Summary
The local CLI authentication HTTP server calls server.handle_request() only once. If the browser makes a request (like requesting /favicon.ico or sending a preflight request) before the token callback request is received, the server exits and the login fails.
Steps to Reproduce
- Run
clutch login.
- Wait for the browser to open and authorize.
- If the browser requests
/favicon.ico or any background resource before the token callback, observe the CLI exiting with "Login failed — no token received".
Expected vs Actual
- Expected: The CLI server listens and handles requests until the token callback is successfully received.
- Actual: The CLI server terminates after processing the first request, even if it is not the authentication callback.
Screenshot
No screenshot available (CLI state/login logic bug).
Suggested Fix
Wrap server.handle_request() in a loop inside cli/clutch_cli/authentication/login.py that continues until _captured_token contains the token value.
Summary
The local CLI authentication HTTP server calls
server.handle_request()only once. If the browser makes a request (like requesting/favicon.icoor sending a preflight request) before the token callback request is received, the server exits and the login fails.Steps to Reproduce
clutch login./favicon.icoor any background resource before the token callback, observe the CLI exiting with "Login failed — no token received".Expected vs Actual
Screenshot
No screenshot available (CLI state/login logic bug).
Suggested Fix
Wrap
server.handle_request()in a loop insidecli/clutch_cli/authentication/login.pythat continues until_captured_tokencontains the token value.