opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 8 hours ago verified publisher icon anomalyco

WSL2/devcontainer: MCP OAuth callback unreachable from host browser (Sentry)

Open chrisolszewski opened this issue 20 hours ago • 2 comments

Description

OAuth auth for the Sentry MCP server fails for me when OpenCode is running inside WSL2 (or a container/devcontainer) but the browser is on the host.

After auth, the provider redirects to something like http://127.0.0.1:19876/mcp/oauth/callback, but the host browser can’t reach the callback listener inside WSL/container (connection refused / timeout). OpenCode never receives the callback, so the flow doesn’t complete.

Proposed fix

Allow configuring the bind host for the callback listener per server (opt-in, default unchanged). PR #9078 implements this approach.

Note: binding to 0.0.0.0 can expose the callback port; docs should warn. In containers you may also need to publish/forward port 19876.

Plugins

none

OpenCode version

v1.1.25

Steps to reproduce

  1. Configure:
{
  "$schema": "https://opencode.ai/config.json",
  "mcp": {
    "sentry": {
      "type": "remote",
      "url": "https://mcp.sentry.dev/mcp",
      "oauth": {}
    }
  }
}
  1. Run opencode mcp auth sentry
  2. Complete auth in the host browser
  3. Redirect back to 127.0.0.1:19876 fails / OpenCode keeps waiting.

Operating System

Windows 11 / WSL2 - Ubuntu 24.04

Terminal

Wezterm

chrisolszewski avatar Jan 17 '26 12:01 chrisolszewski