnValue(mockReadline); };
(readline.createInterface as Mock).mockReturnValue(mockReadline);
const result = await getConsentForOauth('Login required.'); const result = await getConsentForOauth('Login required.');
expect(result).toBe(true); expect(result).toBe(true);
expect(readline.createInterface).toHaveBeenCalled(); expect(readline.createInterface).toHaveBeenCalledWith(
expect(writeToStdout).toHaveBeenCalledWith( expect.objectContaining({
expect.stringContaining( terminal: true,
'Login required. Opening authentication page in your browser.', }),
), );
); expect(writeToStdout).toHaveBeenCalledWith(
expect.stringContaining('Login required.'),
);
});
mockListenerCount.mockRestore(); it('should accept empty response as "yes"', async () => {
}); const mockReadline = {
on: vi.fn((event, callback) => {
if (event === 'line') {
callback('');
}
}),
close: vi.fn(),
};
(readline.createInterface as Mock).mockReturnValue(mockReadline);
it('should throw FatalAuthenticationError when no listeners and headless', async () => { const result = await getConsentForOauth('Login required.');
vi.restoreAllMocks();
const mockListenerCount = vi
.spyOn(coreEvents, 'listenerCount')
.mockReturnValue(0);
(isHeadlessMode as Mock).mockReturnValue(true);
await expect(getConsentForOauth('Login required.')).rejects.toThrow( expect(result).toBe(true);
FatalAuthenticationError, });
);
mockListenerCount.mockRestore(); it('should return false when user declines via readline', async () => {
const mockReadline = {
on: vi.fn((event, callback) => {
if (event === 'line') {
callback('n');
}
}),
close: vi.fn(),
};
(readline.createInterface as Mock).mockReturnValue(mockReadline);
const result = await getConsentForOauth('Login required.');
expect(result).toBe(false);
});
}); });
}); });
packages/core/src/utils/authConsent.ts
+9 -10
View File
@@ -12,22 +12,21 @@ import { isHeadlessMode } from './headless.js';
/** /**
* Requests consent from the user for OAuth login. * Requests consent from the user for OAuth login.
* Handles both TTY and non-TTY environments. * Handles both interactive and non-interactive (headless) modes.
*/ */
export async function getConsentForOauth(prompt: string): Promise<boolean> { export async function getConsentForOauth(prompt: string): Promise<boolean> {
const finalPrompt = prompt + ' Opening authentication page in your browser. '; const finalPrompt = prompt + ' Opening authentication page in your browser. ';
if (coreEvents.listenerCount(CoreEvent.ConsentRequest) === 0) { if (isHeadlessMode()) {
if (isHeadlessMode()) {
throw new FatalAuthenticationError(
'Interactive consent could not be obtained.\n' +
'Please run Gemini CLI in an interactive terminal to authenticate, or use NO_BROWSER=true for manual authentication.',
);
}
return getOauthConsentNonInteractive(finalPrompt); return getOauthConsentNonInteractive(finalPrompt);
} else if (coreEvents.listenerCount(CoreEvent.ConsentRequest) > 0) {
return getOauthConsentInteractive(finalPrompt);
} }
throw new FatalAuthenticationError(
return getOauthConsentInteractive(finalPrompt); 'Authentication consent could not be obtained.\n' +
'Please run Gemini CLI in an interactive terminal to authenticate, ' +
'or use NO_BROWSER=true for manual authentication.',
);
} }
async function getOauthConsentNonInteractive(prompt: string) { async function getOauthConsentNonInteractive(prompt: string) {