Weekly updates (#746)

YaroSpace · web-flow · commit f3324651b4ca · 2025-11-11T08:57:47.000+03:00
* fix(grpc): repeating flags
* fix(parser): do not error on empty request
* debug(oauth): add logging to TCP server
* fix(oauth): allow Redirect URL `/(.*)?`
* feat(oauth): add `Browser cmd` to Auth config opts
diff --git a/.gitignore b/.gitignore
@@ -14,11 +14,15 @@ http-client.env.json
 !/docs/**/*.json
 
 /http-examples
+lua/tree-sitter/testing
+
 *.http
 !/docs/**/*.http
 !/tests/**/*.http
 !/tests/functional/requests/*.http
 
+
+.luarc.json
 selene.toml
 neovim.yml
 .todo.md
diff --git a/NEWS.md b/NEWS.md
@@ -11,6 +11,8 @@
 ### Enhancement: include cookies with GRAPQL schema requests
 ### Enhancement: add `--sub` option to Kulala CLI to provide variable substitutions
 ### Enhancement: add `split_params` option for formatter [Configuration](getting-started/configuration-options.mdx)
+### Enhancement: improve grammar and syntax highlighting for query and form params and values, multipart form data
+### Feature: add Electron browser and `Browser CMD` param to `Auth Config` for Oauth2 auth code flow [Authentication](usage/authentication.md)
 
 ## Version 5.3.3
 
diff --git a/docs/docs/usage/authentication.md b/docs/docs/usage/authentication.md
@@ -257,11 +257,15 @@ Authorization: Bearer {{$auth.token("auth-id")}}
 Accept: application/json
 ```
 
-Execute the request. Before accessing the protected resource, Kulala will open your default browser and send a request to the authorization server to obtain an access token.
+Execute the request. Before accessing the protected resource, Kulala will open your default browser (or whatever is specified in `Browser CMD`) and send a request to the authorization server to obtain an access token.
 
 When prompted, complete the authentication process. The browser will be redirected to the provided `Redirect URL`.
 
-Kulala will intercept this redirect and extract the authorization details from the URL, if the provided Redirect URL is `localhost` or `127.0.0.1`. Otherwise, you need to manually copy the code from the redirect URL and paste it into Kulala prompt.
+If the provided `Redirect URL` is `localhost` or `127.0.0.1` or `Browser CMD` is specified, Kulala will start a HTTP server on `localhost`, listening on port specified in `Redirect URL` (or `80`). 
+
+The HTTP server will then intercept this redirect and extract the authorization details from the URL.
+
+Otherwise, you need to copy the code from the redirect URL and paste it into Kulala prompt manually.
 
 For Grant Type `Device Authorization`, the code will be copied into clipboard, to be pasted into consent form.
 
@@ -504,6 +508,24 @@ The user's password sent as part of authorization, used with the Password grant
 
 Specify custom request parameters
 
+#### Browser CMD
+
+Specify a shell command to open a browser/app to intercept `Redirect URL`. Accepts `Auth URL` and `Redirect URL` as postional arguments.  By default opens the system default browser.
+
+##### Example:
+
+In `lua/kulala/browser` you will find a working example of a custom Electron-based browser, that will open `Auth URL`, intercept `Redirect URL` (which does not have to point to localhost) and redirect the callback request to Kulala local HTTP server.  To install Electron - `npm install -g electron`.
+
+Add to your Authentication configuration:
+
+```json
+{
+ "Browser CMD": "browser.js http://localhost:8080/callback" (optional),
+}
+```
+
+The browser script takes 2 arguments: the first is the `Auth URL` (passed by Kulala) and the second is the `Redirect URL` to which the intercepted request will be redirected.  Both arguments are passed by Kulala, but if your `Redirect URL` does not point to localhost, you have to specify it manually in `Browser CMD`.
+
 ## AWS Signature V4
 
 Amazon Web Services (AWS) Signature version 4 is a
diff --git a/lua/kulala/browser/browser.js b/lua/kulala/browser/browser.js
@@ -0,0 +1,81 @@
+#!/usr/bin/env electron
+
+import { app, BrowserWindow } from "electron";
+
+const args = process.argv.slice(2);
+
+// Parse named arguments (--key=value) and positional arguments
+const argv = args.reduce((acc, arg, index) => {
+  const i = arg.indexOf("=");
+  if (arg.startsWith("--")) {
+    const key = i == -1 ? arg : arg.slice(0, i);
+    const value = i == -1 ? true : arg.slice(i + 1);
+    const cleanKey = key.slice(2);
+    acc[cleanKey] = value;
+  } else if (index === 0 && !acc.authorizeUrl) {
+    acc.authorizeUrl = arg;
+  } else if (index === 1 && !acc.callbackUrl) {
+    acc.callbackUrl = arg;
+  }
+  return acc;
+}, {});
+
+async function createWindow() {
+  const authorizeUrl = argv.authorizeUrl;
+  const callbackUrl = argv.callbackUrl || "http://localhost:80";
+  const resetCookies = argv.resetCookies;
+  const url = new URL(authorizeUrl);
+  const redirectUrl = url.searchParams.get("redirect_uri");
+
+  const mainWindow = new BrowserWindow({
+    width: 900,
+    height: 720,
+  });
+
+  if (resetCookies) {
+    await mainWindow.webContents.session.clearStorageData({
+      storages: ["cookies"],
+    });
+  }
+
+  mainWindow.webContents.on("will-redirect", (event, url) => {
+    if (url.startsWith(redirectUrl)) {
+      event.preventDefault();
+      const interceptedUrl = new URL(url);
+      const newCallbackUrl = new URL(callbackUrl);
+      interceptedUrl.searchParams.forEach((value, key) => {
+        newCallbackUrl.searchParams.append(key, value);
+      });
+      mainWindow.loadURL(newCallbackUrl.toString());
+    }
+  });
+
+  mainWindow.webContents.on("did-finish-load", async () => {
+    try {
+      const content = await mainWindow.webContents.executeJavaScript(
+        "document.body.innerText",
+      );
+      if (content && content.includes("Code/Token received")) {
+        setTimeout(() => {
+          mainWindow.close();
+        }, 1000);
+      }
+    } catch (error) {
+      // Ignore errors from reading page content
+    }
+  });
+
+  mainWindow.loadURL(authorizeUrl);
+}
+
+app.whenReady().then(createWindow);
+
+app.on("window-all-closed", () => {
+  app.quit();
+});
+
+app.on("activate", () => {
+  if (BrowserWindow.getAllWindows().length === 0) {
+    createWindow();
+  }
+});
diff --git a/lua/kulala/browser/package.json b/lua/kulala/browser/package.json
@@ -0,0 +1,3 @@
+{
+  "type": "module"
+}
diff --git a/lua/kulala/cmd/oauth.lua b/lua/kulala/cmd/oauth.lua
@@ -4,6 +4,7 @@ local Crypto = require("kulala.cmd.crypto")
 local DB = require("kulala.db")
 local Env = require("kulala.parser.env")
 local Float = require("kulala.ui.float")
+local Fs = require("kulala.utils.fs")
 local Inlay = require("kulala.inlay")
 local Json = require("kulala.utils.json")
 local Logger = require("kulala.logger")
@@ -15,9 +16,12 @@ local M = {}
 
 local request_timeout = 30000 -- 30 seconds
 local request_interval = 5000 -- 5 seconds
+local tcp_server
 local co, exit
 
 local function get_curl_flags()
+  if not DB.current_request then return {} end
+
   local RequestParser = require("kulala.parser.request")
   local request = vim.deepcopy(DB.current_request)
 
@@ -322,7 +326,7 @@ M.receive_code = function(config_id)
   local config = get_auth_config(config_id)
   local url = config["Redirect URL"]
 
-  if not url:find("localhost") and not url:find("127.0.0.1") then
+  if not (url:find("localhost") or url:find("127.0.0.1") or config["Browser CMD"]) then
     local code = vim.uri_decode(vim.fn.input("Enter the Auth code/token: "))
 
     update_auth_data(config_id, {
@@ -335,7 +339,7 @@ M.receive_code = function(config_id)
 
   local port = url:match(":(%d+)") or 80
 
-  local server = Tcp.server("127.0.0.1", port, function(request)
+  tcp_server = Tcp.server("127.0.0.1", port, function(request)
     local params = parse_params(request) or {}
 
     if params.code or params.access_token then
@@ -350,12 +354,15 @@ M.receive_code = function(config_id)
     end
   end)
 
-  if not server then return end
+  if not tcp_server then return end
 
   Logger.info("Waiting for authorization code/token")
 
   local _, result = Async.co_yield(co, request_timeout)
-  if not result then return Logger.error("Timeout waiting for authorization code/token for: " .. config_id) end
+  if not result or result == "timeout" then
+    _ = tcp_server and tcp_server:stop()
+    return Logger.error("Timeout waiting for authorization code/token for: " .. config_id)
+  end
 
   return result
 end
@@ -438,6 +445,30 @@ M.acquire_client_credentials = function(config_id)
   return config.auth_data.access_token
 end
 
+local function launch_browser(cmd, auth_url, redirect_url)
+  local status, error
+  local browser_cmd = {}
+
+  cmd = cmd or ""
+
+  if cmd == "" then
+    browser_cmd = { "system default browser" }
+    status, error = vim.ui.open(auth_url)
+  else
+    cmd = vim.split(cmd, " ")
+    browser_cmd = { Fs.get_file_path(cmd[1]), auth_url, redirect_url or "http://localhost:80" }
+
+    Logger.info("Launching browser with command: " .. vim.inspect(browser_cmd))
+    status, error = Shell.run(browser_cmd, { err_msg = "Error launching browser" })
+  end
+
+  if not status then
+    return Logger.error("Failed to open browser: " .. vim.inspect(browser_cmd) .. " " .. (error or ""))
+  end
+
+  return true
+end
+
 ---Grant Type "Authorization Code" or "Implicit"
 ---Acquire an auth code for the given config_id
 M.acquire_auth = function(config_id)
@@ -465,8 +496,7 @@ M.acquire_auth = function(config_id)
   Logger.info("Acquiring code for config: " .. config_id)
   Logger.debug("Auth URL: " .. uri)
 
-  local browser, status = vim.ui.open(uri)
-  if not browser then return Logger.error("Failed to open browser: " .. status) end
+  if not launch_browser(config["Browser CMD"], uri, config["Redirect URL"]) then return end
 
   local code = M.receive_code(config_id)
   if not code then return Logger.error("Failed to acquire code for config: " .. config_id) end
@@ -607,6 +637,7 @@ local function run_auth_async(config_id, fn)
       Logger.info("Cancelling token acquisition for config: " .. config_id)
 
       Async.co_resume(co)
+      tcp_server = tcp_server and tcp_server:stop()
       exit = true
 
       vim.keymap.del("n", "<C-c>", { buffer = buf })
diff --git a/lua/kulala/cmd/tcp.lua b/lua/kulala/cmd/tcp.lua
@@ -30,44 +30,52 @@ M.server = {
     port = tonumber(port) or 80
 
     local server = vim.uv.new_tcp() or {}
-    local status = server:bind(host, port)
-    if not status then Logger.warn("Failed to start TCP server: on " .. host .. ":" .. port) end
+    local status, err = server:bind(host, port)
 
-    status = server:listen(128, function(err)
-      if err then return Logger.error("Failed to process request: " .. err) end
+    if not status then
+      return Logger.warn(("TCP server: failed to bind on %s:%s (%s)"):format(host, port, err or ""))
+    end
+
+    status, err = server:listen(128, function(err)
+      if err then return Logger.error("TCP server: failed to accept connection: " .. err) end
 
       local client = vim.uv.new_tcp() or {}
       server:accept(client)
 
       client:read_start(function(err, chunk)
-        if err then return Logger.error("Failed to read server response: " .. err) end
-        ---@diagnostic disable-next-line: redundant-return-value
+        if err then return Logger.error("TCP server: failed to process request: " .. err) end
         if not chunk then return self:stop(client) end
 
         local response = ""
         local result
 
         if chunk:match("GET / HTTP") then
           response = redirect_script()
-        elseif chunk:match("GET /%?") then
-          result = on_request(chunk:match("GET /%?(.+) HTTP"))
+        elseif chunk:match("GET /[^%?]*%?(.+)") then
+          result = on_request(chunk:match("GET /[^%?]*%?(.+) HTTP"))
           response = result or "OK"
         end
 
-        client:write("HTTP/1.1 200 OKn\r\n\r\n" .. response .. "\n")
+        client:write("HTTP/1.1 200 OK\r\n\r\n" .. response .. "\n")
         self:stop(client)
 
         if result then self:stop(server) end
       end)
     end)
 
-    if not status then return Logger.error("Failed to start TCP server on " .. host .. ":" .. port) end
+    if not status then
+      return Logger.warn(("TCP server failed to listen on %s:%s (%s)"):format(host, port, err or ""))
+    end
 
-    local socket = server:getsockname() or {}
-    Logger.info("Server listening for code/token on " .. host .. ":" .. socket.port)
+    local socket = server:getsockname()
+    if socket then
+      Logger.info("Server listening for code/token on " .. socket.ip .. ":" .. socket.port)
+    else
+      return Logger.warn(("TCP server failed to get socket on %s:%s"):format(host, port))
+    end
 
-    vim.uv.run()
     self.server = server
+    -- vim.uv.run() -- not needed, libuv loop is already running in Neovim
 
     return self
   end,
diff --git a/lua/kulala/db/init.lua b/lua/kulala/db/init.lua
@@ -66,13 +66,13 @@ M.current_request = nil
 ---@return number
 M.get_current_buffer = function()
   local buf = M.current_buffer
-  return vim.fn.bufexists(buf) > 0 and buf or M.set_current_buffer()
+  return vim.api.nvim_buf_is_valid(buf or -1) and buf or M.set_current_buffer()
 end
 
 ---Sets DB.current_buffer to provided buffer_id or to current buffer
 ---@param id number|nil
 M.set_current_buffer = function(id)
-  M.current_buffer = id and id or vim.fn.bufnr()
+  M.current_buffer = id and id or vim.api.nvim_get_current_buf()
   return M.current_buffer
 end
 
diff --git a/lua/kulala/logger/bug_report.lua b/lua/kulala/logger/bug_report.lua
@@ -1,4 +1,5 @@
 local Config = require("kulala.config")
+local Db = require("kulala.db")
 local Float = require("kulala.ui.float")
 local Health = require("kulala.health")
 local Json = require("kulala.utils.json")
@@ -23,6 +24,10 @@ local template = [[
 
 *Steps to reproduce the behavior*
 
+## Request 
+
+%s
+
 ## Error 
 
 ```lua
@@ -95,13 +100,25 @@ M.create_issue = function(title, body, labels, type)
   return true
 end
 
+local function get_current_request()
+  local request, buf = Db.current_request, Db.current_buffer
+  if not request or not buf then return end
+
+  local status, result = pcall(function()
+    return vim.fn.join(vim.api.nvim_buf_get_lines(buf, request.start_line - 2, request.end_line, false), "\n")
+  end)
+
+  return status and "```http\n" .. result .. "\n```" or ""
+end
+
 M.generate_bug_report = function(error)
   error = error or ""
 
   local title = vim.split(error, "\n")[1]
+  local request = get_current_request()
   local health = get_health()
   local user_config = vim.inspect(Config.user_config)
-  local report = vim.split(template:format(title, error, health, user_config), "\n")
+  local report = vim.split(template:format(title, request, error, health, user_config), "\n")
 
   local width = math.floor(vim.o.columns * 0.6)
   local height = math.floor(vim.o.lines * 0.6)
diff --git a/lua/kulala/parser/document.lua b/lua/kulala/parser/document.lua
@@ -632,6 +632,8 @@ M.get_request_at = function(requests, linenr)
     if linenr == 0 then return expand_nested_requests(requests) end
 
     local request = requests[1]
+    if not request then return {} end
+
     local shared = request.shared
     if not request.name:match("^Shared") and is_runnable(shared) then table.insert(requests, 1, shared) end
 
diff --git a/lua/kulala/parser/request.lua b/lua/kulala/parser/request.lua
diff --git a/lua/kulala/utils/async.lua b/lua/kulala/utils/async.lua
diff --git a/tests/functional/bug_report_spec.lua b/tests/functional/bug_report_spec.lua
