Peter Steinberger
8310c565e0
feat(onboarding): add provider sign-in ( #104502 )
...
* feat(onboarding): add provider sign-in flows
* fix(oauth): keep callback compatibility
* fix(onboarding): reconcile lost auth outcomes
* fix(onboarding): lock auth cancellation at commit
* fix(onboarding): close provider auth lifecycle gaps
* fix(onboarding): make terminal auth failures dismissable
* fix(onboarding): satisfy native app checks
* fix(onboarding): reconcile absent auth sessions
* fix(onboarding): bound provider auth sessions
* fix(onboarding): open provider auth links safely
* test(onboarding): use scanner-safe auth fixtures
* revert: keep established onboarding auth fixtures
* fix(onboarding): close provider auth cancellation gaps
* fix(gateway): retain uncollected wizard results
* fix(onboarding): bind provider reconciliation attempt
* fix(i18n): avoid guessing moved string identities
* style(onboarding): normalize remote auth choices efficiently
* fix(protocol): refresh optional provider auth choices
* test(gateway): cover provider auth dispatch order
* refactor(macos): split onboarding setup support
* fix(macos): refresh merged native checks
2026-07-11 13:00:17 -07:00
Alix-007
8f8aad9ae6
fix(minimax): add timeouts to OAuth HTTP requests ( #102862 )
...
* fix(minimax): add timeouts to OAuth HTTP requests
* fix(minimax): remove duplicate OAuth abort signals
* refactor(minimax): keep OAuth timeout internal
* test(minimax): make OAuth timeout proof deterministic
---------
Co-authored-by: llagy009 <0668001470@xydigit.com >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-07-10 22:02:34 -07:00
lsr911
4a96c06615
fix(minimax): bound OAuth JSON response via shared provider reader ( #96322 )
...
Use readProviderJsonResponse (shared 16 MiB default cap) instead of
unbounded response.json() for MiniMax OAuth authorization code endpoint.
Signed-off-by: lsr911 <liao.shirong@xydigit.com >
Co-authored-by: Claude <noreply@anthropic.com >
2026-07-01 01:54:42 -07:00
Vincent Koc
8aa58c5fb0
fix(minimax): bound oauth token bodies
2026-06-19 19:18:38 +02:00
Vincent Koc
e7e85f5436
fix(minimax): bound oauth error bodies
2026-06-19 19:18:38 +02:00
Peter Steinberger
96e5812426
docs: document medium extension sources
2026-06-04 21:33:54 -04:00
Matthew Schleder
6a96058f50
fix(minimax): use account oauth endpoints
...
Routes MiniMax OAuth device-code and token polling directly to account-hosted OAuth2 endpoints for global and CN regions, avoiding guarded-fetch cross-origin redirect body stripping. Keeps provider API base URLs unchanged and adds regression coverage for both endpoint pairs.
Proof: local minimax OAuth tests, oxfmt check, lint, autoreview clean, official MiniMax CLI/source check, live MiniMax endpoint probes, and CI run 26729242892 on 6bfe20eb06 .
Co-authored-by: Matt Schleder <schledermatthew@gmail.com >
2026-05-31 20:44:41 -04:00
Peter Steinberger
22cb7fb6b7
chore(lint): enable no-promise-executor-return
2026-05-31 23:06:13 +01:00
Peter Steinberger
7eeea30d8c
fix(minimax): clamp oauth poll interval
2026-05-31 01:37:45 -04:00
Peter Steinberger
a9cbec912e
fix(minimax): validate oauth authorization expiry
2026-05-30 05:23:53 -04:00
Vincent Koc
6d362dbe9a
fix(minimax): guard oauth token fetches ( #88088 )
2026-05-29 18:50:20 +01:00
Peter Steinberger
604a6b5452
fix(minimax): reject unsafe oauth expiry
2026-05-29 13:15:00 -04:00
NianJiu
d4e42d61c9
fix(minimax): normalize OAuth token expiry to absolute millisecond timestamp ( #83480 )
...
* fix(minimax): normalize OAuth token expiry to absolute millisecond timestamp
MiniMax returns expired_in from the token endpoint as a relative duration
in seconds (standard OAuth expires_in semantics), but the auth profile
store's hasUsableOAuthCredential() expects an absolute millisecond
timestamp. Without conversion the token appears perpetually expired,
triggering a slow OAuth refresh network call to api.minimaxi.com on
every request — the root cause of the 30-50s auth-stage delay.
Fixes #83449 .
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
* fix(minimax): cover oauth expiry normalization
* fix: polish minimax oauth expiry normalization (#83480 ) (thanks @NianJiuZst)
* fix: update minimax raw fetch allowlist (#83480 )
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com >
Co-authored-by: Peter Steinberger <steipete@gmail.com >
2026-05-24 05:21:22 +01:00
Peter Steinberger
c1f31f3870
refactor: trim provider helper exports
2026-05-01 16:25:10 +01:00
Peter Steinberger
ce2444403e
refactor: trim provider oauth runtime seams
2026-03-28 02:08:29 +00:00
wangchunyue
4e849ac127
fix: ensure env proxy dispatcher before MiniMax and OpenAI Codex OAuth flows (openclaw#52228)
...
Verified:
- pnpm install --frozen-lockfile
- NPM_CONFIG_CACHE=/tmp/openclaw-npm-cache-52228 pnpm build
- pnpm check
- pnpm test:macmini (failed on inherited pre-existing plugin contract test: src/plugins/contracts/registry.contract.test.ts missing deepseek in bundled provider contract registry outside this PR surface)
Co-authored-by: openperf <80630709+openperf@users.noreply.github.com >
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com >
2026-03-23 09:26:34 -05:00
Peter Steinberger
62ddc9d9e0
refactor: consolidate plugin sdk surface
2026-03-20 19:24:10 +00:00
Peter Steinberger
f6948ce405
refactor: shrink sdk helper surfaces
2026-03-20 15:43:14 +00:00
Vincent Koc
9a9db87952
fix(release): isolate config doc surfaces and sdk exports
2026-03-18 17:14:15 -07:00
Peter Steinberger
46f49eb6eb
refactor: shrink plugin sdk public surface
2026-03-18 23:31:08 +00:00
Peter Steinberger
47a9c1a893
refactor: merge minimax bundled plugins
2026-03-16 02:26:45 +00:00