@agi-cli/server 0.1.168 → 0.1.170

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@agi-cli/server",
-	"version": "0.1.168",
+	"version": "0.1.170",
 	"description": "HTTP API server for AGI CLI",
 	"type": "module",
 	"main": "./src/index.ts",
@@ -29,8 +29,8 @@
 		"typecheck": "tsc --noEmit"
 	},
 	"dependencies": {
-		"@agi-cli/sdk": "0.1.168",
-		"@agi-cli/database": "0.1.168",
+		"@agi-cli/sdk": "0.1.170",
+		"@agi-cli/database": "0.1.170",
 		"drizzle-orm": "^0.44.5",
 		"hono": "^4.9.9",
 		"zod": "^4.1.8"

package/src/routes/auth.ts

@@ -16,6 +16,8 @@ import {
 	exchangeWeb,
 	authorizeOpenAI,
 	exchangeOpenAI,
+	authorizeCopilot,
+	pollForCopilotTokenOnce,
 	type ProviderId,
 } from '@agi-cli/sdk';
 import { logger } from '@agi-cli/sdk';
@@ -26,6 +28,11 @@ const oauthVerifiers = new Map<
 	{ verifier: string; provider: string; createdAt: number; callbackUrl: string }
 >();
 
+const copilotDeviceSessions = new Map<
+	string,
+	{ deviceCode: string; interval: number; provider: string; createdAt: number }
+>();
+
 setInterval(() => {
 	const now = Date.now();
 	for (const [key, value] of oauthVerifiers.entries()) {
@@ -33,6 +40,11 @@ setInterval(() => {
 			oauthVerifiers.delete(key);
 		}
 	}
+	for (const [key, value] of copilotDeviceSessions.entries()) {
+		if (now - value.createdAt > 10 * 60 * 1000) {
+			copilotDeviceSessions.delete(key);
+		}
+	}
 }, 60 * 1000);
 
 export function registerAuthRoutes(app: Hono) {
@@ -67,7 +79,8 @@ export function registerAuthRoutes(app: Hono) {
 					configured: !!providerAuth,
 					type: providerAuth?.type,
 					label: entry.label || id,
-					supportsOAuth: id === 'anthropic' || id === 'openai',
+					supportsOAuth:
+						id === 'anthropic' || id === 'openai' || id === 'copilot',
 					modelCount: models.length,
 					costRange:
 						costs.length > 0
@@ -199,7 +212,12 @@ export function registerAuthRoutes(app: Hono) {
 					400,
 				);
 			} else {
-				return c.json({ error: 'OAuth not supported for this provider' }, 400);
+				return c.json(
+					{
+						error: `OAuth not supported for provider: ${provider}. Copilot uses device flow — use /v1/auth/copilot/device/start instead.`,
+					},
+					400,
+				);
 			}
 
 			const sessionId = crypto.randomUUID();
@@ -479,6 +497,69 @@ export function registerAuthRoutes(app: Hono) {
 		}
 	});
 
+	app.post('/v1/auth/copilot/device/start', async (c) => {
+		try {
+			const deviceData = await authorizeCopilot();
+			const sessionId = crypto.randomUUID();
+			copilotDeviceSessions.set(sessionId, {
+				deviceCode: deviceData.deviceCode,
+				interval: deviceData.interval,
+				provider: 'copilot',
+				createdAt: Date.now(),
+			});
+			return c.json({
+				sessionId,
+				userCode: deviceData.userCode,
+				verificationUri: deviceData.verificationUri,
+			});
+		} catch (error) {
+			const message =
+				error instanceof Error
+					? error.message
+					: 'Failed to start Copilot device flow';
+			logger.error('Copilot device flow start failed', error);
+			return c.json({ error: message }, 500);
+		}
+	});
+
+	app.post('/v1/auth/copilot/device/poll', async (c) => {
+		try {
+			const { sessionId } = await c.req.json<{ sessionId: string }>();
+			if (!sessionId || !copilotDeviceSessions.has(sessionId)) {
+				return c.json({ error: 'Session expired or invalid' }, 400);
+			}
+			const session = copilotDeviceSessions.get(sessionId)!;
+			const result = await pollForCopilotTokenOnce(session.deviceCode);
+			if (result.status === 'complete') {
+				copilotDeviceSessions.delete(sessionId);
+				await setAuth(
+					'copilot',
+					{
+						type: 'oauth',
+						refresh: result.accessToken,
+						access: result.accessToken,
+						expires: 0,
+					},
+					undefined,
+					'global',
+				);
+				return c.json({ status: 'complete' });
+			}
+			if (result.status === 'pending') {
+				return c.json({ status: 'pending' });
+			}
+			if (result.status === 'error') {
+				copilotDeviceSessions.delete(sessionId);
+				return c.json({ status: 'error', error: result.error });
+			}
+			return c.json({ status: 'pending' });
+		} catch (error) {
+			const message = error instanceof Error ? error.message : 'Poll failed';
+			logger.error('Copilot device poll failed', error);
+			return c.json({ error: message }, 500);
+		}
+	});
+
 	app.post('/v1/auth/onboarding/complete', async (c) => {
 		try {
 			await setOnboardingComplete();

package/src/routes/git/commit.ts

@@ -1,7 +1,7 @@
 import type { Hono } from 'hono';
 import { execFile } from 'node:child_process';
 import { promisify } from 'node:util';
-import { generateText } from 'ai';
+import { generateText, streamText } from 'ai';
 import { eq } from 'drizzle-orm';
 import type { ProviderId } from '@agi-cli/sdk';
 import { loadConfig, getAuth, getFastModelForAuth } from '@agi-cli/sdk';
@@ -10,7 +10,11 @@ import { sessions } from '@agi-cli/database/schema';
 import { gitCommitSchema, gitGenerateCommitMessageSchema } from './schemas.ts';
 import { validateAndGetGitRoot, parseGitStatus } from './utils.ts';
 import { resolveModel } from '../../runtime/provider/index.ts';
-import { getProviderSpoofPrompt } from '../../runtime/prompt/builder.ts';
+import { debugLog } from '../../runtime/debug/index.ts';
+import {
+	detectOAuth,
+	adaptSimpleCall,
+} from '../../runtime/provider/oauth-adapter.ts';
 
 const execFileAsync = promisify(execFile);
 
@@ -112,10 +116,7 @@ export function registerCommitRoutes(app: Hono) {
 			}
 
 			const auth = await getAuth(provider, config.projectRoot);
-			const needsSpoof = auth?.type === 'oauth';
-			const spoofPrompt = needsSpoof
-				? getProviderSpoofPrompt(provider)
-				: undefined;
+			const oauth = detectOAuth(provider, auth);
 
 			const modelId =
 				getFastModelForAuth(provider, auth?.type) ??
@@ -151,15 +152,37 @@ refactor(auth): return success status from login functions
 
 Commit message:`;
 
-			const systemPrompt = spoofPrompt
-				? spoofPrompt
-				: 'You are a helpful assistant that generates accurate git commit messages based on the actual diff content.';
+			const commitInstructions =
+				'You are a helpful assistant that generates accurate git commit messages based on the actual diff content.';
+
+			const adapted = adaptSimpleCall(oauth, {
+				instructions: commitInstructions,
+				userContent: userPrompt,
+				maxOutputTokens: 500,
+			});
+
+			if (adapted.forceStream) {
+				debugLog('[COMMIT] Using streamText for OpenAI OAuth');
+				const result = streamText({
+					model,
+					system: adapted.system,
+					messages: adapted.messages,
+					providerOptions: adapted.providerOptions,
+				});
+				let text = '';
+				for await (const chunk of result.textStream) {
+					text += chunk;
+				}
+				const message = text.trim();
+				debugLog(`[COMMIT] OAuth result: "${message.slice(0, 80)}..."`);
+				return c.json({ status: 'ok', data: { message } });
+			}
 
 			const { text } = await generateText({
 				model,
-				system: systemPrompt,
-				prompt: userPrompt,
-				maxOutputTokens: 500,
+				system: adapted.system,
+				messages: adapted.messages,
+				maxOutputTokens: adapted.maxOutputTokens,
 			});
 
 			const message = text.trim();

package/src/runtime/agent/runner-setup.ts

@@ -4,10 +4,7 @@ import { sessions } from '@agi-cli/database/schema';
 import { eq } from 'drizzle-orm';
 import { resolveModel } from '../provider/index.ts';
 import { resolveAgentConfig } from './registry.ts';
-import {
-	composeSystemPrompt,
-	getProviderSpoofPrompt,
-} from '../prompt/builder.ts';
+import { composeSystemPrompt } from '../prompt/builder.ts';
 import { discoverProjectTools } from '@agi-cli/sdk';
 import { adaptTools } from '../../tools/adapter.ts';
 import { buildDatabaseTools } from '../../tools/database/index.ts';
@@ -16,6 +13,7 @@ import { buildHistoryMessages } from '../message/history-builder.ts';
 import { getMaxOutputTokens } from '../utils/token.ts';
 import { setupToolContext } from '../tools/setup.ts';
 import { getCompactionSystemPrompt } from '../message/compaction.ts';
+import { detectOAuth, adaptRunnerCall } from '../provider/oauth-adapter.ts';
 import type { RunOpts } from '../session/queue.ts';
 import type { ToolAdapterContext } from '../../tools/adapter.ts';
 
@@ -87,67 +85,35 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 	const systemTimer = time('runner:composeSystemPrompt');
 	const { getAuth } = await import('@agi-cli/sdk');
 	const auth = await getAuth(opts.provider, cfg.projectRoot);
-	const needsSpoof = auth?.type === 'oauth';
-	const spoofPrompt = needsSpoof
-		? getProviderSpoofPrompt(opts.provider)
-		: undefined;
+	const oauth = detectOAuth(opts.provider, auth);
 
-	debugLog(`[RUNNER] needsSpoof (OAuth): ${needsSpoof}`);
 	debugLog(
-		`[RUNNER] spoofPrompt: ${spoofPrompt ? `present (${opts.provider})` : 'none'}`,
+		`[RUNNER] needsSpoof (OAuth): ${oauth.needsSpoof}, isOpenAIOAuth: ${oauth.isOpenAIOAuth}`,
+	);
+	debugLog(
+		`[RUNNER] spoofPrompt: ${oauth.spoofPrompt ? `present (${opts.provider})` : 'none'}`,
 	);
 
-	let system: string;
-	let systemComponents: string[] = [];
-	let oauthFullPromptComponents: string[] | undefined;
-	let additionalSystemMessages: Array<{
-		role: 'system' | 'user';
-		content: string;
-	}> = [];
-
-	if (spoofPrompt) {
-		system = spoofPrompt;
-		systemComponents = [`spoof:${opts.provider || 'unknown'}`];
-		const fullPrompt = await composeSystemPrompt({
-			provider: opts.provider,
-			model: opts.model,
-			projectRoot: cfg.projectRoot,
-			agentPrompt,
-			oneShot: opts.oneShot,
-			spoofPrompt: undefined,
-			includeProjectTree: isFirstMessage,
-			userContext: opts.userContext,
-			contextSummary,
-		});
-		oauthFullPromptComponents = fullPrompt.components;
+	const composed = await composeSystemPrompt({
+		provider: opts.provider,
+		model: opts.model,
+		projectRoot: cfg.projectRoot,
+		agentPrompt,
+		oneShot: opts.oneShot,
+		spoofPrompt: undefined,
+		includeProjectTree: isFirstMessage,
+		userContext: opts.userContext,
+		contextSummary,
+	});
 
-		additionalSystemMessages = [{ role: 'system', content: fullPrompt.prompt }];
+	const rawMaxOutputTokens = getMaxOutputTokens(opts.provider, opts.model);
+	const adapted = adaptRunnerCall(oauth, composed, {
+		provider: opts.provider,
+		rawMaxOutputTokens,
+	});
 
-		debugLog('[RUNNER] OAuth mode: additionalSystemMessages created');
-		const includesUserContext =
-			!!opts.userContext && fullPrompt.prompt.includes(opts.userContext);
-		debugLog(
-			`[system] oauth-full summary: ${JSON.stringify({
-				components: oauthFullPromptComponents ?? [],
-				length: fullPrompt.prompt.length,
-				includesUserContext,
-			})}`,
-		);
-	} else {
-		const composed = await composeSystemPrompt({
-			provider: opts.provider,
-			model: opts.model,
-			projectRoot: cfg.projectRoot,
-			agentPrompt,
-			oneShot: opts.oneShot,
-			spoofPrompt: undefined,
-			includeProjectTree: isFirstMessage,
-			userContext: opts.userContext,
-			contextSummary,
-		});
-		system = composed.prompt;
-		systemComponents = composed.components;
-	}
+	const { system } = adapted;
+	const { systemComponents, additionalSystemMessages } = adapted;
 	systemTimer.end();
 	debugLog(
 		`[system] summary: ${JSON.stringify({
@@ -173,7 +139,6 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 	const allTools = await discoverProjectTools(cfg.projectRoot);
 
 	if (opts.agent === 'research') {
-		// Get parent session ID for research sessions
 		const currentSession = sessionRows[0];
 		const parentSessionId = currentSession?.parentSessionId ?? null;
 
@@ -194,12 +159,7 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 	debugLog(`[RUNNER] About to create model with provider: ${opts.provider}`);
 	debugLog(`[RUNNER] About to create model ID: ${opts.model}`);
 
-	const oauthSystemPrompt =
-		needsSpoof && opts.provider === 'openai' && additionalSystemMessages[0]
-			? additionalSystemMessages[0].content
-			: undefined;
 	const model = await resolveModel(opts.provider, opts.model, cfg, {
-		systemPrompt: oauthSystemPrompt,
 		sessionId: opts.sessionId,
 		messageId: opts.assistantMessageId,
 	});
@@ -207,7 +167,7 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 		`[RUNNER] Model created: ${JSON.stringify({ id: model.modelId, provider: model.provider })}`,
 	);
 
-	const maxOutputTokens = getMaxOutputTokens(opts.provider, opts.model);
+	const maxOutputTokens = adapted.maxOutputTokens;
 	debugLog(`[RUNNER] maxOutputTokens for ${opts.model}: ${maxOutputTokens}`);
 
 	const { sharedCtx, firstToolTimer, firstToolSeen } = await setupToolContext(
@@ -219,7 +179,7 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 	const authType = providerAuth?.type;
 	const toolset = adaptTools(gated, sharedCtx, opts.provider, authType);
 
-	const providerOptions: Record<string, unknown> = {};
+	const providerOptions = { ...adapted.providerOptions };
 	let effectiveMaxOutputTokens = maxOutputTokens;
 
 	if (opts.reasoningText) {
@@ -237,6 +197,7 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 			}
 		} else if (underlyingProvider === 'openai') {
 			providerOptions.openai = {
+				...((providerOptions.openai as Record<string, unknown>) || {}),
 				reasoningEffort: 'high',
 				reasoningSummary: 'auto',
 			};
@@ -267,7 +228,7 @@ export async function setupRunner(opts: RunOpts): Promise<SetupResult> {
 		firstToolTimer,
 		firstToolSeen,
 		providerOptions,
-		needsSpoof,
+		needsSpoof: oauth.needsSpoof,
 	};
 }
 

package/src/runtime/errors/handling.ts

@@ -48,6 +48,9 @@ export function toErrorPayload(err: unknown): ErrorPayload {
 				if (parsed.error?.type) {
 					details.apiErrorType = parsed.error.type;
 				}
+				if (parsed.error?.code) {
+					details.apiErrorCode = parsed.error.code;
+				}
 			} catch {}
 		}
 

package/src/runtime/message/compaction-auto.ts

@@ -4,13 +4,13 @@ import { eq } from 'drizzle-orm';
 import { streamText } from 'ai';
 import { resolveModel } from '../provider/index.ts';
 import { getAuth } from '@agi-cli/sdk';
-import { getProviderSpoofPrompt } from '../prompt/builder.ts';
 import { loadConfig } from '@agi-cli/sdk';
 import { debugLog } from '../debug/index.ts';
 import { getModelLimits } from './compaction-limits.ts';
 import { buildCompactionContext } from './compaction-context.ts';
 import { getCompactionSystemPrompt } from './compaction-detect.ts';
 import { markSessionCompacted } from './compaction-mark.ts';
+import { detectOAuth, adaptSimpleCall } from '../provider/oauth-adapter.ts';
 
 export async function performAutoCompaction(
 	db: Awaited<ReturnType<typeof getDb>>,
@@ -56,24 +56,13 @@ export async function performAutoCompaction(
 		);
 
 		const auth = await getAuth(
-			provider as
-				| 'anthropic'
-				| 'openai'
-				| 'google'
-				| 'openrouter'
-				| 'opencode'
-				| 'setu'
-				| 'zai'
-				| 'zai-coding',
+			provider as Parameters<typeof getAuth>[0],
 			cfg.projectRoot,
 		);
-		const needsSpoof = auth?.type === 'oauth';
-		const spoofPrompt = needsSpoof
-			? getProviderSpoofPrompt(provider as 'anthropic' | 'openai')
-			: undefined;
+		const oauth = detectOAuth(provider, auth);
 
 		debugLog(
-			`[compaction] OAuth mode: ${needsSpoof}, spoof: ${spoofPrompt ? 'yes' : 'no'}`,
+			`[compaction] OAuth: needsSpoof=${oauth.needsSpoof}, isOpenAIOAuth=${oauth.isOpenAIOAuth}`,
 		);
 
 		const model = await resolveModel(
@@ -83,10 +72,13 @@ export async function performAutoCompaction(
 		);
 
 		const compactionPrompt = getCompactionSystemPrompt();
-		const systemPrompt = spoofPrompt ? spoofPrompt : compactionPrompt;
-		const userInstructions = spoofPrompt
-			? `${compactionPrompt}\n\nIMPORTANT: Generate a comprehensive summary. This will replace the detailed conversation history.`
-			: 'IMPORTANT: Generate a comprehensive summary. This will replace the detailed conversation history.';
+		const userContent = `IMPORTANT: Generate a comprehensive summary. This will replace the detailed conversation history.\n\nPlease summarize this conversation:\n\n<conversation-to-summarize>\n${context}\n</conversation-to-summarize>`;
+
+		const adapted = adaptSimpleCall(oauth, {
+			instructions: compactionPrompt,
+			userContent,
+			maxOutputTokens: 2000,
+		});
 
 		const compactPartId = crypto.randomUUID();
 		const now = Date.now();
@@ -106,14 +98,10 @@ export async function performAutoCompaction(
 
 		const result = streamText({
 			model,
-			system: systemPrompt,
-			messages: [
-				{
-					role: 'user',
-					content: `${userInstructions}\n\nPlease summarize this conversation:\n\n<conversation-to-summarize>\n${context}\n</conversation-to-summarize>`,
-				},
-			],
-			maxOutputTokens: 2000,
+			system: adapted.system,
+			messages: adapted.messages,
+			maxOutputTokens: adapted.maxOutputTokens,
+			providerOptions: adapted.providerOptions,
 		});
 
 		let summary = '';

package/src/runtime/message/service.ts

@@ -10,6 +10,7 @@ import { resolveModel } from '../provider/index.ts';
 import { getFastModelForAuth, type ProviderId } from '@agi-cli/sdk';
 import { debugLog } from '../debug/index.ts';
 import { isCompactCommand, buildCompactionContext } from './compaction.ts';
+import { detectOAuth, adaptSimpleCall } from '../provider/oauth-adapter.ts';
 
 type SessionRow = typeof sessions.$inferSelect;
 
@@ -52,7 +53,6 @@ export async function dispatchAssistantMessage(
 		files,
 	} = options;
 
-	// DEBUG: Log userContext in dispatch
 	debugLog(
 		`[MESSAGE_SERVICE] dispatchAssistantMessage called with userContext: ${userContext ? `${userContext.substring(0, 50)}...` : 'NONE'}`,
 	);
@@ -144,12 +144,10 @@ export async function dispatchAssistantMessage(
 		payload: { id: assistantMessageId, role: 'assistant' },
 	});
 
-	// DEBUG: Log before enqueue
 	debugLog(
 		`[MESSAGE_SERVICE] Enqueuing assistant run with userContext: ${userContext ? `${userContext.substring(0, 50)}...` : 'NONE'}`,
 	);
 
-	// Detect /compact command and build context with model-aware limits
 	const isCompact = isCompactCommand(content);
 	let compactionContext: string | undefined;
 
@@ -157,7 +155,6 @@ export async function dispatchAssistantMessage(
 		debugLog('[MESSAGE_SERVICE] Detected /compact command, building context');
 		const { getModelLimits } = await import('./compaction.ts');
 		const limits = getModelLimits(provider, model);
-		// Use 50% of context window for compaction, minimum 15k tokens
 		const contextTokenLimit = limits
 			? Math.max(Math.floor(limits.context * 0.5), 15000)
 			: 15000;
@@ -171,7 +168,6 @@ export async function dispatchAssistantMessage(
 		);
 	}
 
-	// Read tool approval mode from config
 	const toolApprovalMode = cfg.defaults.toolApproval ?? 'auto';
 
 	enqueueAssistantRun(
@@ -289,19 +285,15 @@ async function generateSessionTitle(args: {
 		debugLog(`[TITLE_GEN] Provider: ${provider}, Model: ${modelName}`);
 
 		const { getAuth } = await import('@agi-cli/sdk');
-		const { getProviderSpoofPrompt } = await import('../prompt/builder.ts');
 		const auth = await getAuth(provider, cfg.projectRoot);
-		const needsSpoof = auth?.type === 'oauth';
-		const spoofPrompt = needsSpoof
-			? getProviderSpoofPrompt(provider)
-			: undefined;
+		const oauth = detectOAuth(provider, auth);
 
 		const titleModel = getFastModelForAuth(provider, auth?.type) ?? modelName;
 		debugLog(`[TITLE_GEN] Using title model: ${titleModel}`);
 		const model = await resolveModel(provider, titleModel, cfg);
 
 		debugLog(
-			`[TITLE_GEN] needsSpoof: ${needsSpoof}, spoofPrompt: ${spoofPrompt || 'NONE'}`,
+			`[TITLE_GEN] oauth: needsSpoof=${oauth.needsSpoof}, isOpenAIOAuth=${oauth.isOpenAIOAuth}`,
 		);
 
 		const promptText = String(content ?? '').slice(0, 2000);
@@ -313,63 +305,23 @@ Examples: "Fix TypeScript build errors", "Add dark mode toggle", "Refactor auth
 
 Output ONLY the title, nothing else.`;
 
-		const userMessageWithTags = `<task>
-${titleInstructions}
-</task>
-
-<user-message>
-${promptText}
-</user-message>`;
-
-		// Build system prompt and messages
-		// For OAuth: Keep spoof pure, add instructions to user message
-		// For API key: Use instructions as system
-		let system: string;
-		let messagesArray: Array<{ role: 'user'; content: string }>;
-
-		if (spoofPrompt) {
-			// OAuth mode: spoof stays pure, instructions go in user message
-			system = spoofPrompt;
-			messagesArray = [
-				{
-					role: 'user',
-					content: userMessageWithTags,
-				},
-			];
-
-			debugLog(
-				`[TITLE_GEN] Using OAuth mode (prompts: spoof:${provider}, title-generator, user-request)`,
-			);
-			debugLog(
-				`[TITLE_GEN] User content preview: ${promptText.substring(0, 100)}...`,
-			);
-		} else {
-			// API key mode: normal flow
-			system = titleInstructions;
-			messagesArray = [
-				{
-					role: 'user',
-					content: `<user-message>\n${promptText}\n</user-message>`,
-				},
-			];
+		const adapted = adaptSimpleCall(oauth, {
+			instructions: titleInstructions,
+			userContent: promptText,
+		});
 
-			debugLog(
-				`[TITLE_GEN] Using API key mode (prompts: title-generator, user-request)`,
-			);
-			debugLog(
-				`[TITLE_GEN] User content preview: ${promptText.substring(0, 100)}...`,
-			);
-		}
+		debugLog(
+			`[TITLE_GEN] mode=${adapted.forceStream ? 'openai-oauth' : oauth.needsSpoof ? 'spoof' : 'api-key'}`,
+		);
 
 		let modelTitle = '';
 		try {
-			// ChatGPT backend requires streaming - use streamText for OAuth
-			if (needsSpoof) {
-				debugLog('[TITLE_GEN] Using streamText for OAuth...');
+			if (adapted.forceStream || oauth.needsSpoof) {
 				const result = streamText({
 					model,
-					system,
-					messages: messagesArray,
+					system: adapted.system,
+					messages: adapted.messages,
+					providerOptions: adapted.providerOptions,
 				});
 				for await (const chunk of result.textStream) {
 					modelTitle += chunk;
@@ -379,8 +331,8 @@ ${promptText}
 				debugLog('[TITLE_GEN] Using generateText...');
 				const out = await generateText({
 					model,
-					system,
-					messages: messagesArray,
+					system: adapted.system,
+					messages: adapted.messages,
 				});
 				modelTitle = (out?.text || '').trim();
 			}

package/src/runtime/provider/copilot.ts

@@ -0,0 +1,12 @@
+import { getAuth, createCopilotModel } from '@agi-cli/sdk';
+import type { AGIConfig } from '@agi-cli/sdk';
+
+export async function resolveCopilotModel(model: string, cfg: AGIConfig) {
+	const auth = await getAuth('copilot', cfg.projectRoot);
+	if (auth?.type === 'oauth') {
+		return createCopilotModel(model, { oauth: auth });
+	}
+	throw new Error(
+		'Copilot provider requires OAuth. Run `agi auth login copilot`.',
+	);
+}

package/src/runtime/provider/index.ts

@@ -7,6 +7,7 @@ import { resolveSetuModel, type ResolveSetuModelOptions } from './setu.ts';
 import { getZaiInstance, getZaiCodingInstance } from './zai.ts';
 import { resolveOpencodeModel } from './opencode.ts';
 import { getMoonshotInstance } from './moonshot.ts';
+import { resolveCopilotModel } from './copilot.ts';
 
 export type ProviderName = ProviderId;
 
@@ -22,9 +23,7 @@ export async function resolveModel(
 	},
 ) {
 	if (provider === 'openai') {
-		return resolveOpenAIModel(model, cfg, {
-			systemPrompt: options?.systemPrompt,
-		});
+		return resolveOpenAIModel(model, cfg);
 	}
 	if (provider === 'anthropic') {
 		const instance = await getAnthropicInstance(cfg);
@@ -39,6 +38,9 @@ export async function resolveModel(
 	if (provider === 'opencode') {
 		return resolveOpencodeModel(model, cfg);
 	}
+	if (provider === 'copilot') {
+		return resolveCopilotModel(model, cfg);
+	}
 	if (provider === 'setu') {
 		return await resolveSetuModel(model, options?.sessionId, {
 			messageId: options?.messageId,

package/src/runtime/provider/oauth-adapter.ts

@@ -0,0 +1,237 @@
+/**
+ * OAuth Provider Adapter
+ *
+ * Consolidates all OAuth-specific LLM call adaptations into one place.
+ * Each OAuth provider has quirks (no system prompt, must stream, needs
+ * spoof prompt, special providerOptions, etc.). Instead of duplicating
+ * that branching logic across every callsite (title gen, compaction,
+ * commit, runner), this module exposes two layers:
+ *
+ * ## Layer 1 — Detection (`detectOAuth`)
+ *   Examines provider + auth and returns an `OAuthContext` describing
+ *   what adaptations are needed. Used by ALL callsites (simple + complex).
+ *
+ * ## Layer 2 — Simple call adaptation (`adaptSimpleCall`)
+ *   For single-shot LLM calls (title gen, compaction, commit) that follow
+ *   the pattern: system + user message → text result.
+ *   Returns a ready-to-spread `AdaptedLLMCall` object.
+ *
+ * ## Adding a new OAuth provider
+ *   1. Add detection branch in `detectOAuth()`
+ *   2. Add adaptation branch in `adaptSimpleCall()`
+ *   3. If the provider needs a custom fetch wrapper, add it under
+ *      `packages/sdk/src/providers/src/<provider>-oauth-client.ts`
+ *   4. Zero changes needed at any callsite.
+ *
+ * ## Architecture
+ *
+ * ```
+ *   callsite (commit.ts, service.ts, compaction-auto.ts, runner-setup.ts)
+ *       │
+ *       ├─ detectOAuth(provider, auth)  →  OAuthContext
+ *       │
+ *       ├─ adaptSimpleCall(ctx, input)  →  AdaptedLLMCall  (title, commit, compaction)
+ *       │
+ *       └─ adaptRunnerCall(ctx, composed, opts)  →  AdaptedRunnerSetup  (main chat)
+ *              │
+ *              ├─ OpenAI OAuth (Codex):  no system, inline instructions,
+ *              │     providerOptions.openai.store=false, forceStream=true
+ *              │
+ *              ├─ Anthropic OAuth:  spoofPrompt as system, instructions
+ *              │     folded into user message, normal maxOutputTokens
+ *              │
+ *              └─ API key (default):  system=instructions, plain user msg
+ * ```
+ */
+import { getProviderSpoofPrompt } from '../prompt/builder.ts';
+import type { SharedV3ProviderOptions } from '@ai-sdk/provider';
+
+export type OAuthContext = {
+	isOAuth: boolean;
+	needsSpoof: boolean;
+	isOpenAIOAuth: boolean;
+	spoofPrompt: string | undefined;
+};
+
+/**
+ * Detect OAuth mode for a provider and return flags describing
+ * what adaptations are needed. This replaces the 4-line pattern
+ * that was previously copy-pasted at every callsite:
+ *
+ *   const isOAuth = auth?.type === 'oauth';
+ *   const needsSpoof = isOAuth && provider === 'anthropic';
+ *   const isOpenAIOAuth = isOAuth && provider === 'openai';
+ *   const spoofPrompt = needsSpoof ? getProviderSpoofPrompt(...) : undefined;
+ */
+export function detectOAuth(
+	provider: string,
+	auth: { type: string } | null | undefined,
+): OAuthContext {
+	const isOAuth = auth?.type === 'oauth';
+	const needsSpoof = !!isOAuth && provider === 'anthropic';
+	const isCopilot = provider === 'copilot';
+	return {
+		isOAuth: !!isOAuth || isCopilot,
+		needsSpoof,
+		isOpenAIOAuth: (!!isOAuth && provider === 'openai') || isCopilot,
+		spoofPrompt: needsSpoof ? getProviderSpoofPrompt(provider) : undefined,
+	};
+}
+
+/**
+ * Build OpenAI Codex-specific providerOptions.
+ * Codex requires `store: false` and passes the system prompt via
+ * `instructions` instead of the normal `system` field.
+ *
+ * Used directly by runner-setup.ts (complex flow) and indirectly
+ * by adaptSimpleCall (simple flows).
+ */
+export function buildCodexProviderOptions(instructions: string) {
+	return {
+		openai: { store: false as const, instructions },
+	};
+}
+
+export type AdaptedLLMCall = {
+	system?: string;
+	messages: Array<{ role: 'user'; content: string }>;
+	maxOutputTokens?: number;
+	providerOptions?: SharedV3ProviderOptions;
+	forceStream: boolean;
+};
+
+/**
+ * Adapt a simple (single-shot) LLM call for the current OAuth context.
+ *
+ * Takes raw `instructions` (what would normally be the system prompt) and
+ * `userContent`, then returns the correct shape for the provider:
+ *
+ * - **OpenAI OAuth (Codex)**: no system prompt, instructions baked into
+ *   user message AND providerOptions.openai.instructions, forceStream=true,
+ *   no maxOutputTokens (Codex doesn't support it).
+ *
+ * - **Anthropic OAuth**: spoof prompt as system, real instructions folded
+ *   into user message, normal maxOutputTokens.
+ *
+ * - **API key (default)**: instructions as system, plain user message,
+ *   normal maxOutputTokens.
+ *
+ * Callsites just spread the result into streamText/generateText:
+ * ```ts
+ * const adapted = adaptSimpleCall(oauth, { instructions, userContent });
+ * const result = streamText({ model, ...adapted }); // almost — see forceStream
+ * ```
+ */
+export function adaptSimpleCall(
+	ctx: OAuthContext,
+	input: {
+		instructions: string;
+		userContent: string;
+		maxOutputTokens?: number;
+	},
+): AdaptedLLMCall {
+	if (ctx.isOpenAIOAuth) {
+		return {
+			messages: [
+				{
+					role: 'user',
+					content: `${input.instructions}\n\n${input.userContent}`,
+				},
+			],
+			providerOptions: buildCodexProviderOptions(input.instructions),
+			forceStream: true,
+		};
+	}
+
+	if (ctx.needsSpoof && ctx.spoofPrompt) {
+		return {
+			system: ctx.spoofPrompt,
+			messages: [
+				{
+					role: 'user',
+					content: `${input.instructions}\n\n${input.userContent}`,
+				},
+			],
+			maxOutputTokens: input.maxOutputTokens,
+			forceStream: false,
+		};
+	}
+
+	return {
+		system: input.instructions,
+		messages: [{ role: 'user', content: input.userContent }],
+		maxOutputTokens: input.maxOutputTokens,
+		forceStream: false,
+	};
+}
+
+export type AdaptedRunnerSetup = {
+	system: string;
+	systemComponents: string[];
+	additionalSystemMessages: Array<{
+		role: 'system' | 'user';
+		content: string;
+	}>;
+	maxOutputTokens: number | undefined;
+	providerOptions: SharedV3ProviderOptions;
+};
+
+/**
+ * Adapt the main chat runner's system prompt placement, maxOutputTokens,
+ * and providerOptions based on the OAuth context.
+ *
+ * Unlike `adaptSimpleCall` (which builds the full message), this only
+ * decides WHERE the already-composed system prompt goes:
+ *
+ * - **OpenAI OAuth (Codex)**: system='', composed prompt sent as a user
+ *   message in additionalSystemMessages, providerOptions with store=false
+ *   + instructions, maxOutputTokens stripped.
+ *
+ * - **Anthropic OAuth**: spoof prompt as system, composed prompt sent as
+ *   an additional system message. Normal maxOutputTokens.
+ *
+ * - **API key (default)**: composed prompt IS the system prompt directly.
+ *   No additional messages needed.
+ *
+ * ```ts
+ * const composed = await composeSystemPrompt({ ... });
+ * const adapted = adaptRunnerCall(oauth, composed, { provider, rawMaxOutputTokens });
+ * // adapted.system, adapted.additionalSystemMessages, adapted.providerOptions ready to use
+ * ```
+ */
+export function adaptRunnerCall(
+	ctx: OAuthContext,
+	composed: { prompt: string; components: string[] },
+	opts: {
+		provider: string;
+		rawMaxOutputTokens: number | undefined;
+	},
+): AdaptedRunnerSetup {
+	if (ctx.spoofPrompt) {
+		return {
+			system: ctx.spoofPrompt,
+			systemComponents: [`spoof:${opts.provider || 'unknown'}`],
+			additionalSystemMessages: [{ role: 'system', content: composed.prompt }],
+			maxOutputTokens: opts.rawMaxOutputTokens,
+			providerOptions: {},
+		};
+	}
+
+	if (ctx.isOpenAIOAuth) {
+		return {
+			system: '',
+			systemComponents: composed.components,
+			additionalSystemMessages: [{ role: 'user', content: composed.prompt }],
+			maxOutputTokens: undefined,
+			providerOptions: buildCodexProviderOptions(composed.prompt),
+		};
+	}
+
+	return {
+		system: composed.prompt,
+		systemComponents: composed.components,
+		additionalSystemMessages: [],
+		maxOutputTokens: opts.rawMaxOutputTokens,
+		providerOptions: {},
+	};
+}

package/src/runtime/provider/openai.ts

@@ -2,22 +2,12 @@ import type { AGIConfig } from '@agi-cli/sdk';
 import { getAuth, createOpenAIOAuthModel } from '@agi-cli/sdk';
 import { openai, createOpenAI } from '@ai-sdk/openai';
 
-export async function resolveOpenAIModel(
-	model: string,
-	cfg: AGIConfig,
-	options?: {
-		systemPrompt?: string;
-	},
-) {
+export async function resolveOpenAIModel(model: string, cfg: AGIConfig) {
 	const auth = await getAuth('openai', cfg.projectRoot);
 	if (auth?.type === 'oauth') {
-		const isCodexModel = model.toLowerCase().includes('codex');
 		return createOpenAIOAuthModel(model, {
 			oauth: auth,
 			projectRoot: cfg.projectRoot,
-			reasoningEffort: isCodexModel ? 'high' : 'medium',
-			reasoningSummary: 'auto',
-			instructions: options?.systemPrompt,
 		});
 	}
 	if (auth?.type === 'api' && auth.key) {