From 1213ca542a6cc02fd1c9405b1efb19596bb57e16 Mon Sep 17 00:00:00 2001
From: brian033 <85883730+brian033@users.noreply.github.com>
Date: Tue, 27 Jan 2026 10:23:08 +0800
Subject: [PATCH] fix(google-antigravity): use 127.0.0.1 instead of localhost
 for OAuth redirect

Google's OAuth policy blocks HTTP localhost redirects but allows loopback
IP addresses. This fixes authentication failures with the error:
"You can't sign in to this app because it doesn't comply with Google's
OAuth 2.0 policy for keeping apps secure."

Fixes #2463
---
 extensions/google-antigravity-auth/index.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/extensions/google-antigravity-auth/index.ts b/extensions/google-antigravity-auth/index.ts
index f349ada6a..cce2e4851 100644
--- a/extensions/google-antigravity-auth/index.ts
+++ b/extensions/google-antigravity-auth/index.ts
@@ -9,7 +9,7 @@ const CLIENT_ID = decode(
   "MTA3MTAwNjA2MDU5MS10bWhzc2luMmgyMWxjcmUyMzV2dG9sb2poNGc0MDNlcC5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbQ==",
 );
 const CLIENT_SECRET = decode("R09DU1BYLUs1OEZXUjQ4NkxkTEoxbUxCOHNYQzR6NnFEQWY=");
-const REDIRECT_URI = "http://localhost:51121/oauth-callback";
+const REDIRECT_URI = "http://127.0.0.1:51121/oauth-callback";
 const AUTH_URL = "https://accounts.google.com/o/oauth2/v2/auth";
 const TOKEN_URL = "https://oauth2.googleapis.com/token";
 const DEFAULT_PROJECT_ID = "rising-fact-p41fc";