Skip to content

feat(auth): open OAuth URL in default browser automatically#875

Open
nktks wants to merge 7 commits into
googleworkspace:mainfrom
nktks:feat/auth-login-open-browser
Open

feat(auth): open OAuth URL in default browser automatically#875
nktks wants to merge 7 commits into
googleworkspace:mainfrom
nktks:feat/auth-login-open-browser

Conversation

@nktks

@nktks nktks commented Jul 14, 2026

Copy link
Copy Markdown

Description

gws auth login currently prints the OAuth URL and requires the user to copy-paste it into a browser manually. This PR makes the CLI attempt to open the URL in the default browser automatically, falling back to the existing copy-paste flow when no opener is available.

  • Adds crates/google-workspace-cli/src/browser.rs with a best-effort try_open_browser():
    • macOS: open
    • Linux: xdg-open
    • Windows: explorer (avoids cmd /C start, which re-parses & inside URLs, and rundll32 url.dll,FileProtocolHandler, a LOLBIN technique commonly blocked by EDR/WDAC policies)
  • Wires it into both URL presentation points in auth_commands.rs (login_with_proxy_support and CliFlowDelegate::present_user_url). The URL is still always printed, so headless/SSH environments keep working unchanged.
  • Only plain https:// URLs without whitespace, control characters, dangerous Unicode (Cf category), or quote/shell metacharacters are handed to the opener (defense-in-depth per the input-safety guidelines in AGENTS.md).
  • The opener process is spawned detached and reaped on a background thread so a slow opener never blocks the OAuth callback accept loop.
  • Failures (opener missing, unknown platform, spawn error) are silent by design — the printed URL remains the fallback.

Dry Run Output:

// Not applicable — this change affects the auth login flow, not API request construction.

Checklist:

  • My code follows the AGENTS.md guidelines (no generated google-* crates).
  • I have run cargo fmt --all to format the code perfectly.
  • I have run cargo clippy -- -D warnings and resolved all warnings. (One pre-existing clippy::collapsible_match warning in crates/google-workspace-cli/src/helpers/script.rs:173 appears with clippy 1.96 on unmodified main as well; it is unrelated to this change and left untouched.)
  • I have added tests that prove my fix is effective or that my feature works. (10 unit tests covering per-platform opener selection, URL validation happy/rejection paths, and spawn failure fallback; verified manually on macOS that the browser opens.)
  • I have provided a Changeset file (e.g. via pnpx changeset) to document my changes.

🤖 Generated with Claude Code

gws auth login now attempts to launch the default browser with the
OAuth URL (open on macOS, xdg-open on Linux, rundll32 on Windows).
When no opener is available the existing copy-paste flow is unchanged.
@changeset-bot

changeset-bot Bot commented Jul 14, 2026

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: a653b04

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@googleworkspace/cli Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@googleworkspace-bot googleworkspace-bot added area: auth area: core Core CLI parsing, commands, error handling, utilities labels Jul 14, 2026
@nktks nktks marked this pull request as ready for review July 14, 2026 09:10
@gemini-code-assist

Copy link
Copy Markdown
Contributor

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the 'gws auth login' command by automating the browser-based authentication flow. By detecting the host operating system and spawning a detached process to open the OAuth URL, the CLI reduces manual user effort while preserving the original copy-paste workflow as a robust fallback. The implementation includes strict URL validation and comprehensive unit testing to ensure security and cross-platform compatibility.

Highlights

  • Automatic Browser Launch: Implemented a new utility to automatically open the OAuth authentication URL in the user's default browser, improving the login experience.
  • Cross-Platform Support: Added platform-specific logic for macOS (open), Linux (xdg-open), and Windows (rundll32) to ensure reliable browser invocation.
  • Robust Fallback Mechanism: Maintained the existing copy-paste flow as a silent fallback, ensuring functionality remains intact in headless or restricted environments.
  • Security and Stability: Added URL validation to prevent command injection and implemented detached process spawning with background reaping to avoid blocking the CLI.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

  1. Review the Generative AI Prohibited Use Policy, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces automatic browser opening for the OAuth login flow in gws auth login across macOS, Linux, and Windows, falling back to the manual copy-paste flow if opening fails. A new browser module is added to handle platform-specific browser spawning and URL validation. Feedback suggests improving URL validation by checking for dangerous Unicode characters (Format category Cf) in addition to standard control characters.

Comment thread crates/google-workspace-cli/src/browser.rs
char::is_control() only covers the Cc category, so zero-width chars
and bidi overrides (Cf) passed the opener URL validation. Reuse the
existing google_workspace::validate::is_dangerous_unicode helper.
@googleworkspace-bot

Copy link
Copy Markdown
Collaborator

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces automatic browser opening for the OAuth login flow in gws auth login across macOS, Linux, and Windows, falling back to the manual copy-paste flow if needed. The feedback recommends strengthening the URL validation in is_openable_url to explicitly reject shell metacharacters, quotes, and backslashes to prevent potential injection or parsing issues in external openers, and suggests adding corresponding test cases to verify these security checks.

Comment thread crates/google-workspace-cli/src/browser.rs
Comment thread crates/google-workspace-cli/src/browser.rs
nktks added 2 commits July 14, 2026 21:52
Some openers forward their argument through a shell (xdg-open wrapper
scripts) and rundll32 mis-parses quotes, so explicitly reject
" ' \ ; $ | ` < > before handing the URL to the opener. Properly
percent-encoded OAuth URLs never contain these characters.
@googleworkspace-bot

Copy link
Copy Markdown
Collaborator

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements automatic browser opening for the gws auth login command across macOS, Linux, and Windows platforms, falling back to the manual copy-paste flow if needed. It introduces a new browser module to validate URLs and spawn detached processes safely. The review feedback points out an inconsistency in referencing the validate module, suggesting the use of crate::validate instead of google_workspace::validate to prevent potential compilation issues.

Comment thread crates/google-workspace-cli/src/browser.rs Outdated
…-export

The CLI crate consistently uses the crate::validate shim (39 call
sites) rather than the google_workspace library path.
@googleworkspace-bot

Copy link
Copy Markdown
Collaborator

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces automatic browser opening for the OAuth login flow on macOS, Linux, and Windows, falling back to manual copy-paste if it fails. It includes URL validation to prevent command injection. The review feedback recommends replacing rundll32 with explorer on Windows to avoid enterprise security blocks (LOLBIN detection) and updating the corresponding unit tests.

Comment thread crates/google-workspace-cli/src/browser.rs Outdated
Comment thread crates/google-workspace-cli/src/browser.rs Outdated
nktks added 2 commits July 14, 2026 22:11
rundll32 url.dll,FileProtocolHandler is a well-known LOLBIN technique
that EDR agents and WDAC policies commonly block or flag, which would
make the login flow fail silently in enterprise environments. Spawning
explorer.exe directly keeps the no-cmd-reparsing property while using
a binary that cannot be blocked without breaking the OS GUI.
@googleworkspace-bot

Copy link
Copy Markdown
Collaborator

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces automatic browser opening for the gws auth login command. It adds a new browser module that handles platform-specific commands (open on macOS, xdg-open on Linux, and explorer on Windows) to safely open the OAuth URL, falling back to the manual copy-paste flow if it fails. The URL is validated to ensure it is a secure HTTPS address and free of dangerous characters before launching. I have no feedback to provide.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: auth area: core Core CLI parsing, commands, error handling, utilities

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants