[server][oauth] Support loopback redirect

Some desktop require more work to support custom scheme handlers, so this approach makes it easy to work out of the box without any system integration.
2026-02-14 23:48:30 -06:00 · 2026-02-11 14:06:27 +05:30
parent dc59dd0709
commit 131b32b6c5
2 changed files with 9 additions and 2 deletions
--- a/server/internal/api/v1/auth/oauth.go
+++ b/server/internal/api/v1/auth/oauth.go
@@ -15,6 +15,9 @@ func handleOAuthStart(c *gin.Context) {
 	if c.Query("client_type") == "native" {
 		clientType = auth.OpenIDClientNative
 	}
+	if c.Query("client_type") == "loopback" {
+		clientType = auth.OpenIDClientLoopback
+	}
 	db := db.Get(c.Request.Context())
 	if authURL, err := auth.OpenIDStart(db, provider, getInstanceURL(c.Request, "/api/v1/auth/oauth/redirect"), clientType); err != nil {
 		panic(err)
@@ -33,10 +36,13 @@ func handleOAuthRedirect(c *gin.Context) {
 		panic(err)
 	} else {
 		var clientURI url.URL
-		if clientType == auth.OpenIDClientWeb {
+		switch clientType {
+		case auth.OpenIDClientWeb:
 			clientURI = *c.Request.URL
 			clientURI.RawQuery = ""
-		} else {
+		case auth.OpenIDClientLoopback:
+			clientURI = url.URL{Scheme: "http", Host: "localhost:32448"}
+		case auth.OpenIDClientNative:
 			clientURI = url.URL{Scheme: "cloud.phylum.drive"}
 		}
 		clientURI.Path = "/login/token"
--- a/server/internal/auth/openid.go
+++ b/server/internal/auth/openid.go
@@ -22,6 +22,7 @@ const (
 	OpenIDClientNone OpenIDClientType = iota
 	OpenIDClientWeb
 	OpenIDClientNative
+	OpenIDClientLoopback
 )

 func OpenIDStart(db db.Handler, providerName, redirectURI string, clientType OpenIDClientType) (string, error) {