Fix: suppress TOTP wait message in JSON output mode

cursoragent · masnwilliams · cursoragent · commit 42ebd6d7c332 · 2026-01-21T04:50:45.000Z
The generateTOTPCode function unconditionally printed a human-readable
message via pterm.Info.Printf when waiting for a fresh TOTP window. This
could corrupt JSONL output when --output json was specified in
AgentAuthRunCmd.Run.

Added a 'quiet' parameter to generateTOTPCode to suppress console output
when in JSON mode, preventing non-JSON messages from corrupting the
output stream for programmatic consumers.

Co-authored-by: mason &lt;mason@onkernel.com&gt;
diff --git a/cmd/agents.go b/cmd/agents.go
@@ -517,15 +517,18 @@ const (
 
 // generateTOTPCode generates a TOTP code from a base32 secret.
 // Waits for a fresh window if needed to ensure enough time to submit the code.
-func generateTOTPCode(secret string) (string, error) {
+// If quiet is true, suppresses human-readable console output (for JSON mode).
+func generateTOTPCode(secret string, quiet bool) (string, error) {
 	// Check if we have enough time in the current window
 	now := time.Now().Unix()
 	secondsIntoWindow := now % totpPeriod
 	remaining := totpPeriod - secondsIntoWindow
 
 	if remaining < minSecondsRemaining {
 		waitTime := remaining + 1 // Wait until just after the new window starts
-		pterm.Info.Printf("TOTP window has only %ds remaining, waiting %ds for fresh window...\n", remaining, waitTime)
+		if !quiet {
+			pterm.Info.Printf("TOTP window has only %ds remaining, waiting %ds for fresh window...\n", remaining, waitTime)
+		}
 		time.Sleep(time.Duration(waitTime) * time.Second)
 	}
 
@@ -813,7 +816,7 @@ func (c AgentAuthRunCmd) Run(ctx context.Context, in AgentAuthRunInput) error {
 							totpPatterns := []string{"totp", "code", "verification", "otp", "2fa", "mfa", "authenticator", "token"}
 							for _, pattern := range totpPatterns {
 								if strings.Contains(fieldLower, pattern) {
-									code, err := generateTOTPCode(in.TotpSecret)
+									code, err := generateTOTPCode(in.TotpSecret, jsonOutput)
 									if err == nil {
 										submitValues[fieldName] = code
 										matched = true
@@ -889,7 +892,7 @@ func (c AgentAuthRunCmd) Run(ctx context.Context, in AgentAuthRunInput) error {
 
 				if hasTOTP && in.TotpSecret != "" {
 					// Generate and submit TOTP code
-					code, err := generateTOTPCode(in.TotpSecret)
+					code, err := generateTOTPCode(in.TotpSecret, jsonOutput)
 					if err != nil {
 						return err
 					}
