fix: expose actionable session details in login --json

src/authsome/cli/main.py

@@ -105,6 +105,29 @@ def build_provider_entry(provider_data, source: str) -> dict:
     ctx_obj.print_json({"bundled": bundled_out, "custom": custom_out})
 
 
+def _build_login_json_payload(session_info: dict[str, Any], provider: str, connection: str) -> dict[str, Any]:
+    """Return machine-usable login output for CLI JSON mode."""
+    status = session_info.get("status")
+    payload: dict[str, Any] = {
+        "status": "success" if status == "completed" else "started",
+        "provider": provider,
+        "connection": connection,
+        "record_status": status,
+    }
+    if session_id := session_info.get("id"):
+        payload["session_id"] = session_id
+    next_action = session_info.get("next_action")
+    if isinstance(next_action, dict) and next_action.get("type") == "open_url":
+        auth_url = next_action.get("url")
+        if auth_url:
+            payload["auth_url"] = auth_url
+    for field in ("user_code", "verification_uri", "verification_uri_complete"):
+        value = session_info.get(field)
+        if value:
+            payload[field] = value
+    return payload
+
+
 @cli.command()
 @click.argument("provider")
 @click.option("--connection", default="default", metavar="NAME", help="Connection name.")
@@ -141,12 +164,9 @@ async def login(
             base_url=base_url,
             force=force,
         )
-        status = session_info.get("status")
-        login_result = {"status": "started", "record_status": status}
+        login_result = _build_login_json_payload(session_info, provider, connection)
 
-        if status == "completed":
-            login_result["status"] = "success"
-        else:
+        if login_result["status"] != "success":
             next_action = session_info.get("next_action", {"type": "none"})
             action_type = next_action.get("type")
 
@@ -169,14 +189,7 @@ async def login(
     except Exception:
         raise
 
-    ctx_obj.print_json(
-        {
-            "status": login_result.get("status", "success"),
-            "provider": provider,
-            "connection": connection,
-            "record_status": login_result.get("record_status"),
-        }
-    )
+    ctx_obj.print_json(login_result)
 
 
 @cli.command(name="scan")

src/authsome/server/credential_service.py

@@ -494,7 +494,7 @@ async def get_required_inputs(
             fields.append(
                 InputField(
                     name="client_id",
-                    label="Client ID (leave blank for public device code flow)",
+                    label="Client ID",
                     secret=False,
                     default=flow_client_id or "",
                 )

src/authsome/server/routes/auth.py

@@ -442,6 +442,9 @@ def _session_response(session: AuthSession, server_base_url: str) -> AuthSession
         created_at=session.created_at,
         expires_at=session.expires_at,
         next_action=action,
+        user_code=session.payload.get("user_code"),
+        verification_uri=session.payload.get("verification_uri"),
+        verification_uri_complete=session.payload.get("verification_uri_complete"),
     )
 
 

src/authsome/server/schemas.py

@@ -53,6 +53,9 @@ class AuthSessionResponse(BaseModel):
     created_at: datetime | None = None
     expires_at: datetime | None = None
     next_action: NextAction = Field(default_factory=NoneAction)
+    user_code: str | None = None
+    verification_uri: str | None = None
+    verification_uri_complete: str | None = None
 
 
 class UiBootstrapResponse(BaseModel):

src/authsome/server/ui/pages.py

@@ -393,7 +393,7 @@ def device_code_page(
 
     <div class="code-wrap">
       <input type="text" id="user-code" value="{html.escape(user_code)}" readonly>
-      <button class="copybtn" onclick="copyCode()">Copy</button>
+      <button type="button" class="copybtn" onclick="copyCode(this)">Copy</button>
     </div>
 
     <a href="{html.escape(link)}" target="_blank" class="verify">Open Login Page</a>
@@ -403,15 +403,55 @@ def device_code_page(
     </p>
 
     <script>
-      function copyCode() {{
+      function legacyCopy(text) {{
+        var textarea = document.createElement("textarea");
+        textarea.value = text;
+        textarea.setAttribute("readonly", "");
+        textarea.style.position = "fixed";
+        textarea.style.top = "-9999px";
+        textarea.style.left = "-9999px";
+        textarea.style.opacity = "0";
+        document.body.appendChild(textarea);
+        textarea.focus();
+        textarea.select();
+        textarea.setSelectionRange(0, textarea.value.length);
+
+        var copied = false;
+        try {{
+          copied = document.execCommand("copy");
+        }} catch (err) {{
+          copied = false;
+        }}
+
+        document.body.removeChild(textarea);
+        return copied;
+      }}
+
+      async function copyCode(btn) {{
         var copyText = document.getElementById("user-code");
-        copyText.select();
-        copyText.setSelectionRange(0, 99999);
-        navigator.clipboard.writeText(copyText.value);
-
-        const btn = document.querySelector('.copybtn');
+        var value = copyText.value;
+
+        var copied = legacyCopy(value);
+        if (!copied && navigator.clipboard && typeof navigator.clipboard.writeText === "function") {{
+          try {{
+            await navigator.clipboard.writeText(value);
+            copied = true;
+          }} catch (err) {{
+            copied = false;
+          }}
+        }}
+
+        if (!copied) {{
+          copyText.focus();
+          copyText.select();
+          copyText.setSelectionRange(0, copyText.value.length);
+        }}
+
         const originalText = btn.innerText;
-        btn.innerText = 'Copied!';
+        btn.innerText = copied ? 'Copied!' : 'Press Cmd+C';
+        if (!copied) {{
+          window.prompt("Copy this code:", value);
+        }}
         setTimeout(() => {{
           btn.innerText = originalText;
         }}, 2000);