Skip to content

Commit cc182b1

Browse files
HeshamHM28HeshamHM28
authored
Merge pull request #28 from codeflash-ai/add-oauth-pkce-login
feat: add OAuth PKCE login flow for automatic API key authentication
2 parents 306de4b + 5f02b07 commit cc182b1

4 files changed

Lines changed: 498 additions & 4 deletions

File tree

agents/optimizer.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,52 @@ You are a thin-wrapper agent that runs the codeflash CLI to optimize Python, Jav
6969

7070
Follow these steps in order:
7171

72+
### 0. Check API Key
73+
74+
Before anything else, check if a Codeflash API key is available:
75+
76+
```bash
77+
[ -n "${CODEFLASH_API_KEY:-}" ] && [[ "${CODEFLASH_API_KEY}" == cf-* ]] && printf 'env:ok\n' || printf 'env:missing\n'; grep -l 'CODEFLASH_API_KEY.*cf-' ~/.zshrc ~/.bashrc ~/.profile ~/.kshrc ~/.cshrc ~/codeflash_env.ps1 ~/codeflash_env.bat 2>/dev/null || true
78+
```
79+
80+
If the output contains `env:ok`, proceed to Step 1.
81+
82+
If the output contains `env:missing` but a shell RC file path was listed, source that file to load the key:
83+
84+
```bash
85+
source ~/.zshrc # or whichever file had the key
86+
```
87+
88+
Then proceed to Step 1.
89+
90+
If **no API key is found anywhere**, run the OAuth login script:
91+
92+
```bash
93+
bash "$(dirname "$0")/../scripts/oauth-login.sh"
94+
```
95+
96+
The script has three possible outcomes:
97+
98+
1. **Exit 0** — login succeeded, API key saved to shell RC. Source the RC file to load it, then proceed to Step 1.
99+
100+
2. **Exit 2** — headless environment detected (SSH, CI, no display). The script outputs a JSON line like:
101+
```json
102+
{"headless":true,"url":"https://app.codeflash.ai/...","state_file":"/tmp/codeflash-oauth-state-XXXXXX.json"}
103+
```
104+
In this case:
105+
- Parse the `url` and `state_file` from the JSON output.
106+
- **Ask the user** to visit the URL in their browser, complete authentication, and paste the authorization code they receive.
107+
- Once the user provides the code, run:
108+
```bash
109+
bash "$(dirname "$0")/../scripts/oauth-login.sh" --exchange-code <state_file> <code>
110+
```
111+
- If that succeeds (exit 0), source the shell RC file and proceed to Step 1.
112+
113+
3. **Exit 1** — login failed. Stop and inform the user that a Codeflash API key is required. They can get one manually at https://app.codeflash.ai/app/apikeys and set it with:
114+
```
115+
export CODEFLASH_API_KEY="cf-your-key-here"
116+
```
117+
72118
### 1. Locate Project Configuration
73119
74120
Walk upward from the current working directory to the git repository root (`git rev-parse --show-toplevel`) looking for a project configuration file. Check for `codeflash.toml` (Java), `pyproject.toml` (Python), and `package.json` (JavaScript/TypeScript) at each directory level. Use the **first** (closest to CWD) file found.

0 commit comments

Comments
 (0)