@adversity/coding-tool-x 3.0.5 → 3.1.0

package/src/server/services/model-detector.js

@@ -9,21 +9,37 @@ const os = require('os');
 const https = require('https');
 const http = require('http');
 const { URL } = require('url');
+const crypto = require('crypto');
 
 // Model priority by channel type
 const MODEL_PRIORITY = {
   claude: [
-    'claude-opus-4-5-20250929',
+    'claude-opus-4-5-20251101',
     'claude-sonnet-4-5-20250929',
-    'claude-haiku-4-5-20250929',
+    'claude-haiku-4-5-20251001',
     'claude-sonnet-4-20250514',
-    'claude-opus-4-20250514',
-    'claude-haiku-3-5-20241022',
-    'claude-3-5-haiku-20241022'
+    'claude-opus-4-20250514'
   ],
-  codex: ['gpt-4o-mini', 'gpt-4o', 'gpt-5-codex', 'o3'],
-  gemini: ['gemini-2.5-flash', 'gemini-2.5-pro']
+  codex: [
+    'gpt-5.2-codex',
+    'gpt-5.1-codex-max',
+    'gpt-5.1-codex-mini',
+    'gpt-5.1-codex',
+    'gpt-5-codex',
+    'gpt-5.2',
+    'gpt-5.1',
+    'gpt-5'
+  ],
+  gemini: [
+    'gemini-3-pro',
+    'gemini-3-flash',
+    'gemini-3-deep-think',
+    'gemini-2.5-pro',
+    'gemini-2.5-flash'
+  ]
 };
+// openai_compatible 复用 codex 的模型列表
+MODEL_PRIORITY.openai_compatible = MODEL_PRIORITY.codex;
 
 const PROVIDER_CAPABILITIES = {
   claude: {
@@ -132,6 +148,63 @@ const MODEL_ALIASES = {
 const CACHE_DURATION_MS = 5 * 60 * 1000; // 5 minutes
 const TEST_TIMEOUT_MS = 10000; // 10 seconds per model test
 
+/**
+ * Generate realistic User-Agent strings that mimic official SDKs
+ * @param {string} channelType - 'claude' | 'codex' | 'gemini' | 'openai_compatible'
+ * @returns {string} - User-Agent string
+ */
+function getRealisticUserAgent(channelType) {
+  const nodeVersion = process.version.slice(1); // e.g., "18.17.0"
+  const platform = process.platform; // e.g., "darwin", "linux", "win32"
+
+  switch (channelType) {
+    case 'claude':
+      // Mimics official Anthropic Python SDK
+      return `anthropic-sdk-python/0.39.0 python/3.11.4 ${platform}`;
+    case 'gemini':
+      // Mimics official Google SDK
+      return `google-generativeai/0.8.2 python/3.11.4 ${platform}`;
+    case 'codex':
+    case 'openai_compatible':
+    default:
+      // Mimics official OpenAI Python SDK
+      return `OpenAI/Python/1.56.0`;
+  }
+}
+
+/**
+ * Add a small random delay between requests to avoid rate limiting
+ * and appear more human-like (100-300ms)
+ * @returns {Promise<void>}
+ */
+async function randomDelay() {
+  const delay = 100 + Math.random() * 200;
+  return new Promise(resolve => setTimeout(resolve, delay));
+}
+
+/**
+ * Build common headers for API requests that look like legitimate SDK clients
+ * @param {string} channelType - Channel type
+ * @param {Object} channel - Channel configuration
+ * @returns {Object} - Headers object
+ */
+function buildRequestHeaders(channelType, channel) {
+  const headers = {
+    'User-Agent': getRealisticUserAgent(channelType),
+    'Accept': 'application/json',
+    'Accept-Encoding': 'gzip, deflate',
+    'Connection': 'keep-alive',
+    'X-Request-Id': crypto.randomUUID()
+  };
+
+  // For OpenAI-compatible APIs, add additional headers
+  if (channelType === 'codex' || channelType === 'openai_compatible') {
+    headers['OpenAI-Beta'] = 'assistants=v2';
+  }
+
+  return headers;
+}
+
 /**
  * Get cache file path
  */
@@ -210,9 +283,10 @@ async function testModelAvailability(channel, channelType, model) {
       const baseUrl = channel.baseUrl.trim().replace(/\/+$/, '');
       let testUrl;
       let requestBody;
+      // Start with common headers that look like legitimate SDK clients
       let headers = {
-        'Content-Type': 'application/json',
-        'User-Agent': 'Coding-Tool-ModelDetector/1.0'
+        ...buildRequestHeaders(channelType, channel),
+        'Content-Type': 'application/json'
       };
 
       // Construct API endpoint and request based on channel type
@@ -225,8 +299,11 @@ async function testModelAvailability(channel, channelType, model) {
           max_tokens: 1,
           messages: [{ role: 'user', content: 'test' }]
         });
-      } else if (channelType === 'codex') {
-        testUrl = `${baseUrl}/v1/chat/completions`;
+      } else if (channelType === 'codex' || channelType === 'openai_compatible') {
+        // 处理 baseUrl 已包含 /v1 的情况
+        testUrl = baseUrl.endsWith('/v1')
+          ? `${baseUrl}/chat/completions`
+          : `${baseUrl}/v1/chat/completions`;
         headers['Authorization'] = `Bearer ${channel.apiKey}`;
         requestBody = JSON.stringify({
           model: model,
@@ -344,9 +421,16 @@ async function probeModelAvailability(channel, channelType) {
   console.log(`[ModelDetector] Testing models for channel ${channel.name} (${channelType})...`);
 
   const availableModels = [];
+  let isFirstModel = true;
 
   // Test models in priority order
   for (const model of modelsToTest) {
+    // Add delay between model tests to avoid rate limiting (skip first)
+    if (!isFirstModel) {
+      await randomDelay();
+    }
+    isFirstModel = false;
+
     const isAvailable = await testModelAvailability(channel, channelType, model);
 
     if (isAvailable) {
@@ -421,8 +505,12 @@ function getCachedModelInfo(channelId) {
  * @returns {Promise<Object>} { models: string[], supported: boolean, cached: boolean, error: string|null, fallbackUsed: boolean }
  */
 async function fetchModelsFromProvider(channel, channelType) {
-  // If no type specified or type is 'claude', auto-detect
-  if (!channelType || channelType === 'claude') {
+  // PRESERVE original channel type for fallback model selection
+  const originalChannelType = channelType;
+
+  // Only auto-detect if channelType is NOT specified at all
+  // DO NOT auto-detect when channelType is 'claude' - respect the caller's intent
+  if (!channelType) {
     channelType = detectChannelType(channel);
     console.log(`[ModelDetector] Auto-detected channel type: ${channelType} for ${channel.name}`);
   }
@@ -457,17 +545,18 @@ async function fetchModelsFromProvider(channel, channelType) {
   return new Promise((resolve) => {
     try {
       const baseUrl = channel.baseUrl.trim().replace(/\/+$/, '');
-      const endpoint = capability.modelListEndpoint;
-      const requestUrl = `${baseUrl}${endpoint}`;
+      const endpoint = capability.modelListEndpoint; // e.g. '/v1/models'
+      // 避免路径重复：如果 baseUrl 已包含 /v1，则只拼接 /models
+      const requestUrl = baseUrl.endsWith('/v1') && endpoint.startsWith('/v1/')
+        ? `${baseUrl}${endpoint.slice(3)}`
+        : `${baseUrl}${endpoint}`;
 
       const parsedUrl = new URL(requestUrl);
       const isHttps = parsedUrl.protocol === 'https:';
       const httpModule = isHttps ? https : http;
 
-      const headers = {
-        'User-Agent': 'Coding-Tool-ModelDetector/1.0',
-        'Accept': 'application/json'
-      };
+      // Use realistic SDK headers to avoid anti-crawler detection
+      const headers = buildRequestHeaders(channelType, channel);
 
       // Add authentication header
       if (capability.authHeader && channel.apiKey) {
@@ -540,11 +629,15 @@ async function fetchModelsFromProvider(channel, channelType) {
             let errorHint;
 
             if (isCloudflare) {
-              errorMessage = 'Cloudflare 防护拦截，已使用默认模型';
-              errorHint = '该 API 端点受 Cloudflare 保护，已自动使用默认模型 claude-sonnet-4-5';
-              console.warn(`[ModelDetector] Cloudflare protection detected for ${channel.name}, using default model`);
+              // Use originalChannelType for fallback to ensure correct models
+              // This prevents Claude channels from getting Codex models when using third-party proxies
+              const fallbackModels = MODEL_PRIORITY[originalChannelType || channelType] || MODEL_PRIORITY.claude;
+              const fallbackLabel = fallbackModels[0] || 'unknown';
+              errorMessage = 'Cloudflare 防护拦截，已使用默认模型列表';
+              errorHint = `该 API 端点受 Cloudflare 保护，已自动使用默认模型列表`;
+              console.warn(`[ModelDetector] Cloudflare protection detected for ${channel.name}, using default models for ${originalChannelType || channelType}`);
               resolve({
-                models: ['claude-sonnet-4-5'],
+                models: fallbackModels,
                 supported: true,
                 cached: false,
                 fallbackUsed: true,

package/src/server/services/oauth-callback-server.js

@@ -0,0 +1,284 @@
+'use strict';
+
+const http = require('http');
+const url = require('url');
+
+// Store active servers by port
+const activeServers = new Map();
+
+// Default timeout for auto-close (30 seconds)
+const DEFAULT_TIMEOUT_MS = 30000;
+
+// Delay before closing server after callback (1 second)
+const CLOSE_DELAY_MS = 1000;
+
+/**
+ * Generate HTML response page
+ * @param {boolean} success - Whether authorization was successful
+ * @param {string} [errorMessage] - Error message if failed
+ * @returns {string} HTML content
+ */
+function generateHtmlResponse(success, errorMessage) {
+  const title = success ? 'Authorization Successful' : 'Authorization Failed';
+  const titleCn = success ? '授权成功' : '授权失败';
+  const message = success
+    ? 'You can close this window now.'
+    : `Error: ${errorMessage || 'Unknown error'}`;
+  const messageCn = success
+    ? '您现在可以关闭此窗口。'
+    : `错误: ${errorMessage || '未知错误'}`;
+  const icon = success ? '✔' : '✖';
+  const color = success ? '#4CAF50' : '#f44336';
+
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>${title}</title>
+  <style>
+    * {
+      margin: 0;
+      padding: 0;
+      box-sizing: border-box;
+    }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;
+      background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+      min-height: 100vh;
+      display: flex;
+      justify-content: center;
+      align-items: center;
+      padding: 20px;
+    }
+    .container {
+      background: white;
+      border-radius: 16px;
+      padding: 48px;
+      text-align: center;
+      box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
+      max-width: 400px;
+      width: 100%;
+    }
+    .icon {
+      width: 80px;
+      height: 80px;
+      border-radius: 50%;
+      background: ${color};
+      color: white;
+      font-size: 40px;
+      line-height: 80px;
+      margin: 0 auto 24px;
+    }
+    h1 {
+      color: #333;
+      font-size: 24px;
+      margin-bottom: 8px;
+    }
+    .subtitle {
+      color: #666;
+      font-size: 14px;
+      margin-bottom: 16px;
+    }
+    p {
+      color: #555;
+      font-size: 16px;
+      line-height: 1.5;
+    }
+    .error-detail {
+      background: #fff3f3;
+      border: 1px solid #ffcdd2;
+      border-radius: 8px;
+      padding: 12px;
+      margin-top: 16px;
+      color: #c62828;
+      font-size: 14px;
+      word-break: break-word;
+    }
+    .auto-close {
+      margin-top: 24px;
+      color: #999;
+      font-size: 12px;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div class="icon">${icon}</div>
+    <h1>${title}</h1>
+    <p class="subtitle">${titleCn}</p>
+    <p>${message}</p>
+    <p style="color: #888; font-size: 14px; margin-top: 8px;">${messageCn}</p>
+    ${!success && errorMessage ? `<div class="error-detail">${errorMessage}</div>` : ''}
+    <p class="auto-close">This window will close automatically...</p>
+  </div>
+  <script>
+    setTimeout(function() { window.close(); }, 3000);
+  </script>
+</body>
+</html>`;
+}
+
+/**
+ * Start OAuth callback server
+ * @param {number} port - Port to listen on
+ * @param {string} callbackPath - Path to handle callbacks (e.g., '/callback')
+ * @param {Function} onCallback - Callback function with { code, state, error, errorDescription }
+ * @returns {Promise<http.Server>} The HTTP server instance
+ */
+async function startCallbackServer(port, callbackPath, onCallback) {
+  // Check if server is already running on this port
+  if (activeServers.has(port)) {
+    throw new Error(`OAuth callback server already running on port ${port}`);
+  }
+
+  // Normalize callback path
+  const normalizedPath = callbackPath.startsWith('/') ? callbackPath : `/${callbackPath}`;
+
+  return new Promise((resolve, reject) => {
+    const server = http.createServer((req, res) => {
+      const parsedUrl = url.parse(req.url, true);
+      const pathname = parsedUrl.pathname;
+
+      // Only handle the callback path
+      if (pathname !== normalizedPath) {
+        res.writeHead(404, { 'Content-Type': 'text/plain' });
+        res.end('Not Found');
+        return;
+      }
+
+      // Parse query parameters
+      const query = parsedUrl.query;
+      const code = query.code || null;
+      const state = query.state || null;
+      const error = query.error || null;
+      const errorDescription = query.error_description || null;
+
+      // Determine success/failure
+      const success = !error && code;
+      const errorMessage = error
+        ? `${error}${errorDescription ? `: ${errorDescription}` : ''}`
+        : null;
+
+      // Send HTML response
+      res.writeHead(success ? 200 : 400, { 'Content-Type': 'text/html; charset=utf-8' });
+      res.end(generateHtmlResponse(success, errorMessage));
+
+      // Call the callback
+      try {
+        onCallback({
+          code,
+          state,
+          error,
+          errorDescription
+        });
+      } catch (err) {
+        console.error('Error in OAuth callback handler:', err);
+      }
+
+      // Auto-close server after delay
+      setTimeout(() => {
+        stopCallbackServer(port);
+      }, CLOSE_DELAY_MS);
+    });
+
+    // Set up timeout for auto-close
+    const timeoutId = setTimeout(() => {
+      if (activeServers.has(port)) {
+        console.log(`OAuth callback server on port ${port} timed out, closing...`);
+        stopCallbackServer(port);
+      }
+    }, DEFAULT_TIMEOUT_MS);
+
+    // Handle server errors
+    server.on('error', (err) => {
+      clearTimeout(timeoutId);
+      activeServers.delete(port);
+
+      if (err.code === 'EADDRINUSE') {
+        reject(new Error(`Port ${port} is already in use. Please try a different port or close the application using it.`));
+      } else if (err.code === 'EACCES') {
+        reject(new Error(`Permission denied to bind to port ${port}. Try a port number above 1024.`));
+      } else {
+        reject(new Error(`Failed to start OAuth callback server: ${err.message}`));
+      }
+    });
+
+    // Start listening
+    server.listen(port, '127.0.0.1', () => {
+      // Store server info
+      activeServers.set(port, {
+        server,
+        timeoutId,
+        callbackPath: normalizedPath
+      });
+
+      console.log(`OAuth callback server started on http://127.0.0.1:${port}${normalizedPath}`);
+      resolve(server);
+    });
+  });
+}
+
+/**
+ * Stop OAuth callback server
+ * @param {number} port - Port of the server to stop
+ * @returns {boolean} True if server was stopped, false if not found
+ */
+function stopCallbackServer(port) {
+  const serverInfo = activeServers.get(port);
+
+  if (!serverInfo) {
+    return false;
+  }
+
+  // Clear timeout
+  if (serverInfo.timeoutId) {
+    clearTimeout(serverInfo.timeoutId);
+  }
+
+  // Close server
+  try {
+    serverInfo.server.close();
+    console.log(`OAuth callback server on port ${port} stopped`);
+  } catch (err) {
+    console.error(`Error stopping OAuth callback server on port ${port}:`, err.message);
+  }
+
+  activeServers.delete(port);
+  return true;
+}
+
+/**
+ * Check if server is running on port
+ * @param {number} port - Port to check
+ * @returns {boolean} True if server is running
+ */
+function isServerRunning(port) {
+  return activeServers.has(port);
+}
+
+/**
+ * Get all active server ports
+ * @returns {number[]} Array of active ports
+ */
+function getActiveServers() {
+  return Array.from(activeServers.keys());
+}
+
+/**
+ * Stop all active servers
+ * @returns {number} Number of servers stopped
+ */
+function stopAllServers() {
+  const ports = getActiveServers();
+  ports.forEach(port => stopCallbackServer(port));
+  return ports.length;
+}
+
+module.exports = {
+  startCallbackServer,
+  stopCallbackServer,
+  isServerRunning,
+  getActiveServers,
+  stopAllServers
+};