Improve login experience

Author: EhabY

src/commands.ts

@@ -88,7 +88,8 @@ export class Commands {
 		this.logger.info("Using deployment label", label);
 
 		const result = await this.loginCoordinator.promptForLogin({
-			deployment: { url, label },
+			label,
+			url,
 			autoLogin: args?.autoLogin,
 			oauthSessionManager: this.oauthSessionManager,
 		});

src/core/container.ts

@@ -44,6 +44,7 @@ export class ServiceContainer implements vscode.Disposable {
 		this.contextManager = new ContextManager();
 		this.loginCoordinator = new LoginCoordinator(
 			this.secretsManager,
+			this.mementoManager,
 			this.vscodeProposed,
 			this.logger,
 		);

src/extension.ts

@@ -385,7 +385,7 @@ export async function activate(ctx: vscode.ExtensionContext): Promise<void> {
 			switch (state) {
 				case AuthAction.LOGIN: {
 					const url = mementoManager.getUrl();
-					// Should login the user directly if the URL+Token are valid
+					// Should login the user directly if the URL and the stored token are valid
 					await commands.login({ url });
 
 					// Re-register auth listener for the new deployment
@@ -432,6 +432,7 @@ export async function activate(ctx: vscode.ExtensionContext): Promise<void> {
 				// workspaces belonging to this deployment.
 				client.setHost(details.url);
 				client.setSessionToken(details.token);
+				mementoManager.setUrl(details.url);
 				await oauthSessionManager.setDeployment({
 					label: details.label,
 					url: details.url,
@@ -539,11 +540,10 @@ async function migrateAuthStorage(
 		// Get deployment URL from memento
 		const url = mementoManager.getUrl();
 		if (!url) {
-			output.info("No URL configured, skipping migration");
+			output.debug("No URL configured, skipping migration");
 			return;
 		}
 
-		// Perform migration using SecretsManager method
 		const label = toSafeHost(url);
 		const migrated = await secretsManager.migrateFromLegacyStorage(url, label);
 
@@ -556,7 +556,6 @@ async function migrateAuthStorage(
 		output.error(
 			`Auth storage migration failed: ${error}. You may need to log in again.`,
 		);
-		// Don't throw - allow extension to continue
 	}
 }
 

src/login/loginCoordinator.ts

@@ -1,31 +1,30 @@
 import { getErrorMessage } from "coder/site/src/api/errors";
 import * as vscode from "vscode";
 
-import { type Deployment } from "src/core/deployment";
-
 import { CoderApi } from "../api/coderApi";
 import { needToken } from "../api/utils";
+import { type Deployment } from "../core/deployment";
+import { type MementoManager } from "../core/mementoManager";
 import { type SecretsManager } from "../core/secretsManager";
 import { CertificateError } from "../error";
 import { type Logger } from "../logging/logger";
-import { maybeAskAuthMethod } from "../promptUtils";
+import { maybeAskAuthMethod, maybeAskUrl } from "../promptUtils";
 
 import type { User } from "coder/site/src/api/typesGenerated";
 
 import type { OAuthSessionManager } from "../oauth/sessionManager";
 
-export interface LoginResult {
+interface LoginResult {
 	success: boolean;
 	user?: User;
 	token?: string;
 }
 
-export interface LoginOptions {
-	deployment: Deployment;
+interface LoginOptions {
+	label: string;
+	url: string | undefined;
 	oauthSessionManager: OAuthSessionManager;
 	autoLogin?: boolean;
-	message?: string;
-	detailPrefix?: string;
 }
 
 /**
@@ -36,6 +35,7 @@ export class LoginCoordinator {
 
 	constructor(
 		private readonly secretsManager: SecretsManager,
+		private readonly mementoManager: MementoManager,
 		private readonly vscodeProposed: typeof vscode,
 		private readonly logger: Logger,
 	) {}
@@ -44,12 +44,12 @@ export class LoginCoordinator {
 	 * Direct login - for user-initiated login via commands.
 	 */
 	public async promptForLogin(
-		options: Omit<LoginOptions, "message" | "detailPrefix">,
+		options: LoginOptions & { url: string },
 	): Promise<LoginResult> {
-		const { deployment, oauthSessionManager } = options;
-		return this.executeWithGuard(options.deployment.label, async () => {
+		const { label, url, oauthSessionManager } = options;
+		return this.executeWithGuard(label, async () => {
 			return this.attemptLogin(
-				deployment,
+				{ label, url },
 				options.autoLogin ?? false,
 				oauthSessionManager,
 			);
@@ -60,10 +60,10 @@ export class LoginCoordinator {
 	 * Shows dialog then login - for system-initiated auth (remote, OAuth refresh).
 	 */
 	public async promptForLoginWithDialog(
-		options: LoginOptions,
+		options: LoginOptions & { message?: string; detailPrefix?: string },
 	): Promise<LoginResult> {
-		const { deployment, detailPrefix, message, oauthSessionManager } = options;
-		return this.executeWithGuard(deployment.label, () => {
+		const { label, url, detailPrefix, message, oauthSessionManager } = options;
+		return this.executeWithGuard(label, () => {
 			// Show dialog promise
 			const dialogPromise = this.vscodeProposed.window
 				.showErrorMessage(
@@ -72,24 +72,32 @@ export class LoginCoordinator {
 						modal: true,
 						useCustom: true,
 						detail:
-							(detailPrefix ||
-								`Authentication needed for ${deployment.label}.`) +
+							(detailPrefix || `Authentication needed for ${label}.`) +
 							"\n\nIf you've already logged in, you may close this dialog.",
 					},
 					"Login",
 				)
 				.then(async (action) => {
 					if (action === "Login") {
-						// User clicked login - proceed with login flow
+						// Proceed with the login flow, handling logging in from another window
+						const newUrl = await maybeAskUrl(
+							this.mementoManager,
+							url || (await this.secretsManager.getUrl(label)), // TODO can we assume that "https://<label>" is always valid (wouldn't work if it's http)?
+							label,
+						);
+						if (!newUrl) {
+							throw new Error("URL must be provided");
+						}
+
 						const result = await this.attemptLogin(
-							deployment,
+							{ url: newUrl, label },
 							false,
 							oauthSessionManager,
 						);
 
 						if (result.success && result.token) {
-							await this.secretsManager.setSessionAuth(deployment.label, {
-								url: deployment.url,
+							await this.secretsManager.setSessionAuth(label, {
+								url: newUrl,
 								token: result.token,
 							});
 						}
@@ -102,10 +110,7 @@ export class LoginCoordinator {
 				});
 
 			// Race between user clicking login and cross-window detection
-			return Promise.race([
-				dialogPromise,
-				this.waitForCrossWindowLogin(deployment.label),
-			]);
+			return Promise.race([dialogPromise, this.waitForCrossWindowLogin(label)]);
 		});
 	}
 

src/oauth/sessionManager.ts

@@ -149,7 +149,7 @@ export class OAuthSessionManager implements vscode.Disposable {
 		}
 
 		this.storedTokens = tokens;
-		this.logger.info(`Loaded stored OAuth tokens for ${tokens.deployment_url}`);
+		this.logger.info(`Loaded stored OAuth tokens for ${this.deployment.label}`);
 	}
 
 	private async clearOAuthState(): Promise<void> {
@@ -749,7 +749,8 @@ export class OAuthSessionManager implements vscode.Disposable {
 		await this.secretsManager.clearAllAuthData(deployment.label);
 
 		await this.loginCoordinator.promptForLoginWithDialog({
-			deployment,
+			label: deployment.label,
+			url: deployment.url,
 			detailPrefix: errorMessage,
 			oauthSessionManager: this,
 		});

src/promptUtils.ts

@@ -73,6 +73,7 @@ async function askURL(
 		.get<string>("coder.defaultUrl")
 		?.trim();
 	const quickPick = vscode.window.createQuickPick();
+	quickPick.ignoreFocusOut = true;
 	quickPick.value =
 		selection ||
 		lastUsedUrl ||

src/remote/remote.ts

@@ -36,7 +36,6 @@ import { Inbox } from "../inbox";
 import { type Logger } from "../logging/logger";
 import { type LoginCoordinator } from "../login/loginCoordinator";
 import { OAuthSessionManager } from "../oauth/sessionManager";
-import { maybeAskUrl } from "../promptUtils";
 import {
 	AuthorityPrefix,
 	escapeCommandArg,
@@ -138,9 +137,13 @@ export class Remote {
 			);
 			disposables.push(remoteOAuthManager);
 
-			const promptForLoginAndRetry = async (message: string, url: string) => {
+			const promptForLoginAndRetry = async (
+				message: string,
+				url: string | undefined,
+			) => {
 				const result = await this.loginCoordinator.promptForLoginWithDialog({
-					deployment: { url, label: parts.label },
+					label: parts.label,
+					url,
 					message,
 					detailPrefix: `You must log in to access ${workspaceName}.`,
 					oauthSessionManager: remoteOAuthManager,
@@ -160,17 +163,7 @@ export class Remote {
 				!baseUrlRaw ||
 				(!token && needToken(vscode.workspace.getConfiguration()))
 			) {
-				const mementoManager = this.serviceContainer.getMementoManager();
-				const newUrl = await maybeAskUrl(
-					mementoManager,
-					baseUrlRaw, // TODO can we assume that "https://<parts.label>" is always valid?
-					parts.label,
-				);
-				if (!newUrl) {
-					throw new Error("URL must be provided");
-				}
-
-				return promptForLoginAndRetry("You are not logged in...", newUrl);
+				return promptForLoginAndRetry("You are not logged in...", baseUrlRaw);
 			}
 
 			this.logger.info("Using deployment URL", baseUrlRaw);