Skip to content

Fix floating auth tab strip for transparent-DCR OAuth connect modal#1202

Closed
RhysSullivan wants to merge 2 commits into
mainfrom
fix-oauth-dcr-card-2
Closed

Fix floating auth tab strip for transparent-DCR OAuth connect modal#1202
RhysSullivan wants to merge 2 commits into
mainfrom
fix-oauth-dcr-card-2

Conversation

@RhysSullivan

Copy link
Copy Markdown
Owner

Problem

In the add-connection modal, the auth-method tab strip and its body live in a Tabs -> TabsList -> TabsContent group. The TabsContent card was wrapped in {dcrActive ? null : (...)}, so whenever an OAuth integration used transparent dynamic client registration (the MCP OAuth case) the card was suppressed.

The tab strip itself still renders whenever a custom-method + is available. The result: the OAuth tab plus the + floated with no card beneath it, and the tab strip's border looked detached (it jumped straight to "Connection saved to").

That same wrapper had a second symptom: the in-card "No app to choose" DCR explainer was written inside a dcrActive ? branch within the gated TabsContent, which the outer dcrActive ? null made permanently unreachable dead code.

Fix

Always render the TabsContent card and let the inner dcrActive / cimdActive branches show their explainer. The tab strip gets its body back, and the DCR/CIMD explainer is now live instead of dead. The change is purely the removal of the {dcrActive ? null : (...)} gate; the rest of the diff is the block de-indenting by two spaces.

Before / after

  • Before: OAuth tab and + floating, no card, modal jumps to "Connection saved to".
  • After: the OAuth tab sits on its "No app to choose / supports automatic setup" card.

Verification

New selfhost browser scenario e2e/selfhost/connection-modal-dcr-card.test.ts: registers a remote MCP integration declaring an oauth2 method (which makes it DCR-capable), opens the add-connection modal, and asserts the OAuth tab's body card renders under the tab strip. It passes on this branch and fails on the pre-fix code (the asserted copy was unreachable), so it guards the regression. Per-step screenshots and video are captured as run artifacts.

Selfhost browser scenario: a remote MCP integration declaring an oauth2
method is DCR-capable, so the add-connection modal shows the OAuth tab
plus the custom-method '+'. Guards that the OAuth tab's body card (the
'No app to choose' DCR explainer) renders under the tab strip instead of
the tabs floating with no card. Fails on the pre-fix code.
When a transparent-DCR (or CIMD) OAuth integration also exposed a
custom-method '+' (createCustomMethod), the method tab strip rendered but
its TabsContent card was gated out by a 'dcrActive ? null' wrapper,
leaving the tabs floating with no body and a detached-looking border.

That same wrapper also made the in-card 'No app to choose' DCR explainer
unreachable dead code. Always render TabsContent and let the inner
dcrActive / cimdActive branches show the explainer, so the tab strip gets
its card back.
@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
executor-marketing 429a026 Commit Preview URL

Branch Preview URL
Jun 29 2026, 02:12 AM

@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
executor-cloud 429a026 Jun 29 2026, 02:12 AM

@greptile-apps

greptile-apps Bot commented Jun 29, 2026

Copy link
Copy Markdown

Greptile Summary

Removes the {dcrActive ? null : (...)} outer gate that was suppressing the TabsContent card whenever a transparent-DCR OAuth integration was active, causing the tab strip to render without a body and making the inner DCR explainer unreachable dead code. The fix is purely structural: always render TabsContent and let the existing inner cimdActive/dcrActive/oauthLoading branches handle each state as intended.

  • add-account-modal.tsx: drops the outer DCR gate; the diff is entirely de-indentation plus the removed wrapper, with no logic changes to the inner branches.
  • e2e/selfhost/connection-modal-dcr-card.test.ts: new selfhost browser scenario that registers a remote MCP oauth2 integration, opens the add-connection modal, and asserts the "No app to choose" DCR explainer card is visible under the tab strip.

Confidence Score: 4/5

Safe to merge: the change is a single-gate removal with no logic rewritten, all previously-working non-DCR paths are unaffected, and the new e2e test guards the regression.

The modal fix is minimal and low-risk: removing an outer conditional that was suppressing a block whose inner branches already handle every case correctly. The only findings are a pre-existing em-dash in a touched string and a missing needs capability declaration in the new test, neither of which affects runtime behavior.

No files require special attention; both changed files are straightforward and self-contained.

Important Files Changed

Filename Overview
packages/react/src/components/add-account-modal.tsx Removes the outer {dcrActive ? null : (...)} gate around TabsContent, allowing the tab body card to always render; inner cimdActive/dcrActive/oauthLoading branches are unchanged and handle each state correctly. One pre-existing em-dash in the touched string violates the AGENTS.md style rule.
e2e/selfhost/connection-modal-dcr-card.test.ts New selfhost browser scenario that registers a remote MCP OAuth integration and asserts the DCR explainer card is visible under the tab strip. Well-structured with proper cleanup via Effect.ensuring; missing a needs capability declaration for the Browser service.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Tabs renders tab strip] --> B{dcrActive?}
    B -- "Before fix: true" --> C[null: TabsContent suppressed, tab strip floats with no body]
    B -- "Before fix: false" --> D[TabsContent rendered]
    D --> E{isOAuth and method?}
    E -- cimdActive --> F[No app registration card]
    E -- dcrActive --> G[No app to choose card - dead code, outer gate blocked this]
    E -- oauthLoading --> H[Loading OAuth apps]
    E -- else --> I[OAuth app picker / register CTA]

    B2[After fix: always render TabsContent] --> E2{isOAuth and method?}
    E2 -- cimdActive --> F2[No app registration card]
    E2 -- dcrActive --> G2[No app to choose card - now reachable]
    E2 -- oauthLoading --> H2[Loading OAuth apps]
    E2 -- else --> I2[OAuth app picker / register CTA]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[Tabs renders tab strip] --> B{dcrActive?}
    B -- "Before fix: true" --> C[null: TabsContent suppressed, tab strip floats with no body]
    B -- "Before fix: false" --> D[TabsContent rendered]
    D --> E{isOAuth and method?}
    E -- cimdActive --> F[No app registration card]
    E -- dcrActive --> G[No app to choose card - dead code, outer gate blocked this]
    E -- oauthLoading --> H[Loading OAuth apps]
    E -- else --> I[OAuth app picker / register CTA]

    B2[After fix: always render TabsContent] --> E2{isOAuth and method?}
    E2 -- cimdActive --> F2[No app registration card]
    E2 -- dcrActive --> G2[No app to choose card - now reachable]
    E2 -- oauthLoading --> H2[Loading OAuth apps]
    E2 -- else --> I2[OAuth app picker / register CTA]
Loading

Reviews (1): Last reviewed commit: "Fix floating auth tab strip for transpar..." | Re-trigger Greptile

Register an app below to connect.
</p>
</div>
) : null}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Em-dash in user-facing string

The string sign you in — no client ID or app to pick. contains an em-dash (). The AGENTS.md style rule bans em-dashes everywhere, including code. Since this line is touched by the diff (it was de-indented), it's a good opportunity to replace the em-dash with a comma, colon, or parenthesis.

Context Used: AGENTS.md (source)

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Comment on lines +25 to +27
scenario(
"Connections · the add-connection modal for a transparent-DCR OAuth MCP renders its body card under the tab strip",
{},

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 No needs capability declared for browser dependency

The scenario options are {} but the test yields Browser and drives a full browser session. The e2e/AGENTS.md anatomy examples declare required capabilities via needs (e.g. { needs: ["api"] }). If the runner gates service provisioning on that field, the test could silently skip or error on an environment that doesn't wire up Browser by default. Consider adding needs: ["browser"] (or the equivalent selfhost capability key) to make the dependency explicit and self-documenting.

Context Used: e2e/AGENTS.md (source)

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Cloudflare preview

Torn down — the PR is closed.

@pkg-pr-new

pkg-pr-new Bot commented Jun 29, 2026

Copy link
Copy Markdown

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@1202

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@1202

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@1202

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@1202

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@1202

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@1202

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@1202

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@1202

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@1202

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@1202

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@1202

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@1202

executor

npm i https://pkg.pr.new/executor@1202

commit: 429a026

@RhysSullivan

Copy link
Copy Markdown
Owner Author

Before / after

Captured live from the selfhost app by the new e2e scenario (e2e/selfhost/connection-modal-dcr-card.test.ts), a remote MCP integration declaring an oauth2 method (transparent DCR).

Before — the OAuth tab and + float with no card beneath; the modal jumps straight to "Connection saved to":

Before: floating OAuth tab strip with no body card

After — the OAuth tab sits on its "No app to choose / supports automatic setup" card:

After: OAuth tab anchored to its body card

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant