@@ -9,12 +9,12 @@ import (
99 "time"
1010
1111 // Packages
12- server "github.com/mutablelogic/go-server"
1312 goclient "github.com/mutablelogic/go-client"
1413 oauth "github.com/mutablelogic/go-client/pkg/oauth"
1514 otel "github.com/mutablelogic/go-client/pkg/otel"
1615 mcpclient "github.com/mutablelogic/go-llm/pkg/mcp/client"
1716 schema "github.com/mutablelogic/go-llm/pkg/schema"
17+ server "github.com/mutablelogic/go-server"
1818 types "github.com/mutablelogic/go-server/pkg/types"
1919 attribute "go.opentelemetry.io/otel/attribute"
2020)
@@ -65,62 +65,64 @@ func (cmd *LoginCommand) Run(g server.Cmd) (err error) {
6565 var captured * oauth.OAuthCredentials
6666
6767 var c * mcpclient.Client
68- c , err = mcpclient .New (cmd .URL , cmd .ClientName , "0" , func (ctx context.Context , discoveryURL string ) error {
69- flow := c .OAuth ()
70-
71- metadata , err := flow .Discover (ctx , discoveryURL )
72- if err != nil {
73- return fmt .Errorf ("discover: %w" , err )
74- }
68+ c , err = mcpclient .New (cmd .URL , cmd .ClientName , "0" ,
69+ mcpclient .WithAuth (func (ctx context.Context , discoveryURL string ) error {
70+ flow := c .OAuth ()
7571
76- switch {
77- case cmd .ClientCredentials :
78- // Machine-to-machine: client ID+secret required.
79- if cmd .ClientID == "" {
80- return fmt .Errorf ("--client-id is required for --client-credentials flow" )
81- }
82- if cmd .ClientSecret == "" {
83- return fmt .Errorf ("--client-secret is required for --client-credentials flow" )
84- }
85- creds := & oauth.OAuthCredentials {
86- ClientID : cmd .ClientID ,
87- ClientSecret : cmd .ClientSecret ,
88- TokenURL : metadata .TokenEndpoint ,
89- Metadata : metadata ,
90- }
91- captured , err = flow .AuthorizeWithCredentials (ctx , creds , cmd .Scopes ... )
92-
93- case cmd .Device :
94- // Device authorization grant (RFC 8628).
95- creds , err := loginCreds (ctx , flow , metadata , cmd .ClientID , cmd .ClientSecret , cmd .ClientName )
96- if err != nil {
97- return err
98- }
99- captured , err = flow .AuthorizeWithDevice (ctx , creds , func (userCode , verificationURI string ) error {
100- fmt .Printf ("Visit %s and enter code: %s\n " , verificationURI , userCode )
101- return nil
102- }, cmd .Scopes ... )
103-
104- default :
105- // Browser-based Authorization Code + PKCE via loopback redirect.
106- listener , err := net .Listen ("tcp" , "127.0.0.1:0" )
72+ metadata , err := flow .Discover (ctx , discoveryURL )
10773 if err != nil {
108- return fmt .Errorf ("start callback listener : %w" , err )
74+ return fmt .Errorf ("discover : %w" , err )
10975 }
110- defer listener .Close ()
111- redirectURI := fmt .Sprintf ("http://127.0.0.1:%d/callback" , listener .Addr ().(* net.TCPAddr ).Port )
11276
113- creds , err := loginBrowserCreds (ctx , flow , metadata , cmd .ClientID , cmd .ClientSecret , cmd .ClientName , redirectURI )
114- if err != nil {
115- return err
77+ switch {
78+ case cmd .ClientCredentials :
79+ // Machine-to-machine: client ID+secret required.
80+ if cmd .ClientID == "" {
81+ return fmt .Errorf ("--client-id is required for --client-credentials flow" )
82+ }
83+ if cmd .ClientSecret == "" {
84+ return fmt .Errorf ("--client-secret is required for --client-credentials flow" )
85+ }
86+ creds := & oauth.OAuthCredentials {
87+ ClientID : cmd .ClientID ,
88+ ClientSecret : cmd .ClientSecret ,
89+ TokenURL : metadata .TokenEndpoint ,
90+ Metadata : metadata ,
91+ }
92+ captured , err = flow .AuthorizeWithCredentials (ctx , creds , cmd .Scopes ... )
93+
94+ case cmd .Device :
95+ // Device authorization grant (RFC 8628).
96+ creds , err := loginCreds (ctx , flow , metadata , cmd .ClientID , cmd .ClientSecret , cmd .ClientName )
97+ if err != nil {
98+ return err
99+ }
100+ captured , err = flow .AuthorizeWithDevice (ctx , creds , func (userCode , verificationURI string ) error {
101+ fmt .Printf ("Visit %s and enter code: %s\n " , verificationURI , userCode )
102+ return nil
103+ }, cmd .Scopes ... )
104+
105+ default :
106+ // Browser-based Authorization Code + PKCE via loopback redirect.
107+ listener , err := net .Listen ("tcp" , "127.0.0.1:0" )
108+ if err != nil {
109+ return fmt .Errorf ("start callback listener: %w" , err )
110+ }
111+ defer listener .Close ()
112+ redirectURI := fmt .Sprintf ("http://127.0.0.1:%d/callback" , listener .Addr ().(* net.TCPAddr ).Port )
113+
114+ creds , err := loginBrowserCreds (ctx , flow , metadata , cmd .ClientID , cmd .ClientSecret , cmd .ClientName , redirectURI )
115+ if err != nil {
116+ return err
117+ }
118+ captured , err = flow .AuthorizeWithBrowser (ctx , creds , listener , func (authURL string ) error {
119+ fmt .Printf ("Opening browser for authorization...\n %s\n " , authURL )
120+ return openBrowser (authURL )
121+ }, cmd .Scopes ... )
116122 }
117- captured , err = flow .AuthorizeWithBrowser (ctx , creds , listener , func (authURL string ) error {
118- fmt .Printf ("Opening browser for authorization...\n %s\n " , authURL )
119- return openBrowser (authURL )
120- }, cmd .Scopes ... )
121- }
122- return err
123- }, opts ... )
123+ return err
124+ }),
125+ mcpclient .WithClientOpt (opts ... ))
124126 if err != nil {
125127 return fmt .Errorf ("create client: %w" , err )
126128 }
0 commit comments