There are command line tools, like Azure az login, that uses OAuth 2.0 authorization code flow. This flow involves opening a remote login page and then redirecting back to a local address.

When working remotely, the browsers opens ok on the local computer, but fails when redirecting back, as the port of the command line tool is not locally accessible.

Example of URL that is opened on the browser: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?client_id=x&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A44549&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2F.default+offline_access+openid+profile&state=x&code_challenge=x&code_challenge_method=S256&nonce=x&client_info=1&prompt=select_account

Suggestion

I suggest that when opening a local browser, if the URL query parameters contain a local address with port, port forwarding will be created for that port.

In the above example, port 44549 of redirect_uri would be automatically forwarded.

Note that the URL in the query parameter is encoded, but a simple regular expression could be used to find the port without real unescaping.

Workarounds

I'm aware of two workarounds for auto port forwarding for az login:

1. Running az login --debug.

   This will output the local URL to stdout, which vscode parses and forwards the port (when remote.autoForwardPortsSource has the default output).

2. Set remote.autoForwardPortsSource to process.

   This will capture the opening of the local port and forward it.

My goal is that tools like az login will work out-of-the-box.

Thanks!