Improvements to documentation with regards to remote OAuth issue

[mojomast]

Summary

Added comprehensive documentation explaining the OAuth token authentication issue when the proxy runs on remote hosts and the SSH port forwarding solution.

Changes

• README.md: Added new section "Remote Host Deployment (SSH Port Forwarding)" with detailed problem explanation and solution examples
• DOCUMENTATION.md: Added section 2.6.4 explaining remote host authentication with SSH port forwarding
• Deployment guide.md: Updated SSH tunnel commands to match standardized examples
• Added troubleshooting entry for OAuth callback failures on remote VPS

Details

This documentation addresses the issue where OAuth callbacks to localhost fail on remote VPS deployments because localhost on the VPS refers to the VPS itself, not the user's local machine. The solution uses SSH port forwarding to tunnel OAuth callback ports back to the local machine during credential setup.

Two approaches are documented:

1. SSH port forwarding for direct VPS authentication
2. Local authentication + credential export for stateless deployment

Example Usage

SSH Port Forwarding (for adding credentials directly on VPS)

# Forward all three OAuth ports simultaneously
ssh -L 8085:localhost:8085 -L 51121:localhost:51121 -L 11451:localhost:11451 user@your-vps-ip

# Then run credential tool on VPS
python -m rotator_library.credential_tool

Alternative: Local Authentication + Export

1. Complete OAuth flows locally
2. Export credentials to environment variables using the credential tool
3. Deploy .env file to remote server

---

Important

Improves documentation for handling OAuth callback issues on remote hosts using SSH port forwarding, with updates in README.md, DOCUMENTATION.md, and Deployment guide.md.

• Documentation Enhancements:
  • README.md: Adds "Remote Host Deployment (SSH Port Forwarding)" section explaining OAuth callback issues and SSH port forwarding solution.
  • DOCUMENTATION.md: Introduces section 2.6.4 on remote host authentication using SSH port forwarding.
  • Deployment guide.md: Updates SSH tunnel commands to standardized examples.
• Troubleshooting:
  • Adds entry for OAuth callback failures on remote VPS in README.md.

^{This description was created by for c1e07c0. You can customize this summary. It will automatically update as commits are pushed.}

[mirrobot-agent]

I'm beginning my review of the documentation improvements for remote OAuth authentication. I'll examine the new SSH port forwarding instructions and the troubleshooting guide to ensure everything is clear and accurate.

[mirrobot-agent]

Overall Assessment

This PR provides excellent and much-needed documentation for handling OAuth authentication on remote hosts. The explanation of why localhost callbacks fail on a VPS and how to use SSH port forwarding as a solution is clear and will save users a lot of troubleshooting time.

Architectural Feedback

The approach of documenting both the SSH tunnel method and the "local auth + export" alternative is great, as it covers different deployment styles (persistent VPS vs. stateless cloud).

Key Suggestions

• Consistency: I noticed the iFlow port (11451) was missing from a few of the aggregate examples in README.md. Keeping all three ports (8085, 51121, 11451) in the "all-at-once" examples ensures all providers are covered.
• Headless VPS Context: I suggested a small clarification regarding the "opening browser" behavior, as users on headless servers will typically need to copy-paste a URL manually.
• Actionability: Added a suggestion to include the specific --export flag in the alternative workflow section to make it easier for users to follow.

Questions for the Author

None. The documentation is very straightforward and helpful.

This review was generated by an AI assistant.

[mirrobot-agent]

It might be helpful to include the actual command for exporting credentials here, e.g., python -m rotator_library.credential_tool --export, so users don’t have to hunt for it.

[mirrobot-agent]

There is a slight formatting inconsistency with the indentation of the comment here (triple space vs single space on other lines).

Suggested change

	ssh -L 51121:localhost:51121 user@your-vps-ip # For Antigravity
	ssh -L 51121:localhost:51121 user@your-vps-ip # For Antigravity

[mirrobot-agent]

The iFlow port (11451) is missing from this example, while it is included in the examples just above (line 809). Adding it here would ensure consistency.

Suggested change

	1. **Establish SSH tunnel** (keep this connection open):
	ssh -L 8085:localhost:8085 -L 51121:localhost:51121 -L 11451:localhost:11451 user@your-vps-ip

[mirrobot-agent]

On many remote servers (especially headless VPS instances), the credential tool cannot automatically open a browser window. It usually prints a URL for the user to copy. Clarifying this (e.g., "The tool will provide a URL to open in your local browser") would be more accurate for VPS users.

[mirrobot-agent]

The iFlow port (11451) is also missing from this troubleshooting entry. Including it would ensure all OAuth providers are covered.

Suggested change

	| OAuth callback failed on remote VPS | Use SSH port forwarding: `ssh -L 8085:localhost:8085 -L 51121:localhost:51121 user@your-vps-ip` |
	| OAuth callback failed on remote VPS | Use SSH port forwarding: `ssh -L 8085:localhost:8085 -L 51121:localhost:51121 -L 11451:localhost:11451 user@your-vps-ip` |