@asframe/opencode-iflow-auth 1.0.0

package/dist/plugin/accounts.js

@@ -0,0 +1,205 @@
+import { randomBytes } from 'node:crypto';
+import { join } from 'node:path';
+import { homedir } from 'node:os';
+import { promises as fs } from 'node:fs';
+import { loadAccounts, saveAccounts } from './storage.js';
+const DEBUG = process.env.IFLOW_AUTH_DEBUG === 'true';
+function log(...args) {
+    if (DEBUG) {
+        console.error('[iflow-auth]', ...args);
+    }
+}
+export function generateAccountId() {
+    return randomBytes(16).toString('hex');
+}
+export function encodeRefreshToken(parts) {
+    return Buffer.from(JSON.stringify(parts)).toString('base64');
+}
+export function decodeRefreshToken(encoded) {
+    try {
+        return JSON.parse(Buffer.from(encoded, 'base64').toString('utf-8'));
+    }
+    catch {
+        return { authMethod: 'apikey' };
+    }
+}
+function getOpenCodeDataDir() {
+    const platform = process.platform;
+    if (platform === 'win32') {
+        return join(homedir(), '.local', 'share');
+    }
+    return process.env.XDG_DATA_HOME || join(homedir(), '.local', 'share');
+}
+async function readOpenCodeAuth() {
+    try {
+        const dataDir = getOpenCodeDataDir();
+        const authPath = join(dataDir, 'opencode', 'auth.json');
+        log('Reading auth from:', authPath);
+        const content = await fs.readFile(authPath, 'utf-8');
+        log('Auth content:', content.substring(0, 200));
+        const auth = JSON.parse(content);
+        log('Parsed auth keys:', Object.keys(auth));
+        log('iflow entry:', auth.iflow);
+        if (auth.iflow && auth.iflow.type === 'api' && auth.iflow.key) {
+            log('Found iflow API key');
+            return { key: auth.iflow.key };
+        }
+        log('No iflow API key found');
+        return null;
+    }
+    catch (e) {
+        log('Error reading auth:', e.message);
+        return null;
+    }
+}
+export class AccountManager {
+    accounts;
+    cursor;
+    strategy;
+    lastToastTime = 0;
+    constructor(accounts, strategy = 'sticky') {
+        this.accounts = accounts;
+        this.cursor = 0;
+        this.strategy = strategy;
+    }
+    static async loadFromDisk(strategy) {
+        log('loadFromDisk called');
+        const s = await loadAccounts();
+        log('Loaded accounts count:', s.accounts.length);
+        if (s.accounts.length === 0) {
+            log('No accounts, trying to read OpenCode auth');
+            const openCodeAuth = await readOpenCodeAuth();
+            log('OpenCode auth result:', openCodeAuth ? 'found' : 'not found');
+            if (openCodeAuth) {
+                const account = {
+                    id: generateAccountId(),
+                    email: 'iflow-user',
+                    authMethod: 'apikey',
+                    apiKey: openCodeAuth.key,
+                    rateLimitResetTime: 0,
+                    isHealthy: true,
+                };
+                s.accounts.push(account);
+                log('Added account from OpenCode auth');
+            }
+        }
+        log('Final accounts count:', s.accounts.length);
+        return new AccountManager(s.accounts, strategy || 'sticky');
+    }
+    getAccountCount() {
+        return this.accounts.length;
+    }
+    getAccounts() {
+        return [...this.accounts];
+    }
+    shouldShowToast(debounce = 30000) {
+        if (Date.now() - this.lastToastTime < debounce)
+            return false;
+        this.lastToastTime = Date.now();
+        return true;
+    }
+    getMinWaitTime() {
+        const now = Date.now();
+        const waits = this.accounts.map((a) => (a.rateLimitResetTime || 0) - now).filter((t) => t > 0);
+        return waits.length > 0 ? Math.min(...waits) : 0;
+    }
+    getCurrentOrNext() {
+        const now = Date.now();
+        const available = this.accounts.filter((a) => {
+            if (!a.isHealthy) {
+                if (a.recoveryTime && now >= a.recoveryTime) {
+                    a.isHealthy = true;
+                    delete a.unhealthyReason;
+                    delete a.recoveryTime;
+                    return true;
+                }
+                return false;
+            }
+            return !(a.rateLimitResetTime && now < a.rateLimitResetTime);
+        });
+        if (available.length === 0)
+            return null;
+        let selected;
+        if (this.strategy === 'sticky') {
+            selected = available.find((_, i) => i === this.cursor) || available[0];
+        }
+        else if (this.strategy === 'round-robin') {
+            selected = available[this.cursor % available.length];
+            this.cursor = (this.cursor + 1) % available.length;
+        }
+        if (selected) {
+            selected.lastUsed = now;
+            this.cursor = this.accounts.indexOf(selected);
+            return selected;
+        }
+        return null;
+    }
+    addAccount(a) {
+        const i = this.accounts.findIndex((x) => x.id === a.id);
+        if (i === -1)
+            this.accounts.push(a);
+        else
+            this.accounts[i] = a;
+    }
+    removeAccount(a) {
+        const removedIndex = this.accounts.findIndex((x) => x.id === a.id);
+        if (removedIndex === -1)
+            return;
+        this.accounts = this.accounts.filter((x) => x.id !== a.id);
+        if (this.accounts.length === 0) {
+            this.cursor = 0;
+        }
+        else if (this.cursor >= this.accounts.length) {
+            this.cursor = this.accounts.length - 1;
+        }
+        else if (removedIndex <= this.cursor && this.cursor > 0) {
+            this.cursor--;
+        }
+    }
+    updateFromAuth(a, auth) {
+        const acc = this.accounts.find((x) => x.id === a.id);
+        if (acc) {
+            acc.apiKey = auth.apiKey;
+            if (auth.authMethod === 'oauth') {
+                acc.accessToken = auth.access;
+                acc.expiresAt = auth.expires;
+                const p = decodeRefreshToken(auth.refresh);
+                acc.refreshToken = p.refreshToken;
+            }
+            acc.lastUsed = Date.now();
+            if (auth.email)
+                acc.email = auth.email;
+        }
+    }
+    markRateLimited(a, ms) {
+        const acc = this.accounts.find((x) => x.id === a.id);
+        if (acc)
+            acc.rateLimitResetTime = Date.now() + ms;
+    }
+    markUnhealthy(a, reason, recovery) {
+        const acc = this.accounts.find((x) => x.id === a.id);
+        if (acc) {
+            acc.isHealthy = false;
+            acc.unhealthyReason = reason;
+            acc.recoveryTime = recovery;
+        }
+    }
+    async saveToDisk() {
+        const metadata = this.accounts.map(({ lastUsed, ...rest }) => rest);
+        await saveAccounts({ version: 1, accounts: metadata, activeIndex: this.cursor });
+    }
+    toAuthDetails(a) {
+        const p = {
+            refreshToken: a.refreshToken,
+            authMethod: a.authMethod
+        };
+        return {
+            refresh: encodeRefreshToken(p),
+            access: a.accessToken || '',
+            expires: a.expiresAt || 0,
+            authMethod: a.authMethod,
+            apiKey: a.apiKey,
+            email: a.email
+        };
+    }
+}

package/dist/plugin/auth-page.d.ts

@@ -0,0 +1,3 @@
+export declare function getIDCAuthHtml(verificationUrl: string, userCode: string, statusUrl: string): string;
+export declare function getSuccessHtml(): string;
+export declare function getErrorHtml(message: string): string;