fix(acp,terminal): support xdg-open url bridging and ACP auth fallbacks

Author: bajrangCoder

src/lib/acp/client.ts

@@ -1,6 +1,8 @@
 import {
 	type Client as ACPProtocolClient,
 	type AgentCapabilities,
+	type AuthenticateResponse,
+	type AuthMethod,
 	type ClientCapabilities,
 	ClientSideConnection,
 	type ContentBlock,
@@ -46,19 +48,28 @@ const ACP_METHODS = {
 	TERMINAL_KILL: "terminal/kill",
 } as const;
 
+const AUTH_REQUIRED_CODE = -32000;
+
 type ClientEventType =
 	| "state_change"
 	| "session_update"
 	| "session_controls_update"
 	| "error"
-	| "permission_request";
+	| "permission_request"
+	| "ext_notification"
+	| "ext_request";
 
 type ClientEventHandler = (data: unknown) => void;
 
 type PendingPermissionRequest = {
 	resolve: (response: PermissionResponse) => void;
 };
 
+type ExtensionRequestHandler = (
+	method: string,
+	params: Record<string, unknown>,
+) => Promise<Record<string, unknown>> | Record<string, unknown>;
+
 export interface StartSessionOptions {
 	url: string;
 	cwd?: string;
@@ -80,10 +91,12 @@ export class ACPClient {
 		PendingPermissionRequest
 	>();
 	private nextPermissionRequestId = 1;
+	private extensionRequestHandler: ExtensionRequestHandler | null = null;
 
 	private _state: ConnectionState = ConnectionState.DISCONNECTED;
 	private _agentCapabilities: AgentCapabilities | null = null;
 	private _agentInfo: Implementation | null = null;
+	private _authMethods: AuthMethod[] = [];
 	private _session: ACPSession | null = null;
 	private _sessionModes: SessionModeState | null = null;
 	private _sessionModels: SessionModelState | null = null;
@@ -101,6 +114,10 @@ export class ACPClient {
 		return this._agentInfo;
 	}
 
+	get authMethods(): AuthMethod[] {
+		return this._authMethods;
+	}
+
 	get session(): ACPSession | null {
 		return this._session;
 	}
@@ -158,6 +175,10 @@ export class ACPClient {
 		this.requestHandlers.set(method, handler);
 	}
 
+	setExtensionRequestHandler(handler: ExtensionRequestHandler | null): void {
+		this.extensionRequestHandler = handler;
+	}
+
 	async connect(config: TransportConfig): Promise<void> {
 		if (
 			this._state !== ConnectionState.DISCONNECTED &&
@@ -225,6 +246,9 @@ export class ACPClient {
 
 			this._agentCapabilities = result.agentCapabilities ?? null;
 			this._agentInfo = result.agentInfo ?? null;
+			this._authMethods = Array.isArray(result.authMethods)
+				? result.authMethods
+				: [];
 			this.setState(ConnectionState.READY);
 			return result;
 		} catch (error) {
@@ -411,6 +435,30 @@ export class ACPClient {
 		this.updateSessionConfigOptionValue(configId, value);
 	}
 
+	async authenticate(methodId: string): Promise<AuthenticateResponse> {
+		this.ensureReady();
+		const connection = this.getConnection();
+		const result = await this.runWhileConnected(
+			connection.authenticate({ methodId }),
+		);
+		return result as AuthenticateResponse;
+	}
+
+	static isAuthRequiredError(error: unknown): boolean {
+		if (error instanceof RequestError && error.code === AUTH_REQUIRED_CODE) {
+			return true;
+		}
+		const asAny = error as { code?: number; message?: string };
+		if (asAny?.code === AUTH_REQUIRED_CODE) return true;
+		if (
+			typeof asAny?.message === "string" &&
+			/auth.?required/i.test(asAny.message)
+		) {
+			return true;
+		}
+		return false;
+	}
+
 	cancel(): void {
 		if (!this._session || !this.connection) return;
 
@@ -472,8 +520,22 @@ export class ACPClient {
 				this.callRegisteredRequest(ACP_METHODS.TERMINAL_WAIT_FOR_EXIT, params),
 			killTerminal: async (params) =>
 				this.callRegisteredRequest(ACP_METHODS.TERMINAL_KILL, params),
-			extMethod: async (method, params) =>
-				this.callRegisteredRequest(method, params),
+			extMethod: async (method, params) => {
+				if (this.requestHandlers.has(method)) {
+					return await this.callRegisteredRequest(method, params);
+				}
+				this.emit("ext_request", { method, params });
+				if (this.extensionRequestHandler) {
+					return await this.extensionRequestHandler(
+						method,
+						(params as Record<string, unknown>) || {},
+					);
+				}
+				throw RequestError.methodNotFound(method);
+			},
+			extNotification: async (method, params) => {
+				this.emit("ext_notification", { method, params });
+			},
 		};
 	}
 
@@ -721,6 +783,7 @@ export class ACPClient {
 		this._session = null;
 		this._agentCapabilities = null;
 		this._agentInfo = null;
+		this._authMethods = [];
 		this.clearSessionConfigurationState();
 	}
 

src/pages/acp/acp.js

@@ -74,7 +74,15 @@ export default function AcpPageInclude() {
 			setFormStatus("Connecting...");
 			await ensureReadyForUrl(url);
 			setFormStatus("Starting session...");
-			await client.newSession(nextCwd || undefined);
+
+			try {
+				await client.newSession(nextCwd || undefined);
+			} catch (sessionErr) {
+				if (!ACPClient.isAuthRequiredError(sessionErr)) throw sessionErr;
+				await handleAuthentication();
+				await client.newSession(nextCwd || undefined);
+			}
+
 			currentSessionUrl = url;
 			switchToChat(client.agentName);
 			saveCurrentSessionHistory();
@@ -85,6 +93,120 @@ export default function AcpPageInclude() {
 		}
 	}
 
+	async function handleAuthentication() {
+		const methods = client.authMethods;
+		if (!methods.length) {
+			throw new Error(
+				"Agent requires authentication but did not advertise any auth methods.",
+			);
+		}
+
+		let selectedMethod = methods[0];
+
+		if (methods.length > 1) {
+			setFormStatus("Authentication required — choose a method");
+			const picked = await select(
+				"Authentication Required",
+				methods.map((m) => ({
+					value: m.id,
+					text: m.name + (m.description ? ` — ${m.description}` : ""),
+					icon: "vpn_key",
+				})),
+				{ textTransform: false },
+			);
+			if (!picked) throw new Error("Authentication cancelled");
+			selectedMethod = methods.find((m) => m.id === picked) || methods[0];
+		}
+
+		let browserOpened = false;
+		const maybeOpenAuthUrl = (value) => {
+			const url = extractExternalUrl(value);
+			if (!url || browserOpened) return false;
+			browserOpened = true;
+			system.openInBrowser(url);
+			setFormStatus("Complete sign-in in your browser…");
+			return true;
+		};
+
+		const handleExtNotification = (event) => {
+			maybeOpenAuthUrl(event);
+		};
+		const handleExtRequest = (event) => {
+			maybeOpenAuthUrl(event);
+		};
+		const handleAuthExtRequest = async (method, params = {}) => {
+			const didOpen = maybeOpenAuthUrl({ method, params });
+			if (!didOpen) {
+				throw RequestError.methodNotFound(method);
+			}
+			return {
+				ok: true,
+				handled: true,
+				opened: true,
+			};
+		};
+
+		const { alpineRoot } = getTerminalPaths();
+		const urlTempPath = `file://${alpineRoot}/tmp/.acode_open_url`;
+		try {
+			await fsOperation(urlTempPath).delete();
+		} catch {
+			/* ignore */
+		}
+
+		setFormStatus(`Authenticating via ${selectedMethod.name}…`);
+
+		client.setExtensionRequestHandler(handleAuthExtRequest);
+		client.on("ext_request", handleExtRequest);
+		client.on("ext_notification", handleExtNotification);
+		const stopPolling = startAuthUrlPolling(urlTempPath);
+		try {
+			const response = await client.authenticate(selectedMethod.id);
+			maybeOpenAuthUrl(response);
+		} finally {
+			stopPolling();
+			client.setExtensionRequestHandler(null);
+			client.off("ext_request", handleExtRequest);
+			client.off("ext_notification", handleExtNotification);
+		}
+
+		setFormStatus("Authenticated — starting session…");
+	}
+
+	function startAuthUrlPolling(urlFilePath) {
+		let stopped = false;
+		let opened = false;
+
+		const poll = async () => {
+			while (!stopped) {
+				await new Promise((resolve) => setTimeout(resolve, 400));
+				if (stopped) break;
+				try {
+					const raw = await fsOperation(urlFilePath).readFile("utf8");
+					const url = String(raw || "").trim();
+					if (url && !opened) {
+						opened = true;
+						system.openInBrowser(url);
+						setFormStatus("Complete sign-in in your browser…");
+						try {
+							await fsOperation(urlFilePath).delete();
+						} catch {
+							/* ignore */
+						}
+					}
+				} catch {
+					/* file doesn't exist yet */
+				}
+			}
+		};
+
+		void poll();
+
+		return () => {
+			stopped = true;
+		};
+	}
+
 	function getTerminalPaths() {
 		const packageName = window.BuildInfo?.packageName || "com.foxdebug.acode";
 		const dataDir = `/data/user/0/${packageName}`;
@@ -95,6 +217,58 @@ export default function AcpPageInclude() {
 		};
 	}
 
+	function extractExternalUrl(value, visited = new Set()) {
+		if (typeof value === "string") {
+			const trimmed = value.trim();
+			return /^(https?|ftps?|mailto|tel|sms|geo):/i.test(trimmed)
+				? trimmed
+				: "";
+		}
+
+		if (!value || typeof value !== "object") return "";
+		if (visited.has(value)) return "";
+		visited.add(value);
+
+		if (Array.isArray(value)) {
+			for (const entry of value) {
+				const nestedUrl = extractExternalUrl(entry, visited);
+				if (nestedUrl) return nestedUrl;
+			}
+			return "";
+		}
+
+		const prioritizedKeys = [
+			"url",
+			"uri",
+			"href",
+			"openUrl",
+			"open_url",
+			"browserUrl",
+			"browser_url",
+			"verificationUri",
+			"verification_uri",
+			"verificationUrl",
+			"verification_url",
+			"authorizationUrl",
+			"authorization_url",
+			"authorizeUrl",
+			"authorize_url",
+		];
+
+		for (const key of prioritizedKeys) {
+			if (!(key in value)) continue;
+			const nestedUrl = extractExternalUrl(value[key], visited);
+			if (nestedUrl) return nestedUrl;
+		}
+
+		for (const nestedValue of Object.values(value)) {
+			const nestedUrl = extractExternalUrl(nestedValue, visited);
+			if (nestedUrl) return nestedUrl;
+		}
+
+		return "";
+	}
+
 	function normalizePathInput(value = "") {
 		return String(value || "")
 			.trim()
@@ -1455,7 +1629,13 @@ export default function AcpPageInclude() {
 			switchToChat(entry.agentName || client.agentName);
 			updateStatusDot("connecting");
 
-			await client.loadSession(entry.sessionId, cwd);
+			try {
+				await client.loadSession(entry.sessionId, cwd);
+			} catch (loadErr) {
+				if (!ACPClient.isAuthRequiredError(loadErr)) throw loadErr;
+				await handleAuthentication();
+				await client.loadSession(entry.sessionId, cwd);
+			}
 			client.session?.finishAgentTurn();
 			currentSessionUrl = entry.url;
 			setChatAgentName(entry.agentName || client.agentName);