[BUG] Auth flow crashes when xdg-open is not installed in headless environments #83
Description
Bug Description
The OAuth authentication flow crashes with an unhandled exception when xdg-open is not installed. This commonly occurs in headless environments like Docker containers, WSL, CI runners, and remote servers.
The code intends to fail silently (comment says // Silently fail - user can manually open the URL from instructions), but Bun's spawn() throws synchronously before the try-catch can handle it.
Steps to Reproduce
- Use a Linux environment without
xdg-openinstalled (common in Docker containers) - Run
opencode auth login - Select OpenAI provider
- Select "ChatGPT Plus/Pro (Codex Subscription)"
Expected Behavior
The auth flow should print the OAuth URL for manual opening, wait for the callback, and complete successfully when the user authenticates in their browser (as the code comments suggest).
Actual Behavior
The auth flow crashes immediately with an unhandled exception:
◇ Login method
│ ChatGPT Plus/Pro (Codex Subscription)
│
● Go to: https://auth.openai.com/oauth/authorize?response_type=code&client_id=app_EMoamEEZ73f0CkXaXp7hrann&redirect_uri=http%3A%2F%2Flocalhost%3A1455%2Fauth%2Fcallback&scope=openid+profile+email+offline_access&code_challenge=REDACTED&code_challenge_method=S256&state=REDACTED&id_token_add_organizations=true&codex_cli_simplified_flow=true&originator=codex_cli_rs
│
● A browser window should open. Complete login to finish.
│
▲ Something went wrong
ERROR 2025-12-28T04:57:05 +3585ms service=default e=Executable not found in $PATH: "xdg-open" exception
■ Failed to authorize
│
└ Done
Because the auth flow crashes, the local callback server is terminated. Even if the user manually opens the URL and completes the OAuth login in their browser, the callback to localhost:1455 fails because the server is no longer running. Running opencode auth list confirms OpenAI is not added as a provider.
Workaround
Install xdg-utils to prevent the crash:
# Ubuntu/Debian
sudo apt-get install xdg-utils
# Then run auth again
opencode auth loginAfter installing, xdg-open will exist (preventing the crash) and the callback server stays running. In headless environments, xdg-open still won't open a browser, but users can:
- Copy the printed URL (starting with
https://auth.openai.com/oauth/authorize?...) - Open it manually in a browser on their local machine
- Complete the OAuth login
- The callback will redirect to
localhost:1455which the auth server catches
Environment
- opencode version: 1.0.204
- Plugin version: Latest from main branch
- Operating System: Linux (Ubuntu 24.04 in Docker container)
- Node.js version: Bun 1.3.5
Logs
The error is visible in the console output above. The root cause is in lib/auth/browser.ts - the openBrowserUrl function attempts to spawn xdg-open without first checking if the command exists.
Compliance Checklist
Please confirm:
- I'm using this plugin for personal development only
- I have an active ChatGPT Plus/Pro subscription
- This issue is not related to attempting commercial use or TOS violations
- I've reviewed the FAQ and Troubleshooting sections
Additional Context
A fix has been submitted in PR #84 that adds a commandExists() check before attempting to spawn the browser opener, allowing the auth flow to continue gracefully without requiring xdg-utils to be installed.