Skip to content

fix: harden OpenCode Anthropic OAuth refresh#250

Merged
chubes4 merged 1 commit into
mainfrom
fix/opencode-anthropic-refresh-hardening
Jul 3, 2026
Merged

fix: harden OpenCode Anthropic OAuth refresh#250
chubes4 merged 1 commit into
mainfrom
fix/opencode-anthropic-refresh-hardening

Conversation

@chubes4

@chubes4 chubes4 commented Jul 3, 2026

Copy link
Copy Markdown
Member

Summary

  • serialize Anthropic OAuth refreshes with a shared lock
  • re-read OpenCode auth after lock acquisition so losing workers reuse a freshly rotated token
  • retry remembered OAuth accounts on invalid refresh-token failures and report redacted diagnostics

Testing

  • tests/opencode-claude-auth-refresh-hardening.sh
  • tests/opencode-local-plugin-path.sh
  • bun build runtimes/opencode/plugins/claude-code-auth.ts --outfile /var/folders/lr/c_cmmt7s0592m4njz99v5yb40000gn/T/opencode/claude-code-auth-check.js --target=node

AI assistance

  • AI assistance: Yes
  • Tool(s): gpt-5.5 via OpenCode
  • Used for: Diagnosed the OpenCode Anthropic OAuth refresh-token race, implemented the plugin hardening, and added focused regression coverage.

@chubes4 chubes4 merged commit abf6340 into main Jul 3, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant