From f17b89f7cd1c55ba7c1c2490bcd6938df0b05123 Mon Sep 17 00:00:00 2001 From: Mateo Cuervo Date: Wed, 26 Nov 2025 10:18:22 -0500 Subject: [PATCH 1/2] update client.go --- pkg/auth/client.go | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/pkg/auth/client.go b/pkg/auth/client.go index c3064c6..58bf2c4 100644 --- a/pkg/auth/client.go +++ b/pkg/auth/client.go @@ -12,7 +12,17 @@ import ( // GetAuthenticatedClient returns a Kernel client with appropriate authentication func GetAuthenticatedClient(opts ...option.RequestOption) (*kernel.Client, error) { - // Try to use stored OAuth tokens first + // Try to use API key first if available + apiKey := os.Getenv("KERNEL_API_KEY") + if apiKey != "" { + pterm.Debug.Println("Using API key authentication") + + authOpts := append(opts, option.WithHeader("Authorization", "Bearer "+apiKey)) + client := kernel.NewClient(authOpts...) + return &client, nil + } + + // Fallback to OAuth tokens if no API key is available tokens, err := LoadTokens() if err == nil { // Check if access token is expired and refresh if needed @@ -41,15 +51,6 @@ func GetAuthenticatedClient(opts ...option.RequestOption) (*kernel.Client, error return &client, nil } - // Fallback to API key if no OAuth tokens are available - apiKey := os.Getenv("KERNEL_API_KEY") - if apiKey == "" { - return nil, fmt.Errorf("no authentication available. Please run 'kernel login' or set KERNEL_API_KEY environment variable") - } - - pterm.Debug.Println("Using API key authentication (fallback)") - - authOpts := append(opts, option.WithHeader("Authorization", "Bearer "+apiKey)) - client := kernel.NewClient(authOpts...) - return &client, nil + // No authentication available + return nil, fmt.Errorf("no authentication available. Please run 'kernel login' or set KERNEL_API_KEY environment variable") } From 2d0bb2ea63d97127eecb02c7a38b381d6b138759 Mon Sep 17 00:00:00 2001 From: Mateo Cuervo Date: Wed, 26 Nov 2025 10:30:57 -0500 Subject: [PATCH 2/2] update oauth.go --- pkg/auth/oauth.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkg/auth/oauth.go b/pkg/auth/oauth.go index de97eaa..dcb730e 100644 --- a/pkg/auth/oauth.go +++ b/pkg/auth/oauth.go @@ -25,11 +25,22 @@ var successHTML string const ( // MCP Server OAuth endpoints (which proxy to Clerk) + // Production AuthURL = "https://auth.onkernel.com/authorize" TokenURL = "https://auth.onkernel.com/token" + + // Staging + // AuthURL = "https://auth.dev.onkernel.com/authorize" + // TokenURL = "https://auth.dev.onkernel.com/token" + + // Local + // AuthURL = "http://localhost:3002/authorize" + // TokenURL = "http://localhost:3002/token" // OAuth client configuration ClientID = "hmFrJn9hKDV2N02M" // Prod Kernel CLI OAuth Client ID + // ClientID = "gkUVbm11p6EqKd7r" // Staging Kernel CLI OAuth Client ID + // ClientID = "J7i8BKwyFBoyPQN3" // Local Kernel CLI OAuth Client ID RedirectURI = "http://localhost" // OAuth scopes - openid for the MCP server flow