vibeApiOauth
Flow:
- User clicks Connect button
- Extension opens portal.vibebrowser.app/auth via chrome.identity.launchWebAuthFlow()
- User authenticates (Google or email magic link)
- Portal generates auth code and redirects back to extension
- Extension exchanges code + code_verifier for API key
- Connection complete - popup closes automatically
Files Changed:
| File | Change |
|---|---|
| oauth.ts | Added Vibe config with PKCE (like OpenRouter) |
| vibeAuth.ts | Simplified to ~130 lines, uses OAuth flow |
| user-portal/server.js | Added /api/auth/code and /api/auth/token endpoints |
| user-portal/public/auth.html | Auth page handles callback_url, code_challenge, state |
| SettingsPage.tsx | Default model vibe:gpt-5-mini, clean error handling |
Architecture:
Extension Portal Backend
| | |
|--launchWebAuthFlow------->| |
| (callback_url, challenge)| |
| |--Supabase Auth----------->|
| |<--Session-----------------|
| |--POST /api/auth/code----->|
| |<--{ code }----------------|
|<--redirect?code=xxx-------| |
|--POST /api/auth/token---->|-------------------------->|
| (code, code_verifier) | |
|<--{ key: "sk-..." }-------|<--------------------------|
| | |
YO