npm - @aryee337/aery-ai - Versions diffs - 0.2.27 → 0.2.29 - Mend

@aryee337/aery-ai 0.2.27 → 0.2.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (417) hide show

package/CHANGELOG.md +2914 -0
package/README.md +614 -813
package/package.json +140 -105
package/src/api-registry.ts +96 -0
package/src/auth-broker/client.ts +358 -0
package/src/auth-broker/index.ts +5 -0
package/src/auth-broker/refresher.ts +117 -0
package/src/auth-broker/remote-store.ts +623 -0
package/src/auth-broker/server.ts +644 -0
package/src/auth-broker/types.ts +127 -0
package/src/auth-broker/wire-schemas.ts +200 -0
package/src/auth-gateway/http.ts +194 -0
package/src/auth-gateway/index.ts +3 -0
package/src/auth-gateway/server.ts +818 -0
package/src/auth-gateway/types.ts +143 -0
package/src/auth-storage.ts +4422 -0
package/src/index.ts +54 -0
package/src/model-cache.ts +129 -0
package/src/model-manager.ts +469 -0
package/src/model-thinking.ts +782 -0
package/src/models.json +83530 -0
package/src/models.json.d.ts +9 -0
package/src/models.ts +56 -0
package/src/prompts/turn-aborted-guidance.md +4 -0
package/src/provider-details.ts +90 -0
package/src/provider-models/bundled-references.ts +38 -0
package/src/provider-models/descriptors.ts +355 -0
package/src/provider-models/google.ts +88 -0
package/src/provider-models/index.ts +5 -0
package/src/provider-models/ollama.ts +153 -0
package/src/provider-models/openai-compat.ts +2817 -0
package/src/provider-models/special.ts +67 -0
package/src/providers/aery-native-client.ts +228 -0
package/src/providers/aery-native-server.ts +212 -0
package/src/providers/amazon-bedrock.ts +873 -0
package/src/providers/anthropic-client.ts +318 -0
package/src/providers/anthropic-messages-server-schema.ts +243 -0
package/src/providers/anthropic-messages-server.ts +683 -0
package/src/providers/anthropic-wire.ts +268 -0
package/src/providers/anthropic.ts +3094 -0
package/src/providers/aws-credentials.ts +501 -0
package/src/providers/aws-eventstream.ts +185 -0
package/src/providers/aws-sigv4.ts +218 -0
package/src/providers/azure-openai-responses.ts +361 -0
package/src/providers/cursor/gen/agent_pb.ts +15274 -0
package/src/providers/cursor/proto/agent.proto +3526 -0
package/src/providers/cursor/proto/buf.gen.yaml +6 -0
package/src/providers/cursor/proto/buf.yaml +17 -0
package/src/providers/cursor.ts +2621 -0
package/src/providers/error-message.ts +21 -0
package/src/providers/github-copilot-headers.ts +140 -0
package/src/providers/gitlab-duo.ts +372 -0
package/src/providers/google-auth.ts +252 -0
package/src/providers/google-gemini-cli.ts +809 -0
package/src/providers/google-gemini-headers.ts +41 -0
package/src/providers/google-shared.ts +917 -0
package/src/providers/google-types.ts +167 -0
package/src/providers/google-vertex.ts +91 -0
package/src/providers/google.ts +41 -0
package/src/providers/grammar.ts +70 -0
package/src/providers/kimi.ts +52 -0
package/src/providers/mock.ts +496 -0
package/src/providers/ollama.ts +644 -0
package/src/providers/openai-anthropic-shim.ts +138 -0
package/src/providers/openai-chat-server-schema.ts +252 -0
package/src/providers/openai-chat-server.ts +647 -0
package/src/providers/openai-codex/constants.ts +43 -0
package/src/providers/openai-codex/request-transformer.ts +161 -0
package/src/providers/openai-codex/response-handler.ts +81 -0
package/src/providers/openai-codex-responses.ts +3018 -0
package/src/providers/openai-completions-compat.ts +300 -0
package/src/providers/openai-completions.ts +1979 -0
package/src/providers/openai-responses-server-schema.ts +290 -0
package/src/providers/openai-responses-server.ts +1183 -0
package/src/providers/openai-responses-shared.ts +873 -0
package/src/providers/openai-responses.ts +679 -0
package/src/providers/register-builtins.ts +436 -0
package/src/providers/synthetic.ts +50 -0
package/src/providers/transform-messages.ts +382 -0
package/src/providers/vision-guard.ts +31 -0
package/src/providers/xai-responses.ts +82 -0
package/src/rate-limit-utils.ts +84 -0
package/src/stream.ts +1065 -0
package/src/types.ts +944 -0
package/src/usage/claude.ts +482 -0
package/src/usage/gemini.ts +250 -0
package/src/usage/github-copilot.ts +421 -0
package/src/usage/google-antigravity.ts +201 -0
package/src/usage/kimi.ts +271 -0
package/src/usage/minimax-code.ts +31 -0
package/src/usage/openai-codex.ts +503 -0
package/src/usage/shared.ts +10 -0
package/src/usage/zai.ts +247 -0
package/src/usage.ts +185 -0
package/src/utils/abort.ts +51 -0
package/src/utils/abortable-iterator.ts +69 -0
package/src/utils/anthropic-auth.ts +93 -0
package/src/utils/discovery/antigravity.ts +261 -0
package/src/utils/discovery/codex.ts +371 -0
package/src/utils/discovery/cursor.ts +306 -0
package/src/utils/discovery/gemini.ts +248 -0
package/src/utils/discovery/index.ts +4 -0
package/src/utils/discovery/openai-compatible.ts +224 -0
package/src/utils/event-stream.ts +142 -0
package/src/utils/fireworks-model-id.ts +30 -0
package/src/utils/foundry.ts +8 -0
package/src/utils/http-inspector.ts +176 -0
package/src/utils/idle-iterator.ts +267 -0
package/src/utils/json-parse.ts +182 -0
package/src/utils/oauth/__tests__/xai-oauth.test.ts +107 -0
package/src/utils/oauth/alibaba-coding-plan.ts +59 -0
package/src/utils/oauth/anthropic.ts +273 -0
package/src/utils/oauth/api-key-login.ts +87 -0
package/src/utils/oauth/api-key-validation.ts +92 -0
package/src/utils/oauth/callback-server.ts +276 -0
package/src/utils/oauth/cerebras.ts +16 -0
package/src/utils/oauth/cloudflare-ai-gateway.ts +48 -0
package/src/utils/oauth/cursor.ts +157 -0
package/src/utils/oauth/deepseek.ts +53 -0
package/src/utils/oauth/firepass.ts +24 -0
package/src/utils/oauth/fireworks.ts +15 -0
package/src/utils/oauth/github-copilot.ts +362 -0
package/src/utils/oauth/gitlab-duo.ts +123 -0
package/src/utils/oauth/google-antigravity.ts +200 -0
package/src/utils/oauth/google-gemini-cli.ts +256 -0
package/src/utils/oauth/google-oauth-shared.ts +110 -0
package/src/utils/oauth/huggingface.ts +62 -0
package/src/utils/oauth/index.ts +484 -0
package/src/utils/oauth/kagi.ts +47 -0
package/src/utils/oauth/kilo.ts +87 -0
package/src/utils/oauth/kimi.ts +254 -0
package/src/utils/oauth/litellm.ts +47 -0
package/src/utils/oauth/lm-studio.ts +38 -0
package/src/utils/oauth/minimax-code.ts +78 -0
package/src/utils/oauth/moonshot.ts +23 -0
package/src/utils/oauth/nanogpt.ts +15 -0
package/src/utils/oauth/nvidia.ts +70 -0
package/src/utils/oauth/oauth.html +203 -0
package/src/utils/oauth/ollama-cloud.ts +28 -0
package/src/utils/oauth/ollama.ts +47 -0
package/src/utils/oauth/openai-codex.ts +299 -0
package/src/utils/oauth/opencode.ts +49 -0
package/src/utils/oauth/openrouter.ts +20 -0
package/src/utils/oauth/parallel.ts +46 -0
package/src/utils/oauth/perplexity.ts +206 -0
package/src/utils/oauth/pkce.ts +18 -0
package/src/utils/oauth/qianfan.ts +58 -0
package/src/utils/oauth/qwen-portal.ts +60 -0
package/src/utils/oauth/synthetic.ts +15 -0
package/src/utils/oauth/tavily.ts +46 -0
package/src/utils/oauth/together.ts +16 -0
package/src/utils/oauth/types.ts +99 -0
package/src/utils/oauth/venice.ts +59 -0
package/src/utils/oauth/vercel-ai-gateway.ts +47 -0
package/src/utils/oauth/vllm.ts +40 -0
package/src/utils/oauth/wafer.ts +50 -0
package/src/utils/oauth/xai-oauth.ts +342 -0
package/src/utils/oauth/xiaomi.ts +139 -0
package/src/utils/oauth/zai.ts +60 -0
package/src/utils/oauth/zenmux.ts +15 -0
package/src/utils/oauth/zhipu.ts +60 -0
package/src/utils/overflow.ts +137 -0
package/src/utils/parse-bind.ts +54 -0
package/src/utils/provider-response.ts +30 -0
package/src/utils/request-debug.ts +336 -0
package/src/utils/retry-after.ts +110 -0
package/src/utils/retry.ts +54 -0
package/src/utils/schema/CONSTRAINTS.md +164 -0
package/src/utils/schema/adapt.ts +36 -0
package/src/utils/schema/compatibility.ts +435 -0
package/src/utils/schema/dereference.ts +98 -0
package/src/utils/schema/draft.ts +341 -0
package/src/utils/schema/equality.ts +97 -0
package/src/utils/schema/fields.ts +191 -0
package/src/utils/schema/index.ts +13 -0
package/src/utils/schema/json-schema-validator.ts +577 -0
package/src/utils/schema/meta-validator.ts +167 -0
package/src/utils/schema/normalize.ts +1588 -0
package/src/utils/schema/spill.ts +43 -0
package/src/utils/schema/stamps.ts +97 -0
package/src/utils/schema/types.ts +10 -0
package/src/utils/schema/wire.ts +293 -0
package/src/utils/schema/zod-decontaminate.ts +331 -0
package/src/utils/sdk-stream-timeout.ts +43 -0
package/src/utils/sse-debug.ts +289 -0
package/src/utils/stream-markup-healing.ts +612 -0
package/src/utils/tool-choice.ts +99 -0
package/src/utils/validation.ts +1024 -0
package/src/utils.ts +166 -0
package/dist/api-registry.d.ts +0 -20
package/dist/api-registry.d.ts.map +0 -1
package/dist/api-registry.js +0 -44
package/dist/api-registry.js.map +0 -1
package/dist/bedrock-provider.d.ts +0 -5
package/dist/bedrock-provider.d.ts.map +0 -1
package/dist/bedrock-provider.js +0 -6
package/dist/bedrock-provider.js.map +0 -1
package/dist/cli.d.ts +0 -3
package/dist/cli.d.ts.map +0 -1
package/dist/cli.js +0 -130
package/dist/cli.js.map +0 -1
package/dist/env-api-keys.d.ts +0 -18
package/dist/env-api-keys.d.ts.map +0 -1
package/dist/env-api-keys.js +0 -178
package/dist/env-api-keys.js.map +0 -1
package/dist/image-models.d.ts +0 -10
package/dist/image-models.d.ts.map +0 -1
package/dist/image-models.generated.d.ts +0 -440
package/dist/image-models.generated.d.ts.map +0 -1
package/dist/image-models.generated.js +0 -442
package/dist/image-models.generated.js.map +0 -1
package/dist/image-models.js +0 -23
package/dist/image-models.js.map +0 -1
package/dist/images-api-registry.d.ts +0 -14
package/dist/images-api-registry.d.ts.map +0 -1
package/dist/images-api-registry.js +0 -22
package/dist/images-api-registry.js.map +0 -1
package/dist/images.d.ts +0 -4
package/dist/images.d.ts.map +0 -1
package/dist/images.js +0 -14
package/dist/images.js.map +0 -1
package/dist/index.d.ts +0 -32
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -20
package/dist/index.js.map +0 -1
package/dist/models.d.ts +0 -18
package/dist/models.d.ts.map +0 -1
package/dist/models.generated.d.ts +0 -17707
package/dist/models.generated.d.ts.map +0 -1
package/dist/models.generated.js +0 -16561
package/dist/models.generated.js.map +0 -1
package/dist/models.js +0 -71
package/dist/models.js.map +0 -1
package/dist/oauth.d.ts +0 -2
package/dist/oauth.d.ts.map +0 -1
package/dist/oauth.js +0 -2
package/dist/oauth.js.map +0 -1
package/dist/providers/aery-error-formatting.d.ts +0 -13
package/dist/providers/aery-error-formatting.d.ts.map +0 -1
package/dist/providers/aery-error-formatting.js +0 -112
package/dist/providers/aery-error-formatting.js.map +0 -1
package/dist/providers/amazon-bedrock.d.ts +0 -38
package/dist/providers/amazon-bedrock.d.ts.map +0 -1
package/dist/providers/amazon-bedrock.js +0 -763
package/dist/providers/amazon-bedrock.js.map +0 -1
package/dist/providers/anthropic.d.ts +0 -71
package/dist/providers/anthropic.d.ts.map +0 -1
package/dist/providers/anthropic.js +0 -949
package/dist/providers/anthropic.js.map +0 -1
package/dist/providers/azure-openai-responses.d.ts +0 -15
package/dist/providers/azure-openai-responses.d.ts.map +0 -1
package/dist/providers/azure-openai-responses.js +0 -225
package/dist/providers/azure-openai-responses.js.map +0 -1
package/dist/providers/cloudflare.d.ts +0 -13
package/dist/providers/cloudflare.d.ts.map +0 -1
package/dist/providers/cloudflare.js +0 -26
package/dist/providers/cloudflare.js.map +0 -1
package/dist/providers/faux.d.ts +0 -56
package/dist/providers/faux.d.ts.map +0 -1
package/dist/providers/faux.js +0 -368
package/dist/providers/faux.js.map +0 -1
package/dist/providers/github-copilot-headers.d.ts +0 -8
package/dist/providers/github-copilot-headers.d.ts.map +0 -1
package/dist/providers/github-copilot-headers.js +0 -29
package/dist/providers/github-copilot-headers.js.map +0 -1
package/dist/providers/google-gemini-cli.d.ts +0 -74
package/dist/providers/google-gemini-cli.d.ts.map +0 -1
package/dist/providers/google-gemini-cli.js +0 -779
package/dist/providers/google-gemini-cli.js.map +0 -1
package/dist/providers/google-shared.d.ts +0 -70
package/dist/providers/google-shared.d.ts.map +0 -1
package/dist/providers/google-shared.js +0 -329
package/dist/providers/google-shared.js.map +0 -1
package/dist/providers/google-vertex.d.ts +0 -15
package/dist/providers/google-vertex.d.ts.map +0 -1
package/dist/providers/google-vertex.js +0 -442
package/dist/providers/google-vertex.js.map +0 -1
package/dist/providers/google.d.ts +0 -13
package/dist/providers/google.d.ts.map +0 -1
package/dist/providers/google.js +0 -400
package/dist/providers/google.js.map +0 -1
package/dist/providers/images/openrouter.d.ts +0 -3
package/dist/providers/images/openrouter.d.ts.map +0 -1
package/dist/providers/images/openrouter.js +0 -129
package/dist/providers/images/openrouter.js.map +0 -1
package/dist/providers/images/register-builtins.d.ts +0 -4
package/dist/providers/images/register-builtins.d.ts.map +0 -1
package/dist/providers/images/register-builtins.js +0 -34
package/dist/providers/images/register-builtins.js.map +0 -1
package/dist/providers/mistral.d.ts +0 -25
package/dist/providers/mistral.d.ts.map +0 -1
package/dist/providers/mistral.js +0 -535
package/dist/providers/mistral.js.map +0 -1
package/dist/providers/openai-codex-responses.d.ts +0 -30
package/dist/providers/openai-codex-responses.d.ts.map +0 -1
package/dist/providers/openai-codex-responses.js +0 -1090
package/dist/providers/openai-codex-responses.js.map +0 -1
package/dist/providers/openai-completions.d.ts +0 -19
package/dist/providers/openai-completions.d.ts.map +0 -1
package/dist/providers/openai-completions.js +0 -950
package/dist/providers/openai-completions.js.map +0 -1
package/dist/providers/openai-prompt-cache.d.ts +0 -3
package/dist/providers/openai-prompt-cache.d.ts.map +0 -1
package/dist/providers/openai-prompt-cache.js +0 -10
package/dist/providers/openai-prompt-cache.js.map +0 -1
package/dist/providers/openai-responses-shared.d.ts +0 -18
package/dist/providers/openai-responses-shared.d.ts.map +0 -1
package/dist/providers/openai-responses-shared.js +0 -492
package/dist/providers/openai-responses-shared.js.map +0 -1
package/dist/providers/openai-responses.d.ts +0 -13
package/dist/providers/openai-responses.d.ts.map +0 -1
package/dist/providers/openai-responses.js +0 -237
package/dist/providers/openai-responses.js.map +0 -1
package/dist/providers/register-builtins.d.ts +0 -38
package/dist/providers/register-builtins.d.ts.map +0 -1
package/dist/providers/register-builtins.js +0 -278
package/dist/providers/register-builtins.js.map +0 -1
package/dist/providers/simple-options.d.ts +0 -8
package/dist/providers/simple-options.d.ts.map +0 -1
package/dist/providers/simple-options.js +0 -41
package/dist/providers/simple-options.js.map +0 -1
package/dist/providers/transform-messages.d.ts +0 -8
package/dist/providers/transform-messages.d.ts.map +0 -1
package/dist/providers/transform-messages.js +0 -184
package/dist/providers/transform-messages.js.map +0 -1
package/dist/session-resources.d.ts +0 -4
package/dist/session-resources.d.ts.map +0 -1
package/dist/session-resources.js +0 -22
package/dist/session-resources.js.map +0 -1
package/dist/stream.d.ts +0 -8
package/dist/stream.d.ts.map +0 -1
package/dist/stream.js +0 -27
package/dist/stream.js.map +0 -1
package/dist/types.d.ts +0 -498
package/dist/types.d.ts.map +0 -1
package/dist/types.js +0 -2
package/dist/types.js.map +0 -1
package/dist/utils/diagnostics.d.ts +0 -19
package/dist/utils/diagnostics.d.ts.map +0 -1
package/dist/utils/diagnostics.js +0 -25
package/dist/utils/diagnostics.js.map +0 -1
package/dist/utils/event-stream.d.ts +0 -21
package/dist/utils/event-stream.d.ts.map +0 -1
package/dist/utils/event-stream.js +0 -81
package/dist/utils/event-stream.js.map +0 -1
package/dist/utils/hash.d.ts +0 -3
package/dist/utils/hash.d.ts.map +0 -1
package/dist/utils/hash.js +0 -14
package/dist/utils/hash.js.map +0 -1
package/dist/utils/headers.d.ts +0 -2
package/dist/utils/headers.d.ts.map +0 -1
package/dist/utils/headers.js +0 -8
package/dist/utils/headers.js.map +0 -1
package/dist/utils/json-parse.d.ts +0 -16
package/dist/utils/json-parse.d.ts.map +0 -1
package/dist/utils/json-parse.js +0 -113
package/dist/utils/json-parse.js.map +0 -1
package/dist/utils/node-http-proxy.d.ts +0 -10
package/dist/utils/node-http-proxy.d.ts.map +0 -1
package/dist/utils/node-http-proxy.js +0 -97
package/dist/utils/node-http-proxy.js.map +0 -1
package/dist/utils/oauth/anthropic.d.ts +0 -25
package/dist/utils/oauth/anthropic.d.ts.map +0 -1
package/dist/utils/oauth/anthropic.js +0 -335
package/dist/utils/oauth/anthropic.js.map +0 -1
package/dist/utils/oauth/device-code.d.ts +0 -19
package/dist/utils/oauth/device-code.d.ts.map +0 -1
package/dist/utils/oauth/device-code.js +0 -55
package/dist/utils/oauth/device-code.js.map +0 -1
package/dist/utils/oauth/github-copilot.d.ts +0 -30
package/dist/utils/oauth/github-copilot.d.ts.map +0 -1
package/dist/utils/oauth/github-copilot.js +0 -268
package/dist/utils/oauth/github-copilot.js.map +0 -1
package/dist/utils/oauth/google-antigravity.d.ts +0 -26
package/dist/utils/oauth/google-antigravity.d.ts.map +0 -1
package/dist/utils/oauth/google-antigravity.js +0 -377
package/dist/utils/oauth/google-antigravity.js.map +0 -1
package/dist/utils/oauth/google-gemini-cli.d.ts +0 -26
package/dist/utils/oauth/google-gemini-cli.d.ts.map +0 -1
package/dist/utils/oauth/google-gemini-cli.js +0 -482
package/dist/utils/oauth/google-gemini-cli.js.map +0 -1
package/dist/utils/oauth/index.d.ts +0 -63
package/dist/utils/oauth/index.d.ts.map +0 -1
package/dist/utils/oauth/index.js +0 -131
package/dist/utils/oauth/index.js.map +0 -1
package/dist/utils/oauth/oauth-page.d.ts +0 -3
package/dist/utils/oauth/oauth-page.d.ts.map +0 -1
package/dist/utils/oauth/oauth-page.js +0 -105
package/dist/utils/oauth/oauth-page.js.map +0 -1
package/dist/utils/oauth/openai-codex.d.ts +0 -34
package/dist/utils/oauth/openai-codex.d.ts.map +0 -1
package/dist/utils/oauth/openai-codex.js +0 -385
package/dist/utils/oauth/openai-codex.js.map +0 -1
package/dist/utils/oauth/pkce.d.ts +0 -13
package/dist/utils/oauth/pkce.d.ts.map +0 -1
package/dist/utils/oauth/pkce.js +0 -31
package/dist/utils/oauth/pkce.js.map +0 -1
package/dist/utils/oauth/types.d.ts +0 -64
package/dist/utils/oauth/types.d.ts.map +0 -1
package/dist/utils/oauth/types.js +0 -2
package/dist/utils/oauth/types.js.map +0 -1
package/dist/utils/overflow.d.ts +0 -56
package/dist/utils/overflow.d.ts.map +0 -1
package/dist/utils/overflow.js +0 -151
package/dist/utils/overflow.js.map +0 -1
package/dist/utils/sanitize-unicode.d.ts +0 -22
package/dist/utils/sanitize-unicode.d.ts.map +0 -1
package/dist/utils/sanitize-unicode.js +0 -26
package/dist/utils/sanitize-unicode.js.map +0 -1
package/dist/utils/typebox-helpers.d.ts +0 -17
package/dist/utils/typebox-helpers.d.ts.map +0 -1
package/dist/utils/typebox-helpers.js +0 -21
package/dist/utils/typebox-helpers.js.map +0 -1
package/dist/utils/validation.d.ts +0 -18
package/dist/utils/validation.d.ts.map +0 -1
package/dist/utils/validation.js +0 -281
package/dist/utils/validation.js.map +0 -1

package/src/utils/oauth/index.ts ADDED Viewed

@@ -0,0 +1,484 @@
+// ============================================================================
+// High-level API
+// ============================================================================
+import type {
+	OAuthCredentials,
+	OAuthProvider,
+	OAuthProviderId,
+	OAuthProviderInfo,
+	OAuthProviderInterface,
+} from "./types";
+const builtInOAuthProviders: OAuthProviderInfo[] = [
+	// Most popular coding subscriptions / gateways.
+	{
+		id: "openai-codex",
+		name: "ChatGPT Plus/Pro (Codex Subscription)",
+		available: true,
+	},
+	{
+		id: "anthropic",
+		name: "Anthropic (Claude Pro/Max)",
+		available: true,
+	},
+	{
+		id: "zai",
+		name: "Z.AI (GLM Coding Plan)",
+		available: true,
+	},
+	{
+		id: "kimi-code",
+		name: "Kimi Code",
+		available: true,
+	},
+	{
+		id: "openrouter",
+		name: "OpenRouter",
+		available: true,
+	},
+	// Other coding subscriptions & first-party assistants.
+	{
+		id: "github-copilot",
+		name: "GitHub Copilot",
+		available: true,
+	},
+	{
+		id: "cursor",
+		name: "Cursor (Claude, GPT, etc.)",
+		available: true,
+	},
+	{
+		id: "google-antigravity",
+		name: "Antigravity (Gemini 3, Claude, GPT-OSS)",
+		available: true,
+	},
+	{
+		id: "google-gemini-cli",
+		name: "Google Cloud Code Assist (Gemini CLI)",
+		available: true,
+	},
+	{
+		id: "openai-codex-device",
+		name: "ChatGPT Plus/Pro (Codex, headless/device)",
+		available: true,
+	},
+	{
+		id: "xai-oauth",
+		name: "xAI Grok OAuth (SuperGrok Subscription)",
+		available: true,
+	},
+	{
+		id: "gitlab-duo",
+		name: "GitLab Duo",
+		available: true,
+	},
+	{
+		id: "alibaba-coding-plan",
+		name: "Alibaba Coding Plan",
+		available: true,
+	},
+	{
+		id: "zhipu-coding-plan",
+		name: "Zhipu Coding Plan (智谱)",
+		available: true,
+	},
+	{
+		id: "qwen-portal",
+		name: "Qwen Portal",
+		available: true,
+	},
+	{
+		id: "minimax-code",
+		name: "MiniMax Coding Plan (International)",
+		available: true,
+	},
+	{
+		id: "minimax-code-cn",
+		name: "MiniMax Coding Plan (China)",
+		available: true,
+	},
+	{
+		id: "xiaomi",
+		name: "Xiaomi MiMo",
+		available: true,
+	},
+	{
+		id: "firepass",
+		name: "Fire Pass (Fireworks Kimi K2.6 Turbo subscription)",
+		available: true,
+	},
+	{
+		id: "wafer-pass",
+		name: "Wafer Pass (flat-rate subscription)",
+		available: true,
+	},
+	// Direct model-provider APIs (pay-as-you-go inference).
+	{
+		id: "deepseek",
+		name: "DeepSeek",
+		available: true,
+	},
+	{
+		id: "moonshot",
+		name: "Moonshot (Kimi API)",
+		available: true,
+	},
+	{
+		id: "cerebras",
+		name: "Cerebras",
+		available: true,
+	},
+	{
+		id: "fireworks",
+		name: "Fireworks",
+		available: true,
+	},
+	{
+		id: "together",
+		name: "Together",
+		available: true,
+	},
+	{
+		id: "nvidia",
+		name: "NVIDIA",
+		available: true,
+	},
+	{
+		id: "huggingface",
+		name: "Hugging Face Inference",
+		available: true,
+	},
+	{
+		id: "perplexity",
+		name: "Perplexity (Pro/Max)",
+		available: true,
+	},
+	{
+		id: "qianfan",
+		name: "Qianfan",
+		available: true,
+	},
+	{
+		id: "venice",
+		name: "Venice",
+		available: true,
+	},
+	{
+		id: "synthetic",
+		name: "Synthetic",
+		available: true,
+	},
+	{
+		id: "nanogpt",
+		name: "NanoGPT",
+		available: true,
+	},
+	{
+		id: "wafer-serverless",
+		name: "Wafer Serverless (pay-as-you-go)",
+		available: true,
+	},
+	// Aggregator gateways / routers.
+	{
+		id: "vercel-ai-gateway",
+		name: "Vercel AI Gateway",
+		available: true,
+	},
+	{
+		id: "cloudflare-ai-gateway",
+		name: "Cloudflare AI Gateway",
+		available: true,
+	},
+	{
+		id: "litellm",
+		name: "LiteLLM",
+		available: true,
+	},
+	{
+		id: "kilo",
+		name: "Kilo Gateway",
+		available: true,
+	},
+	{
+		id: "zenmux",
+		name: "ZenMux",
+		available: true,
+	},
+	{
+		id: "opencode-zen",
+		name: "OpenCode Zen",
+		available: true,
+	},
+	{
+		id: "opencode-go",
+		name: "OpenCode Go",
+		available: true,
+	},
+	// Search & tool providers.
+	{
+		id: "tavily",
+		name: "Tavily",
+		available: true,
+	},
+	{
+		id: "kagi",
+		name: "Kagi",
+		available: true,
+	},
+	{
+		id: "parallel",
+		name: "Parallel",
+		available: true,
+	},
+	// Local runtimes.
+	{
+		id: "ollama",
+		name: "Ollama (Local OpenAI-compatible)",
+		available: true,
+	},
+	{
+		id: "ollama-cloud",
+		name: "Ollama Cloud",
+		available: true,
+	},
+	{
+		id: "lm-studio",
+		name: "LM Studio (Local OpenAI-compatible)",
+		available: true,
+	},
+	{
+		id: "vllm",
+		name: "vLLM (Local OpenAI-compatible)",
+		available: true,
+	},
+];
+const customOAuthProviders = new Map<string, OAuthProviderInterface>();
+/**
+ * Register a custom OAuth provider.
+ */
+export function registerOAuthProvider(provider: OAuthProviderInterface): void {
+	customOAuthProviders.set(provider.id, provider);
+}
+/**
+ * Get a custom OAuth provider by ID.
+ */
+export function getOAuthProvider(id: OAuthProviderId): OAuthProviderInterface | undefined {
+	return customOAuthProviders.get(id);
+}
+/**
+ * Remove all custom OAuth providers registered by a source.
+ */
+export function unregisterOAuthProviders(sourceId: string): void {
+	for (const [id, provider] of customOAuthProviders.entries()) {
+		if (provider.sourceId === sourceId) {
+			customOAuthProviders.delete(id);
+		}
+	}
+}
+/**
+ * Refresh token for any OAuth provider.
+ * Saves the new credentials and returns the new access token.
+ */
+export async function refreshOAuthToken(
+	provider: OAuthProvider,
+	credentials: OAuthCredentials,
+): Promise<OAuthCredentials> {
+	if (!credentials) {
+		throw new Error(`No OAuth credentials found for ${provider}`);
+	}
+	let newCredentials: OAuthCredentials;
+	switch (provider) {
+		case "anthropic": {
+			const { refreshAnthropicToken } = await import("./anthropic");
+			newCredentials = await refreshAnthropicToken(credentials.refresh);
+			break;
+		}
+		case "github-copilot": {
+			const { refreshGitHubCopilotToken } = await import("./github-copilot");
+			newCredentials = await refreshGitHubCopilotToken(credentials.refresh, credentials.enterpriseUrl);
+			break;
+		}
+		case "google-gemini-cli": {
+			const { refreshGoogleCloudToken } = await import("./google-gemini-cli");
+			if (!credentials.projectId) {
+				throw new Error("Google Cloud credentials missing projectId");
+			}
+			newCredentials = await refreshGoogleCloudToken(credentials.refresh, credentials.projectId);
+			break;
+		}
+		case "google-antigravity": {
+			const { refreshAntigravityToken } = await import("./google-antigravity");
+			if (!credentials.projectId) {
+				throw new Error("Antigravity credentials missing projectId");
+			}
+			newCredentials = await refreshAntigravityToken(credentials.refresh, credentials.projectId);
+			break;
+		}
+		case "openai-codex":
+		case "openai-codex-device": {
+			const { refreshOpenAICodexToken } = await import("./openai-codex");
+			newCredentials = await refreshOpenAICodexToken(credentials.refresh);
+			break;
+		}
+		case "kimi-code": {
+			const { refreshKimiToken } = await import("./kimi");
+			newCredentials = await refreshKimiToken(credentials.refresh);
+			break;
+		}
+		case "gitlab-duo": {
+			const { refreshGitLabDuoToken } = await import("./gitlab-duo");
+			newCredentials = await refreshGitLabDuoToken(credentials);
+			break;
+		}
+		case "cursor": {
+			const { refreshCursorToken } = await import("./cursor");
+			newCredentials = await refreshCursorToken(credentials.refresh);
+			break;
+		}
+		case "xai-oauth": {
+			const { refreshXAIOAuthToken } = await import("./xai-oauth");
+			newCredentials = await refreshXAIOAuthToken(credentials.refresh);
+			break;
+		}
+		case "kilo":
+		case "perplexity":
+		case "huggingface":
+		case "opencode-zen":
+		case "opencode-go":
+		case "openrouter":
+		case "cerebras":
+		case "fireworks":
+		case "firepass":
+		case "nvidia":
+		case "nanogpt":
+		case "synthetic":
+		case "together":
+		case "litellm":
+		case "lm-studio":
+		case "ollama":
+		case "ollama-cloud":
+		case "xiaomi":
+		case "zai":
+		case "zhipu-coding-plan":
+		case "qianfan":
+		case "venice":
+		case "minimax-code":
+		case "minimax-code-cn":
+		case "moonshot":
+		case "kagi":
+		case "cloudflare-ai-gateway":
+		case "vercel-ai-gateway":
+		case "qwen-portal":
+		case "wafer-pass":
+		case "wafer-serverless":
+		case "zenmux":
+		case "vllm":
+			// API keys / static bearer tokens don't expire, return as-is
+			newCredentials = credentials;
+			break;
+		default:
+			throw new Error(`Unknown OAuth provider: ${provider}`);
+	}
+	return newCredentials;
+}
+function getPerplexityJwtExpiryMs(token: string): number | undefined {
+	const parts = token.split(".");
+	if (parts.length !== 3) return undefined;
+	const payload = parts[1];
+	if (!payload) return undefined;
+	try {
+		const decoded = JSON.parse(Buffer.from(payload, "base64url").toString("utf8")) as { exp?: unknown };
+		if (typeof decoded.exp !== "number" || !Number.isFinite(decoded.exp)) return undefined;
+		return decoded.exp * 1000 - 5 * 60_000;
+	} catch {
+		return undefined;
+	}
+}
+/**
+ * Build API-key bytes for a provider from an already-fresh OAuth credential.
+ *
+ * Refresh is owned by AuthStorage. This helper deliberately refuses expired
+ * credentials so it cannot POST broker redaction sentinels to upstream token
+ * endpoints as a side channel.
+ *
+ * For providers that need credential metadata at request time, returns
+ * JSON-encoded credentials plus expiry metadata for diagnostics/edge guards.
+ * @returns API key string, or null if no credentials
+ * @throws Error if the credential is expired and must be refreshed upstream
+ */
+export async function getOAuthApiKey(
+	provider: OAuthProvider,
+	credentials: Record<string, OAuthCredentials>,
+): Promise<{ newCredentials: OAuthCredentials; apiKey: string } | null> {
+	let creds = credentials[provider];
+	if (!creds) {
+		return null;
+	}
+	if (provider === "perplexity") {
+		// Perplexity JWTs usually omit `exp` (server-side sessions). Trust the JWT
+		// claim when present; otherwise treat the credential as non-expiring rather
+		// than honoring a stale stored `expires` (older logins wrote loginTime+1h).
+		const NEVER_EXPIRES = 8.64e15;
+		const normalizedExpires =
+			creds.expires > 0 && creds.expires < 10_000_000_000 ? creds.expires * 1000 : creds.expires;
+		const jwtExpiry = getPerplexityJwtExpiryMs(creds.access);
+		const expires = jwtExpiry ?? Math.max(normalizedExpires, NEVER_EXPIRES);
+		if (expires !== creds.expires) {
+			creds = { ...creds, expires };
+		}
+	}
+	// Refresh is the sole responsibility of `AuthStorage` (which calls
+	// `refreshOAuthToken` directly with broker-aware single-flighting). If we
+	// reach here with an expired credential, the outer pipeline failed to
+	// refresh before this call OR the refresh slot is the broker sentinel —
+	// either way, posting the credential to a provider endpoint would only
+	// trigger a `__remote__`-against-real-provider failure that gets classified
+	// as `invalid_grant` and disables the row. Refuse loudly instead.
+	if (Date.now() >= creds.expires) {
+		if (provider === "perplexity") {
+			const jwtExpiry = getPerplexityJwtExpiryMs(creds.access);
+			if (jwtExpiry && Date.now() < jwtExpiry) {
+				const fallbackCredentials = { ...creds, expires: jwtExpiry };
+				return { newCredentials: fallbackCredentials, apiKey: fallbackCredentials.access };
+			}
+		}
+		throw new Error(
+			`OAuth credential for ${provider} is expired and must be refreshed via AuthStorage before getOAuthApiKey is called`,
+		);
+	}
+	// For providers that need request-time credential metadata, return JSON.
+	const needsStructuredApiKey =
+		provider === "github-copilot" || provider === "google-gemini-cli" || provider === "google-antigravity";
+	const apiKey = needsStructuredApiKey
+		? JSON.stringify({
+				token: creds.access,
+				enterpriseUrl: creds.enterpriseUrl,
+				projectId: creds.projectId,
+				refreshToken: creds.refresh,
+				expiresAt: creds.expires,
+				email: creds.email,
+				accountId: creds.accountId,
+			})
+		: creds.access;
+	return { newCredentials: creds, apiKey };
+}
+/**
+ * Get list of OAuth providers.
+ */
+export function getOAuthProviders(): OAuthProviderInfo[] {
+	const customProviders = Array.from(customOAuthProviders.values(), provider => ({
+		id: provider.id,
+		name: provider.name,
+		available: true,
+	}));
+	return [...builtInOAuthProviders, ...customProviders];
+}

package/src/utils/oauth/kagi.ts ADDED Viewed

@@ -0,0 +1,47 @@
+/**
+ * Kagi login flow.
+ *
+ * Kagi web search uses an API key from the account settings page.
+ * This is an API key flow:
+ * 1. Open browser to Kagi API settings
+ * 2. User copies API key
+ * 3. User pastes key into CLI
+ */
+import type { OAuthController } from "./types";
+const AUTH_URL = "https://kagi.com/settings/api";
+/**
+ * Login to Kagi.
+ *
+ * Opens browser to API settings and prompts user to paste their API key.
+ * Returns the API key directly (not OAuthCredentials - this isn't OAuth).
+ */
+export async function loginKagi(options: OAuthController): Promise<string> {
+	if (!options.onPrompt) {
+		throw new Error("Kagi login requires onPrompt callback");
+	}
+	options.onAuth?.({
+		url: AUTH_URL,
+		instructions:
+			"Copy your Kagi Search API key from Kagi API settings. Search API access is beta-only; if unavailable, email support@kagi.com.",
+	});
+	const apiKey = await options.onPrompt({
+		message: "Paste your Kagi API key",
+		placeholder: "KG_...",
+	});
+	if (options.signal?.aborted) {
+		throw new Error("Login cancelled");
+	}
+	const trimmed = apiKey.trim();
+	if (!trimmed) {
+		throw new Error("API key is required");
+	}
+	return trimmed;
+}

package/src/utils/oauth/kilo.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import type { OAuthController, OAuthCredentials } from "./types";
+const KILO_DEVICE_AUTH_BASE_URL = "https://api.kilo.ai/api/device-auth";
+const POLL_INTERVAL_MS = 5000;
+const ONE_YEAR_MS = 365 * 24 * 60 * 60 * 1000;
+interface KiloDeviceAuthCodeResponse {
+	code?: string;
+	verificationUrl?: string;
+	expiresIn?: number;
+}
+interface KiloDeviceAuthPollResponse {
+	status?: string;
+	token?: string;
+}
+/**
+ * Login with Kilo Gateway OAuth (device code flow).
+ */
+export async function loginKilo(callbacks: OAuthController): Promise<OAuthCredentials> {
+	const initiateResponse = await fetch(`${KILO_DEVICE_AUTH_BASE_URL}/codes`, {
+		method: "POST",
+		headers: { "Content-Type": "application/json" },
+	});
+	if (!initiateResponse.ok) {
+		if (initiateResponse.status === 429) {
+			throw new Error("Too many pending authorization requests. Please try again later.");
+		}
+		throw new Error(`Failed to initiate device authorization: ${initiateResponse.status}`);
+	}
+	const initiateData = (await initiateResponse.json()) as KiloDeviceAuthCodeResponse;
+	const userCode = initiateData.code;
+	const verificationUrl = initiateData.verificationUrl;
+	const expiresInSeconds = initiateData.expiresIn;
+	if (!userCode || !verificationUrl || typeof expiresInSeconds !== "number" || expiresInSeconds <= 0) {
+		throw new Error("Kilo device authorization response missing required fields");
+	}
+	callbacks.onAuth?.({
+		url: verificationUrl,
+		instructions: `Enter code: ${userCode}`,
+	});
+	const deadline = Date.now() + expiresInSeconds * 1000;
+	while (Date.now() < deadline) {
+		if (callbacks.signal?.aborted) {
+			throw new Error("Login cancelled");
+		}
+		const pollResponse = await fetch(`${KILO_DEVICE_AUTH_BASE_URL}/codes/${encodeURIComponent(userCode)}`);
+		if (pollResponse.status === 202) {
+			await Bun.sleep(POLL_INTERVAL_MS);
+			continue;
+		}
+		if (pollResponse.status === 403) {
+			throw new Error("Authorization was denied");
+		}
+		if (pollResponse.status === 410) {
+			throw new Error("Authorization code expired. Please try again.");
+		}
+		if (!pollResponse.ok) {
+			throw new Error(`Failed to poll device authorization: ${pollResponse.status}`);
+		}
+		const pollData = (await pollResponse.json()) as KiloDeviceAuthPollResponse;
+		if (pollData.status === "approved" && pollData.token) {
+			return {
+				refresh: "",
+				access: pollData.token,
+				expires: Date.now() + ONE_YEAR_MS,
+			};
+		}
+		if (pollData.status === "denied") {
+			throw new Error("Authorization was denied");
+		}
+		if (pollData.status === "expired") {
+			throw new Error("Authorization code expired. Please try again.");
+		}
+		await Bun.sleep(POLL_INTERVAL_MS);
+	}
+	throw new Error("Authentication timed out. Please try again.");
+}