Skip to content

Windows: add console OAuth fallback when local server ports are blocked #515

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Foadsf wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Windows: add console OAuth fallback when local server ports are blocked #515

Foadsf wants to merge 3 commits into from
+155 −49

Conversation

@Foadsf
Copy link

@Foadsf Foadsf commented Oct 8, 2025

On Windows systems where ports 8080–8099 are blocked (e.g. by firewall, AV, or Docker Desktop), GYB’s OAuth flow fails with WinError 10013 because _wait_for_http_client cannot bind a local HTTP listener. This prevents any authentication from succeeding.

This patch implements a robust fallback:

  • _wait_for_http_client:

    • Wrapped in try/except, signals d['error'] = 'local_server_failed' instead of crashing when no port can be bound.
    • Leaves the original local server flow unchanged when ports are free.

  • ShortURLFlow:

    • Added __init__ to capture and persist OAuth scopes in self._gyb_scopes.
    • Enhanced run_dual to detect local_server_failed and transparently switch to a manual console flow:
      • Generates an authorization URL with http://localhost redirect.
      • Opens browser if possible. - Prompts user to paste either the full redirect URL or just the code value. - Exchanges the code with self.fetch_token() and returns credentials.

Key design decisions:

  • Reuse the existing flow object (self) to maintain state consistency.
  • Avoid passing redirect_uri again to fetch_token() to prevent conflicts.
  • Accept both full redirect URLs and raw codes for user convenience.
  • Added docstrings and commented debug logging for future diagnosis.

This resolves authentication failures on Windows while preserving backward compatibility on platforms where the local server works.

Fixes: #370

Tested:

  • --action estimate, --action count, and --action print-labels complete successfully with cached oauth2.txt after console flow.

Foadsf added 2 commits October 9, 2025 00:03
@Foadsf
Windows: add console OAuth fallback when local server ports are blocked
cd399e4 
On Windows systems where ports 8080–8099 are blocked (e.g. by firewall,
AV, or Docker Desktop), GYB’s OAuth flow fails with WinError 10013
because `_wait_for_http_client` cannot bind a local HTTP listener.
This prevents any authentication from succeeding.

This patch implements a robust fallback:

* `_wait_for_http_client`:
  - Wrapped in try/except, signals `d['error'] = 'local_server_failed'`
    instead of crashing when no port can be bound.
  - Leaves the original local server flow unchanged when ports are free.

* `ShortURLFlow`:
  - Added `__init__` to capture and persist OAuth scopes in
    `self._gyb_scopes`.
  - Enhanced `run_dual` to detect `local_server_failed` and
    transparently switch to a manual console flow:
      - Generates an authorization URL with `http://localhost` redirect.
      - Opens browser if possible.
      - Prompts user to paste either the full redirect URL or just the
        `code` value.
      - Exchanges the code with `self.fetch_token()` and returns
        credentials.

Key design decisions:
- Reuse the existing flow object (`self`) to maintain state consistency.
- Avoid passing `redirect_uri` again to `fetch_token()` to prevent
  conflicts.
- Accept both full redirect URLs and raw codes for user convenience.
- Added docstrings and commented debug logging for future diagnosis.

This resolves authentication failures on Windows while preserving
backward compatibility on platforms where the local server works.

Fixes: GAM-team#370

Tested:
- `--action estimate`, `--action count`, and `--action print-labels`
  complete successfully with cached `oauth2.txt` after console flow.
@Foadsf
Fix UnboundLocalError: remove shadowed urllib imports in ShortURLFlow
782b77b
@Foadsf
Copy link
Author

Foadsf commented Dec 15, 2025

Pushed a fix for the UnboundLocalError caused by local variable shadowing of urlparse. Verified working on Windows.

@Foadsf
Copy link
Author

Foadsf commented Dec 15, 2025

Updated PR with fix for httplib2 certificate environment variable in Miniconda setups

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Running gyb-setup.bat error: UnboundLocalError: local variable 'local_server' referenced before assignment

1 participant

@Foadsf