feat(accounts): add refreshable browser OAuth link#316
feat(accounts): add refreshable browser OAuth link#316mhughdo wants to merge 4 commits intoSoju06:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR improves the Accounts OAuth dialog’s browser (PKCE) flow by adding an in-dialog “refresh link” action so operators can mint a new single-use authorization URL without restarting the flow, and documents the behavior as an OpenSpec change.
Changes:
- Add a “Refresh link” action to the browser PKCE stage that re-triggers the existing browser OAuth start flow.
- Update cursor affordances for interactive controls in the OAuth dialog.
- Add a frontend test covering the refresh action and add OpenSpec change documentation.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| openspec/changes/refresh-browser-oauth-link/tasks.md | Adds a checklist for the spec/implementation/validation work for this change. |
| openspec/changes/refresh-browser-oauth-link/specs/frontend-architecture/spec.md | Documents the new “Browser OAuth link refresh” scenario in frontend architecture requirements. |
| openspec/changes/refresh-browser-oauth-link/proposal.md | Describes motivation, implementation approach, and impact of the refresh behavior. |
| frontend/src/features/accounts/components/oauth-dialog.tsx | Implements the refresh control and updates cursor styling for relevant UI controls. |
| frontend/src/features/accounts/components/oauth-dialog.test.tsx | Adds a test to verify the refresh action triggers a browser OAuth restart. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
mhughdo
changed the title
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 43a6270588
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Summary
Why
Browser PKCE authorization links are single-use. Without an in-dialog refresh action, signing in multiple accounts in sequence required backing out and restarting the flow.
Validation
bun run test src/features/accounts/components/oauth-dialog.test.tsxbun run lint src/features/accounts/components/oauth-dialog.tsx src/features/accounts/components/oauth-dialog.test.tsxopenspec validate --specs