1ef9693780
Adds backend support for OAuth Device Authorization Grant (RFC 8628) to enable CLI authentication via 'openhands login' command. Components added: - Database migration for device_auth_sessions table - DeviceAuthStore for managing device authorization sessions - API endpoints for device code generation and polling - HTML verification page for user code entry - Comprehensive test suite Database schema: - device_code (primary key) - user_code (unique, human-readable) - user_id (nullable until authorized) - api_key (nullable until authorized) - created_at, expires_at (timestamps) - status (pending/authorized/denied/expired) API endpoints: - POST /api/v1/auth/device - Request device code - POST /api/v1/auth/device/token - Poll for authorization - POST /api/v1/auth/device/authorize - Web authorization endpoint - GET /device - User verification page Security features: - Cryptographically secure device code generation - Human-readable user codes (no confusable characters) - 5-minute expiration on device codes - One-time use codes - Status tracking to prevent reuse - Automatic expired session cleanup Testing: - 18 comprehensive unit tests - Tests for all success and error scenarios - SQLite in-memory database for fast testing - Platform-agnostic test design Integration: - Wired into enterprise SaaS server - Compatible with existing auth infrastructure - Graceful degradation if user denies access This PR works with CLI PR #174 in OpenHands-CLI repository. Co-authored-by: openhands <openhands@all-hands.dev>
OpenHands: AI-Driven Development
🙌 Welcome to OpenHands, a community focused on AI-driven development. We’d love for you to join us on Slack.
There are a few ways to work with OpenHands:
OpenHands Software Agent SDK
The SDK is a composable Python library that contains all of our agentic tech. It's the engine that powers everything else below.
Define agents in code, then run them locally, or scale to 1000s of agents in the cloud.
Check out the docs or view the source
OpenHands CLI
The CLI is the easiest way to start using OpenHands. The experience will be familiar to anyone who has worked with e.g. Claude Code or Codex. You can power it with Claude, GPT, or any other LLM.
Check out the docs or view the source
OpenHands Local GUI
Use the Local GUI for running agents on your laptop. It comes with a REST API and a single-page React application. The experience will be familiar to anyone who has used Devin or Jules.
Check out the docs or view the source in this repo.
OpenHands Cloud
This is a deployment of OpenHands GUI, running on hosted infrastructure.
You can try it with a free $10 credit by signing in with your GitHub account.
OpenHands Cloud comes with source-available features and integrations:
- Integrations with Slack, Jira, and Linear
- Multi-user support
- RBAC and permissions
- Collaboration features (e.g., conversation sharing)
OpenHands Enterprise
Large enterprises can work with us to self-host OpenHands Cloud in their own VPC, via Kubernetes. OpenHands Enterprise can also work with the CLI and SDK above.
OpenHands Enterprise is source-available--you can see all the source code here in the enterprise/ directory, but you'll need to purchase a license if you want to run it for more than one month.
Enterprise contracts also come with extended support and access to our research team.
Learn more at openhands.dev/enterprise
Everything Else
Check out our Product Roadmap, and feel free to open up an issue if there's something you'd like to see!
You might also be interested in our evaluation infrastructure, our chrome extension, or our Theory-of-Mind module.
All our work is available under the MIT license, except for the enterprise/ directory in this repository (see the enterprise license for details).
The core openhands and agent-server Docker images are fully MIT-licensed as well.
If you need help with anything, or just want to chat, come find us on Slack.