fix(kiro): add --no-incognito option for normal browser auth

Kiro OAuth always opens in incognito browser mode, which doesn't save
login credentials. Users need to re-enter email each authentication.

Changes:
- Add noIncognito option to OAuthOptions interface
- Add kiro_no_incognito config option to CLIProxyConfig
- Pass --no-incognito flag to CLIProxyAPI binary when enabled
- Support both CLI flag (--no-incognito) and config.yaml setting

Usage:
- CLI: ccs kiro --auth --no-incognito
- Config: cliproxy.kiro_no_incognito: true in config.yaml
This commit is contained in:
kaitranntt
2025-12-24 05:02:33 -05:00
parent a1e93eb940
commit 13e4baca22
4 changed files with 16 additions and 1 deletions
+2
View File
@@ -171,4 +171,6 @@ export interface OAuthOptions {
nickname?: string;
/** If true, triggered from Web UI (enables project selection prompt) */
fromUI?: boolean;
/** If true, use --no-incognito flag (Kiro only - use normal browser instead of incognito) */
noIncognito?: boolean;
}
+5 -1
View File
@@ -126,7 +126,7 @@ export async function triggerOAuth(
options: OAuthOptions = {}
): Promise<AccountInfo | null> {
const oauthConfig = getOAuthConfig(provider);
const { verbose = false, add = false, nickname, fromUI = false } = options;
const { verbose = false, add = false, nickname, fromUI = false, noIncognito = false } = options;
const callbackPort = OAUTH_PORTS[provider];
const isCLI = !fromUI;
const headless = options.headless ?? isHeadlessEnvironment();
@@ -175,6 +175,10 @@ export async function triggerOAuth(
if (headless) {
args.push('--no-browser');
}
// Kiro-specific: --no-incognito to use normal browser (saves login credentials)
if (provider === 'kiro' && noIncognito) {
args.push('--no-incognito');
}
// Show step based on flow type
if (isDeviceCodeFlow) {
+7
View File
@@ -250,6 +250,11 @@ export async function execClaudeWithCLIProxy(
const forceConfig = argsWithoutProxy.includes('--config');
const addAccount = argsWithoutProxy.includes('--add');
const showAccounts = argsWithoutProxy.includes('--accounts');
// Kiro-specific: --no-incognito to use normal browser (saves login credentials)
const noIncognitoFlag = argsWithoutProxy.includes('--no-incognito');
// Also check config.yaml for kiro_no_incognito setting
const kiroNoIncognitoConfig = provider === 'kiro' && unifiedConfig.cliproxy?.kiro_no_incognito;
const noIncognito = noIncognitoFlag || kiroNoIncognitoConfig;
// Parse --use <account> flag
let useAccount: string | undefined;
@@ -364,6 +369,7 @@ export async function execClaudeWithCLIProxy(
add: addAccount,
...(forceHeadless ? { headless: true } : {}),
...(setNickname ? { nickname: setNickname } : {}),
...(noIncognito ? { noIncognito: true } : {}),
});
if (!authSuccess) {
throw new Error(`Authentication required for ${providerConfig.displayName}`);
@@ -591,6 +597,7 @@ export async function execClaudeWithCLIProxy(
'--accounts',
'--use',
'--nickname',
'--no-incognito',
// Proxy flags are handled by resolveProxyConfig, but list for documentation
...PROXY_CLI_FLAGS,
];
+2
View File
@@ -89,6 +89,8 @@ export interface CLIProxyConfig {
variants: Record<string, CLIProxyVariantConfig>;
/** Logging configuration (disabled by default) */
logging?: CLIProxyLoggingConfig;
/** Kiro: disable incognito browser mode (use normal browser to save credentials) */
kiro_no_incognito?: boolean;
}
/**