@agi-cli/sdk 0.1.110 → 0.1.112

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@agi-cli/sdk",
-	"version": "0.1.110",
+	"version": "0.1.112",
 	"description": "AI agent SDK for building intelligent assistants - tree-shakable and comprehensive",
 	"author": "ntishxyz",
 	"license": "MIT",

package/src/auth/src/index.ts

@@ -68,3 +68,12 @@ export {
 	openAuthUrl,
 	createApiKey,
 } from './oauth.ts';
+
+export {
+	authorizeOpenAI,
+	exchangeOpenAI,
+	refreshOpenAIToken,
+	openOpenAIAuthUrl,
+	obtainOpenAIApiKey,
+	type OpenAIOAuthResult,
+} from './openai-oauth.ts';

package/src/auth/src/openai-oauth.ts

@@ -0,0 +1,283 @@
+import { spawn } from 'node:child_process';
+import { randomBytes, createHash } from 'node:crypto';
+import { createServer } from 'node:http';
+
+const OPENAI_CLIENT_ID = 'app_EMoamEEZ73f0CkXaXp7hrann';
+const OPENAI_ISSUER = 'https://auth.openai.com';
+const OPENAI_CALLBACK_PORT = 1455;
+
+function generatePKCE() {
+	const verifier = randomBytes(32)
+		.toString('base64')
+		.replace(/\+/g, '-')
+		.replace(/\//g, '_')
+		.replace(/=/g, '');
+
+	const challenge = createHash('sha256')
+		.update(verifier)
+		.digest('base64')
+		.replace(/\+/g, '-')
+		.replace(/\//g, '_')
+		.replace(/=/g, '');
+
+	return { verifier, challenge };
+}
+
+function generateState() {
+	return randomBytes(32)
+		.toString('base64')
+		.replace(/\+/g, '-')
+		.replace(/\//g, '_')
+		.replace(/=/g, '');
+}
+
+async function openBrowser(url: string) {
+	const platform = process.platform;
+	let command: string;
+
+	switch (platform) {
+		case 'darwin':
+			command = `open "${url}"`;
+			break;
+		case 'win32':
+			command = `start "${url}"`;
+			break;
+		default:
+			command = `xdg-open "${url}"`;
+			break;
+	}
+
+	return new Promise<void>((resolve, reject) => {
+		const child = spawn(command, [], { shell: true });
+		child.on('error', reject);
+		child.on('exit', (code) => {
+			if (code === 0) resolve();
+			else reject(new Error(`Failed to open browser (exit code ${code})`));
+		});
+	});
+}
+
+export type OpenAIOAuthResult = {
+	url: string;
+	verifier: string;
+	waitForCallback: () => Promise<string>;
+	close: () => void;
+};
+
+export async function authorizeOpenAI(): Promise<OpenAIOAuthResult> {
+	const pkce = generatePKCE();
+	const state = generateState();
+	const redirectUri = `http://localhost:${OPENAI_CALLBACK_PORT}/auth/callback`;
+
+	const params = new URLSearchParams({
+		response_type: 'code',
+		client_id: OPENAI_CLIENT_ID,
+		redirect_uri: redirectUri,
+		scope: 'openid profile email offline_access',
+		code_challenge: pkce.challenge,
+		code_challenge_method: 'S256',
+		id_token_add_organizations: 'true',
+		codex_cli_simplified_flow: 'true',
+		state: state,
+	});
+
+	const authUrl = `${OPENAI_ISSUER}/oauth/authorize?${params.toString()}`;
+
+	let resolveCallback: (code: string) => void;
+	let rejectCallback: (error: Error) => void;
+	const callbackPromise = new Promise<string>((resolve, reject) => {
+		resolveCallback = resolve;
+		rejectCallback = reject;
+	});
+
+	const server = createServer((req, res) => {
+		const reqUrl = new URL(
+			req.url || '/',
+			`http://localhost:${OPENAI_CALLBACK_PORT}`,
+		);
+
+		if (reqUrl.pathname === '/auth/callback') {
+			const code = reqUrl.searchParams.get('code');
+			const returnedState = reqUrl.searchParams.get('state');
+			const error = reqUrl.searchParams.get('error');
+
+			if (error) {
+				res.writeHead(400, { 'Content-Type': 'text/html' });
+				res.end(
+					`<html><body><h1>Authentication Failed</h1><p>${error}</p></body></html>`,
+				);
+				rejectCallback(new Error(`OAuth error: ${error}`));
+				return;
+			}
+
+			if (returnedState !== state) {
+				res.writeHead(400, { 'Content-Type': 'text/html' });
+				res.end(
+					'<html><body><h1>Invalid State</h1><p>State mismatch. Please try again.</p></body></html>',
+				);
+				rejectCallback(new Error('State mismatch'));
+				return;
+			}
+
+			if (code) {
+				res.writeHead(200, { 'Content-Type': 'text/html' });
+				res.end(`
+					<html>
+					<head><title>AGI - Authentication Successful</title></head>
+					<body style="font-family: system-ui; text-align: center; padding: 50px;">
+						<h1>✅ Authentication Successful</h1>
+						<p>You can close this window and return to the terminal.</p>
+					</body>
+					</html>
+				`);
+				resolveCallback(code);
+			} else {
+				res.writeHead(400, { 'Content-Type': 'text/html' });
+				res.end('<html><body><h1>Missing Code</h1></body></html>');
+				rejectCallback(new Error('No authorization code received'));
+			}
+		} else {
+			res.writeHead(404);
+			res.end('Not found');
+		}
+	});
+
+	await new Promise<void>((resolve, reject) => {
+		server.on('error', (err: NodeJS.ErrnoException) => {
+			if (err.code === 'EADDRINUSE') {
+				reject(
+					new Error(
+						`Port ${OPENAI_CALLBACK_PORT} is already in use. Make sure no other OAuth flow is running (including the official Codex CLI).`,
+					),
+				);
+			} else {
+				reject(err);
+			}
+		});
+		server.listen(OPENAI_CALLBACK_PORT, '127.0.0.1', () => resolve());
+	});
+
+	return {
+		url: authUrl,
+		verifier: pkce.verifier,
+		waitForCallback: () => callbackPromise,
+		close: () => {
+			server.close();
+		},
+	};
+}
+
+export async function exchangeOpenAI(code: string, verifier: string) {
+	const redirectUri = `http://localhost:${OPENAI_CALLBACK_PORT}/auth/callback`;
+
+	const response = await fetch(`${OPENAI_ISSUER}/oauth/token`, {
+		method: 'POST',
+		headers: {
+			'Content-Type': 'application/x-www-form-urlencoded',
+		},
+		body: new URLSearchParams({
+			grant_type: 'authorization_code',
+			code,
+			redirect_uri: redirectUri,
+			client_id: OPENAI_CLIENT_ID,
+			code_verifier: verifier,
+		}).toString(),
+	});
+
+	if (!response.ok) {
+		const error = await response.text();
+		throw new Error(`Token exchange failed: ${error}`);
+	}
+
+	const json = (await response.json()) as {
+		id_token: string;
+		access_token: string;
+		refresh_token: string;
+		expires_in?: number;
+	};
+
+	let accountId: string | undefined;
+	try {
+		const payload = JSON.parse(
+			Buffer.from(json.access_token.split('.')[1], 'base64').toString(),
+		);
+		accountId = payload['https://api.openai.com/auth']?.chatgpt_account_id;
+	} catch {}
+
+	return {
+		idToken: json.id_token,
+		access: json.access_token,
+		refresh: json.refresh_token,
+		expires: Date.now() + (json.expires_in || 3600) * 1000,
+		accountId,
+	};
+}
+
+export async function refreshOpenAIToken(refreshToken: string) {
+	const response = await fetch(`${OPENAI_ISSUER}/oauth/token`, {
+		method: 'POST',
+		headers: {
+			'Content-Type': 'application/json',
+		},
+		body: JSON.stringify({
+			client_id: OPENAI_CLIENT_ID,
+			grant_type: 'refresh_token',
+			refresh_token: refreshToken,
+			scope: 'openid profile email',
+		}),
+	});
+
+	if (!response.ok) {
+		throw new Error('Failed to refresh OpenAI token');
+	}
+
+	const json = (await response.json()) as {
+		id_token?: string;
+		access_token?: string;
+		refresh_token?: string;
+		expires_in?: number;
+	};
+
+	return {
+		idToken: json.id_token,
+		access: json.access_token || '',
+		refresh: json.refresh_token || refreshToken,
+		expires: Date.now() + (json.expires_in || 3600) * 1000,
+	};
+}
+
+export async function openOpenAIAuthUrl(url: string) {
+	try {
+		await openBrowser(url);
+		return true;
+	} catch {
+		return false;
+	}
+}
+
+export async function obtainOpenAIApiKey(idToken: string): Promise<string> {
+	const response = await fetch(`${OPENAI_ISSUER}/oauth/token`, {
+		method: 'POST',
+		headers: {
+			'Content-Type': 'application/x-www-form-urlencoded',
+		},
+		body: new URLSearchParams({
+			grant_type: 'urn:ietf:params:oauth:grant-type:token-exchange',
+			client_id: OPENAI_CLIENT_ID,
+			requested_token: 'openai-api-key',
+			subject_token: idToken,
+			subject_token_type: 'urn:ietf:params:oauth:token-type:id_token',
+		}).toString(),
+	});
+
+	if (!response.ok) {
+		const error = await response.text();
+		throw new Error(`API key exchange failed: ${error}`);
+	}
+
+	const json = (await response.json()) as {
+		access_token: string;
+	};
+
+	return json.access_token;
+}

package/src/core/src/providers/resolver.ts

@@ -3,7 +3,12 @@ import { anthropic, createAnthropic } from '@ai-sdk/anthropic';
 import { google, createGoogleGenerativeAI } from '@ai-sdk/google';
 import { createOpenRouter } from '@openrouter/ai-sdk-provider';
 import { createOpenAICompatible } from '@ai-sdk/openai-compatible';
-import { catalog, createSolforgeModel } from '../../../providers/src/index.ts';
+import {
+	catalog,
+	createSolforgeModel,
+	createOpenAIOAuthModel,
+} from '../../../providers/src/index.ts';
+import type { OAuth } from '../../../types/src/index.ts';
 
 export type ProviderName =
 	| 'openai'
@@ -19,6 +24,8 @@ export type ModelConfig = {
 	apiKey?: string;
 	customFetch?: typeof fetch;
 	baseURL?: string;
+	oauth?: OAuth;
+	projectRoot?: string;
 };
 
 export async function resolveModel(
@@ -27,6 +34,19 @@ export async function resolveModel(
 	config: ModelConfig = {},
 ) {
 	if (provider === 'openai') {
+		if (config.oauth) {
+			return createOpenAIOAuthModel(model, {
+				oauth: config.oauth,
+				projectRoot: config.projectRoot,
+			});
+		}
+		if (config.customFetch) {
+			const instance = createOpenAI({
+				apiKey: config.apiKey || 'oauth-token',
+				fetch: config.customFetch,
+			});
+			return instance(model);
+		}
 		if (config.apiKey) {
 			const instance = createOpenAI({ apiKey: config.apiKey });
 			return instance(model);

package/src/core/src/tools/builtin/edit.ts

@@ -3,6 +3,7 @@ import { z } from 'zod';
 import { readFile, writeFile, access } from 'node:fs/promises';
 import { constants } from 'node:fs';
 import DESCRIPTION from './edit.txt' with { type: 'text' };
+import { createToolError, type ToolResponse } from '../error.ts';
 
 const replaceOp = z.object({
 	type: z.literal('replace'),
@@ -54,7 +55,9 @@ export const editTool: Tool = tool({
 		path: string;
 		ops: z.infer<typeof opSchema>[];
 		create?: boolean;
-	}) {
+	}): Promise<
+		ToolResponse<{ path: string; opsApplied: number; bytes: number }>
+	> {
 		let exists = false;
 		try {
 			await access(path, constants.F_OK);
@@ -62,7 +65,13 @@ export const editTool: Tool = tool({
 		} catch {}
 
 		if (!exists) {
-			if (!create) throw new Error(`File not found: ${path}`);
+			if (!create) {
+				return createToolError(`File not found: ${path}`, 'not_found', {
+					parameter: 'path',
+					value: path,
+					suggestion: 'Set create: true to create a new file',
+				});
+			}
 			await writeFile(path, '');
 		}
 		let text = await readFile(path, 'utf-8');
@@ -120,8 +129,16 @@ export const editTool: Tool = tool({
 					applied += 1;
 					continue;
 				}
-				if (!op.pattern)
-					throw new Error('insert requires pattern for before/after');
+				if (!op.pattern) {
+					return createToolError(
+						'insert requires pattern for before/after',
+						'validation',
+						{
+							parameter: 'pattern',
+							suggestion: 'Provide a pattern to anchor the insertion',
+						},
+					);
+				}
 				const idx = text.indexOf(op.pattern);
 				if (idx === -1) continue;
 				if (op.position === 'before')
@@ -147,6 +164,6 @@ export const editTool: Tool = tool({
 		}
 
 		await writeFile(path, text);
-		return { path, opsApplied: applied, bytes: text.length };
+		return { ok: true, path, opsApplied: applied, bytes: text.length };
 	},
 });

package/src/core/src/tools/builtin/finish.ts

@@ -1,11 +1,12 @@
 import { z } from 'zod';
 import { tool } from 'ai';
 import DESCRIPTION from './finish.txt' with { type: 'text' };
+import type { ToolResponse } from '../error.ts';
 
 export const finishTool = tool({
 	description: DESCRIPTION,
 	inputSchema: z.object({}),
-	async execute() {
-		return { done: true } as const;
+	async execute(): Promise<ToolResponse<{ done: true }>> {
+		return { ok: true, done: true };
 	},
 });

package/src/core/src/tools/builtin/fs/ls.ts

@@ -5,6 +5,7 @@ import { promisify } from 'node:util';
 import { expandTilde, isAbsoluteLike, resolveSafePath } from './util.ts';
 import DESCRIPTION from './ls.txt' with { type: 'text' };
 import { toIgnoredBasenames } from '../ignore.ts';
+import { createToolError, type ToolResponse } from '../../error.ts';
 
 const execAsync = promisify(exec);
 
@@ -25,7 +26,18 @@ export function buildLsTool(projectRoot: string): { name: string; tool: Tool } {
 				.optional()
 				.describe('List of directory names/globs to ignore'),
 		}),
-		async execute({ path, ignore }: { path: string; ignore?: string[] }) {
+		async execute({
+			path,
+			ignore,
+		}: {
+			path: string;
+			ignore?: string[];
+		}): Promise<
+			ToolResponse<{
+				path: string;
+				entries: Array<{ name: string; type: string }>;
+			}>
+		> {
 			const req = expandTilde(path || '.');
 			const abs = isAbsoluteLike(req)
 				? req
@@ -48,11 +60,19 @@ export function buildLsTool(projectRoot: string): { name: string; tool: Tool } {
 					.filter(
 						(entry) => !(entry.type === 'dir' && ignored.has(entry.name)),
 					);
-				return { path: req, entries };
+				return { ok: true, path: req, entries };
 			} catch (error: unknown) {
 				const err = error as { stderr?: string; stdout?: string };
 				const message = (err.stderr || err.stdout || 'ls failed').trim();
-				throw new Error(`ls failed for ${req}: ${message}`);
+				return createToolError(
+					`ls failed for ${req}: ${message}`,
+					'execution',
+					{
+						parameter: 'path',
+						value: req,
+						suggestion: 'Check if the directory exists and is accessible',
+					},
+				);
 			}
 		},
 	});

package/src/core/src/tools/builtin/fs/tree.ts

@@ -5,6 +5,7 @@ import { promisify } from 'node:util';
 import { expandTilde, isAbsoluteLike, resolveSafePath } from './util.ts';
 import DESCRIPTION from './tree.txt' with { type: 'text' };
 import { toIgnoredBasenames } from '../ignore.ts';
+import { createToolError, type ToolResponse } from '../../error.ts';
 
 const execAsync = promisify(exec);
 
@@ -38,7 +39,9 @@ export function buildTreeTool(projectRoot: string): {
 			path: string;
 			depth?: number;
 			ignore?: string[];
-		}) {
+		}): Promise<
+			ToolResponse<{ path: string; depth: number | null; tree: string }>
+		> {
 			const req = expandTilde(path || '.');
 			const start = isAbsoluteLike(req)
 				? req
@@ -59,11 +62,20 @@ export function buildTreeTool(projectRoot: string): {
 					maxBuffer: 10 * 1024 * 1024,
 				});
 				const output = stdout.trimEnd();
-				return { path: req, depth: depth ?? null, tree: output };
+				return { ok: true, path: req, depth: depth ?? null, tree: output };
 			} catch (error: unknown) {
 				const err = error as { stderr?: string; stdout?: string };
 				const message = (err.stderr || err.stdout || 'tree failed').trim();
-				throw new Error(`tree failed for ${req}: ${message}`);
+				return createToolError(
+					`tree failed for ${req}: ${message}`,
+					'execution',
+					{
+						parameter: 'path',
+						value: req,
+						suggestion:
+							'Check if the directory exists and tree command is installed',
+					},
+				);
 			}
 		},
 	});

package/src/core/src/tools/builtin/git.ts

@@ -5,6 +5,7 @@ import { promisify } from 'node:util';
 import GIT_STATUS_DESCRIPTION from './git.status.txt' with { type: 'text' };
 import GIT_DIFF_DESCRIPTION from './git.diff.txt' with { type: 'text' };
 import GIT_COMMIT_DESCRIPTION from './git.commit.txt' with { type: 'text' };
+import { createToolError, type ToolResponse } from '../error.ts';
 
 const execAsync = promisify(exec);
 
@@ -37,14 +38,13 @@ export function buildGitTools(
 	const git_status = tool({
 		description: GIT_STATUS_DESCRIPTION,
 		inputSchema: z.object({}).optional(),
-		async execute() {
+		async execute(): Promise<
+			ToolResponse<{ staged: number; unstaged: number; raw: string[] }>
+		> {
 			if (!(await inRepo())) {
-				return {
-					error: 'Not a git repository',
-					staged: 0,
-					unstaged: 0,
-					raw: [],
-				};
+				return createToolError('Not a git repository', 'not_found', {
+					suggestion: 'Initialize a git repository with git init',
+				});
 			}
 			const gitRoot = await findGitRoot();
 			const { stdout } = await execAsync(
@@ -63,6 +63,7 @@ export function buildGitTools(
 				if (isUntracked || y !== ' ') unstaged += 1;
 			}
 			return {
+				ok: true,
 				staged,
 				unstaged,
 				raw: lines.slice(0, 200),
@@ -73,9 +74,15 @@ export function buildGitTools(
 	const git_diff = tool({
 		description: GIT_DIFF_DESCRIPTION,
 		inputSchema: z.object({ all: z.boolean().optional().default(false) }),
-		async execute({ all }: { all?: boolean }) {
+		async execute({
+			all,
+		}: {
+			all?: boolean;
+		}): Promise<ToolResponse<{ all: boolean; patch: string }>> {
 			if (!(await inRepo())) {
-				return { error: 'Not a git repository', all: !!all, patch: '' };
+				return createToolError('Not a git repository', 'not_found', {
+					suggestion: 'Initialize a git repository with git init',
+				});
 			}
 			const gitRoot = await findGitRoot();
 			// When all=true, show full working tree diff relative to HEAD
@@ -86,7 +93,7 @@ export function buildGitTools(
 				: `git -C "${gitRoot}" diff --staged`;
 			const { stdout } = await execAsync(cmd, { maxBuffer: 10 * 1024 * 1024 });
 			const limited = stdout.split('\n').slice(0, 5000).join('\n');
-			return { all: !!all, patch: limited };
+			return { ok: true, all: !!all, patch: limited };
 		},
 	});
 
@@ -105,9 +112,11 @@ export function buildGitTools(
 			message: string;
 			amend?: boolean;
 			signoff?: boolean;
-		}) {
+		}): Promise<ToolResponse<{ result: string }>> {
 			if (!(await inRepo())) {
-				return { success: false, error: 'Not a git repository' };
+				return createToolError('Not a git repository', 'not_found', {
+					suggestion: 'Initialize a git repository with git init',
+				});
 			}
 			const gitRoot = await findGitRoot();
 			const args = [
@@ -122,11 +131,14 @@ export function buildGitTools(
 			if (signoff) args.push('--signoff');
 			try {
 				const { stdout } = await execAsync(args.join(' '));
-				return { result: stdout.trim() };
+				return { ok: true, result: stdout.trim() };
 			} catch (error: unknown) {
 				const err = error as { stderr?: string; message?: string };
 				const txt = err.stderr || err.message || 'git commit failed';
-				throw new Error(txt);
+				return createToolError(txt, 'execution', {
+					suggestion:
+						'Check if there are staged changes and the commit message is valid',
+				});
 			}
 		},
 	});

package/src/core/src/tools/builtin/glob.ts

@@ -5,6 +5,7 @@ import { join } from 'node:path';
 import { stat } from 'node:fs/promises';
 import DESCRIPTION from './glob.txt' with { type: 'text' };
 import { defaultIgnoreGlobs } from './ignore.ts';
+import { createToolError, type ToolResponse } from '../error.ts';
 
 function expandTilde(p: string) {
 	const home = process.env.HOME || process.env.USERPROFILE || '';
@@ -54,7 +55,14 @@ export function buildGlobTool(projectRoot: string): {
 			path?: string;
 			ignore?: string[];
 			limit?: number;
-		}) {
+		}): Promise<
+			ToolResponse<{
+				count: number;
+				total: number;
+				files: string[];
+				truncated: boolean;
+			}>
+		> {
 			const p = expandTilde(String(path || '.')).trim();
 			const isAbs = p.startsWith('/') || /^[A-Za-z]:[\\/]/.test(p);
 			const searchPath = p ? (isAbs ? p : join(projectRoot, p)) : projectRoot;
@@ -96,6 +104,7 @@ export function buildGlobTool(projectRoot: string): {
 				const limitedFiles = filesWithStats.slice(0, limit).map((f) => f.file);
 
 				return {
+					ok: true,
 					count: limitedFiles.length,
 					total: files.length,
 					files: limitedFiles,
@@ -103,12 +112,15 @@ export function buildGlobTool(projectRoot: string): {
 				};
 			} catch (error: unknown) {
 				const err = error as { message?: string };
-				return {
-					count: 0,
-					total: 0,
-					files: [],
-					error: `Glob search failed: ${err.message || String(error)}`,
-				};
+				return createToolError(
+					`Glob search failed: ${err.message || String(error)}`,
+					'execution',
+					{
+						parameter: 'pattern',
+						value: pattern,
+						suggestion: 'Check if the pattern syntax is valid',
+					},
+				);
 			}
 		},
 	});