@cereworker/cerebrum 0.7.0 → 26.313.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/oauth/flow.d.ts +26 -0
- package/dist/oauth/flow.d.ts.map +1 -0
- package/dist/oauth/flow.js +225 -0
- package/dist/oauth/flow.js.map +1 -0
- package/dist/oauth/index.d.ts +6 -0
- package/dist/oauth/index.d.ts.map +1 -0
- package/dist/oauth/index.js +6 -0
- package/dist/oauth/index.js.map +1 -0
- package/dist/oauth/pi-auth.d.ts +16 -0
- package/dist/oauth/pi-auth.d.ts.map +1 -0
- package/dist/oauth/pi-auth.js +38 -0
- package/dist/oauth/pi-auth.js.map +1 -0
- package/dist/oauth/pkce.d.ts +5 -0
- package/dist/oauth/pkce.d.ts.map +1 -0
- package/dist/oauth/pkce.js +20 -0
- package/dist/oauth/pkce.js.map +1 -0
- package/dist/oauth/token-store.d.ts +11 -0
- package/dist/oauth/token-store.d.ts.map +1 -0
- package/dist/oauth/token-store.js +56 -0
- package/dist/oauth/token-store.js.map +1 -0
- package/dist/oauth/types.d.ts +26 -0
- package/dist/oauth/types.d.ts.map +1 -0
- package/dist/oauth/types.js +28 -0
- package/dist/oauth/types.js.map +1 -0
- package/dist/provider.d.ts +2 -0
- package/dist/provider.d.ts.map +1 -1
- package/dist/provider.js +44 -13
- package/dist/provider.js.map +1 -1
- package/dist/types.d.ts +6 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +6 -5
package/dist/index.d.ts
CHANGED
|
@@ -4,4 +4,5 @@ export { createBuiltinTools, type BuiltinTools, type BuiltinToolName } from './t
|
|
|
4
4
|
export { withRetry, type RetryOptions } from './retry.js';
|
|
5
5
|
export { buildCompactionPrompt } from './context.js';
|
|
6
6
|
export { evaluateCommand, extractBinary, isSafeBinary, type ExecDecision } from './tools/exec-policy.js';
|
|
7
|
+
export { OAUTH_PROVIDERS, TokenStore, refreshAccessToken, runOAuthFlow, runDeviceCodeFlow, isRemoteEnvironment, loginOpenAI, loginGoogle, refreshOpenAIToken, refreshGoogleToken, generateCodeVerifier, generateCodeChallenge, buildAuthorizationUrl, type OAuthProviderConfig, type OAuthTokens, type OAuthFlowOptions, type DeviceCodeFlowOptions, type PiAuthCallbacks, } from './oauth/index.js';
|
|
7
8
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACnG,OAAO,EAAE,kBAAkB,EAAE,KAAK,YAAY,EAAE,KAAK,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC/F,OAAO,EAAE,SAAS,EAAE,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,YAAY,EAAE,KAAK,YAAY,EAAE,MAAM,wBAAwB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACnG,OAAO,EAAE,kBAAkB,EAAE,KAAK,YAAY,EAAE,KAAK,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC/F,OAAO,EAAE,SAAS,EAAE,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,YAAY,EAAE,KAAK,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACzG,OAAO,EACL,eAAe,EACf,UAAU,EACV,kBAAkB,EAClB,YAAY,EACZ,iBAAiB,EACjB,mBAAmB,EACnB,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,qBAAqB,EACrB,qBAAqB,EACrB,KAAK,mBAAmB,EACxB,KAAK,WAAW,EAChB,KAAK,gBAAgB,EACrB,KAAK,qBAAqB,EAC1B,KAAK,eAAe,GACrB,MAAM,kBAAkB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -3,4 +3,5 @@ export { createBuiltinTools } from './tools/index.js';
|
|
|
3
3
|
export { withRetry } from './retry.js';
|
|
4
4
|
export { buildCompactionPrompt } from './context.js';
|
|
5
5
|
export { evaluateCommand, extractBinary, isSafeBinary } from './tools/exec-policy.js';
|
|
6
|
+
export { OAUTH_PROVIDERS, TokenStore, refreshAccessToken, runOAuthFlow, runDeviceCodeFlow, isRemoteEnvironment, loginOpenAI, loginGoogle, refreshOpenAIToken, refreshGoogleToken, generateCodeVerifier, generateCodeChallenge, buildAuthorizationUrl, } from './oauth/index.js';
|
|
6
7
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAEjD,OAAO,EAAE,kBAAkB,EAA2C,MAAM,kBAAkB,CAAC;AAC/F,OAAO,EAAE,SAAS,EAAqB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,YAAY,EAAqB,MAAM,wBAAwB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAEjD,OAAO,EAAE,kBAAkB,EAA2C,MAAM,kBAAkB,CAAC;AAC/F,OAAO,EAAE,SAAS,EAAqB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,YAAY,EAAqB,MAAM,wBAAwB,CAAC;AACzG,OAAO,EACL,eAAe,EACf,UAAU,EACV,kBAAkB,EAClB,YAAY,EACZ,iBAAiB,EACjB,mBAAmB,EACnB,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,qBAAqB,EACrB,qBAAqB,GAMtB,MAAM,kBAAkB,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import { type OAuthTokens } from './types.js';
|
|
2
|
+
export interface OAuthFlowOptions {
|
|
3
|
+
clientId?: string;
|
|
4
|
+
clientSecret?: string;
|
|
5
|
+
onReady?: (authUrl: string) => void;
|
|
6
|
+
}
|
|
7
|
+
export declare function isRemoteEnvironment(): boolean;
|
|
8
|
+
/**
|
|
9
|
+
* Run the full OAuth Authorization Code + PKCE flow.
|
|
10
|
+
*
|
|
11
|
+
* In remote/WSL environments, falls back to manual paste of the redirect URL.
|
|
12
|
+
* Uses the PKCE code verifier as the OAuth state parameter.
|
|
13
|
+
*/
|
|
14
|
+
export declare function runOAuthFlow(provider: string, options?: OAuthFlowOptions): Promise<OAuthTokens>;
|
|
15
|
+
export interface DeviceCodeFlowOptions {
|
|
16
|
+
clientId?: string;
|
|
17
|
+
clientSecret?: string;
|
|
18
|
+
onUserCode?: (userCode: string, verificationUri: string) => void;
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Run the OAuth Device Authorization Grant flow.
|
|
22
|
+
* Used for headless environments where browser-based redirect isn't possible.
|
|
23
|
+
* Provider must have `deviceCodeUrl` configured.
|
|
24
|
+
*/
|
|
25
|
+
export declare function runDeviceCodeFlow(provider: string, options?: DeviceCodeFlowOptions): Promise<OAuthTokens>;
|
|
26
|
+
//# sourceMappingURL=flow.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"flow.d.ts","sourceRoot":"","sources":["../../src/oauth/flow.ts"],"names":[],"mappings":"AAEA,OAAO,EAA6C,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAGzF,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;CACrC;AAED,wBAAgB,mBAAmB,IAAI,OAAO,CAO7C;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,WAAW,CAAC,CAgCtB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,KAAK,IAAI,CAAC;CAClE;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,WAAW,CAAC,CAmFtB"}
|
|
@@ -0,0 +1,225 @@
|
|
|
1
|
+
import { createServer } from 'node:http';
|
|
2
|
+
import { createInterface } from 'node:readline';
|
|
3
|
+
import { OAUTH_PROVIDERS } from './types.js';
|
|
4
|
+
import { generateCodeVerifier, generateCodeChallenge, buildAuthorizationUrl } from './pkce.js';
|
|
5
|
+
export function isRemoteEnvironment() {
|
|
6
|
+
return !!(process.env.SSH_CONNECTION ||
|
|
7
|
+
process.env.SSH_CLIENT ||
|
|
8
|
+
process.env.WSL_DISTRO_NAME ||
|
|
9
|
+
process.env.REMOTE_CONTAINERS);
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Run the full OAuth Authorization Code + PKCE flow.
|
|
13
|
+
*
|
|
14
|
+
* In remote/WSL environments, falls back to manual paste of the redirect URL.
|
|
15
|
+
* Uses the PKCE code verifier as the OAuth state parameter.
|
|
16
|
+
*/
|
|
17
|
+
export async function runOAuthFlow(provider, options) {
|
|
18
|
+
const config = OAUTH_PROVIDERS[provider];
|
|
19
|
+
if (!config)
|
|
20
|
+
throw new Error(`No OAuth config for provider: ${provider}`);
|
|
21
|
+
const clientId = options?.clientId ?? config.clientId;
|
|
22
|
+
if (!clientId) {
|
|
23
|
+
throw new Error(`OAuth clientId required for ${provider}. Set cerebrum.providers.${provider}.oauth.clientId in config.`);
|
|
24
|
+
}
|
|
25
|
+
const clientSecret = options?.clientSecret ?? config.clientSecret;
|
|
26
|
+
const codeVerifier = generateCodeVerifier();
|
|
27
|
+
const codeChallenge = generateCodeChallenge(codeVerifier);
|
|
28
|
+
// Use verifier as state (same pattern as OpenClaw)
|
|
29
|
+
const authUrl = buildAuthorizationUrl(config, codeChallenge, codeVerifier, clientId);
|
|
30
|
+
let code;
|
|
31
|
+
if (isRemoteEnvironment()) {
|
|
32
|
+
options?.onReady?.(authUrl);
|
|
33
|
+
code = await manualCodeEntry(codeVerifier);
|
|
34
|
+
}
|
|
35
|
+
else {
|
|
36
|
+
code = await startCallbackServer(config, codeVerifier, () => {
|
|
37
|
+
options?.onReady?.(authUrl);
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
const tokens = await exchangeCode(config, code, codeVerifier, clientId, clientSecret);
|
|
41
|
+
tokens.clientId = clientId;
|
|
42
|
+
return tokens;
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Run the OAuth Device Authorization Grant flow.
|
|
46
|
+
* Used for headless environments where browser-based redirect isn't possible.
|
|
47
|
+
* Provider must have `deviceCodeUrl` configured.
|
|
48
|
+
*/
|
|
49
|
+
export async function runDeviceCodeFlow(provider, options) {
|
|
50
|
+
const config = OAUTH_PROVIDERS[provider];
|
|
51
|
+
if (!config)
|
|
52
|
+
throw new Error(`No OAuth config for provider: ${provider}`);
|
|
53
|
+
if (!config.deviceCodeUrl) {
|
|
54
|
+
throw new Error(`Provider ${provider} does not support device code flow`);
|
|
55
|
+
}
|
|
56
|
+
const clientId = options?.clientId ?? config.clientId;
|
|
57
|
+
if (!clientId) {
|
|
58
|
+
throw new Error(`OAuth clientId required for ${provider}. Set cerebrum.providers.${provider}.oauth.clientId in config.`);
|
|
59
|
+
}
|
|
60
|
+
const clientSecret = options?.clientSecret ?? config.clientSecret;
|
|
61
|
+
// Step 1: Request device code
|
|
62
|
+
const deviceRes = await fetch(config.deviceCodeUrl, {
|
|
63
|
+
method: 'POST',
|
|
64
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
65
|
+
body: new URLSearchParams({
|
|
66
|
+
client_id: clientId,
|
|
67
|
+
scope: config.scopes.join(' '),
|
|
68
|
+
}),
|
|
69
|
+
});
|
|
70
|
+
if (!deviceRes.ok) {
|
|
71
|
+
const body = await deviceRes.text();
|
|
72
|
+
throw new Error(`Device code request failed: ${deviceRes.status} ${body}`);
|
|
73
|
+
}
|
|
74
|
+
const deviceData = (await deviceRes.json());
|
|
75
|
+
const deviceCode = deviceData.device_code;
|
|
76
|
+
const userCode = deviceData.user_code;
|
|
77
|
+
const verificationUri = deviceData.verification_uri;
|
|
78
|
+
const expiresIn = deviceData.expires_in ?? 300;
|
|
79
|
+
let interval = (deviceData.interval ?? 5) * 1000;
|
|
80
|
+
options?.onUserCode?.(userCode, verificationUri);
|
|
81
|
+
// Step 2: Poll for token
|
|
82
|
+
const deadline = Date.now() + expiresIn * 1000;
|
|
83
|
+
while (Date.now() < deadline) {
|
|
84
|
+
await new Promise((r) => setTimeout(r, interval));
|
|
85
|
+
const params = {
|
|
86
|
+
grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
|
|
87
|
+
device_code: deviceCode,
|
|
88
|
+
client_id: clientId,
|
|
89
|
+
};
|
|
90
|
+
if (clientSecret)
|
|
91
|
+
params.client_secret = clientSecret;
|
|
92
|
+
const tokenRes = await fetch(config.tokenUrl, {
|
|
93
|
+
method: 'POST',
|
|
94
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
95
|
+
body: new URLSearchParams(params),
|
|
96
|
+
});
|
|
97
|
+
const tokenData = (await tokenRes.json());
|
|
98
|
+
if (tokenRes.ok) {
|
|
99
|
+
return {
|
|
100
|
+
accessToken: tokenData.access_token,
|
|
101
|
+
refreshToken: tokenData.refresh_token,
|
|
102
|
+
expiresAt: Date.now() + (tokenData.expires_in ?? 3600) * 1000,
|
|
103
|
+
tokenType: tokenData.token_type ?? 'bearer',
|
|
104
|
+
scope: tokenData.scope,
|
|
105
|
+
clientId,
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
const error = tokenData.error;
|
|
109
|
+
if (error === 'authorization_pending')
|
|
110
|
+
continue;
|
|
111
|
+
if (error === 'slow_down') {
|
|
112
|
+
interval += 5000;
|
|
113
|
+
continue;
|
|
114
|
+
}
|
|
115
|
+
throw new Error(`Device code flow failed: ${error}`);
|
|
116
|
+
}
|
|
117
|
+
throw new Error('Device code flow timed out');
|
|
118
|
+
}
|
|
119
|
+
function manualCodeEntry(expectedState) {
|
|
120
|
+
return new Promise((resolve, reject) => {
|
|
121
|
+
const rl = createInterface({ input: process.stdin, output: process.stderr });
|
|
122
|
+
rl.question('\nPaste the redirect URL from your browser: ', (input) => {
|
|
123
|
+
rl.close();
|
|
124
|
+
try {
|
|
125
|
+
const url = new URL(input.trim());
|
|
126
|
+
const code = url.searchParams.get('code');
|
|
127
|
+
const state = url.searchParams.get('state');
|
|
128
|
+
const error = url.searchParams.get('error');
|
|
129
|
+
if (error) {
|
|
130
|
+
reject(new Error(`OAuth error: ${error}`));
|
|
131
|
+
return;
|
|
132
|
+
}
|
|
133
|
+
if (state !== expectedState) {
|
|
134
|
+
reject(new Error('OAuth state mismatch — possible CSRF attack'));
|
|
135
|
+
return;
|
|
136
|
+
}
|
|
137
|
+
if (!code) {
|
|
138
|
+
reject(new Error('No authorization code in URL'));
|
|
139
|
+
return;
|
|
140
|
+
}
|
|
141
|
+
resolve(code);
|
|
142
|
+
}
|
|
143
|
+
catch {
|
|
144
|
+
reject(new Error(`Invalid URL: ${input}`));
|
|
145
|
+
}
|
|
146
|
+
});
|
|
147
|
+
});
|
|
148
|
+
}
|
|
149
|
+
function startCallbackServer(config, expectedState, onListening) {
|
|
150
|
+
return new Promise((resolve, reject) => {
|
|
151
|
+
let settled = false;
|
|
152
|
+
const settle = (fn) => {
|
|
153
|
+
if (!settled) {
|
|
154
|
+
settled = true;
|
|
155
|
+
fn();
|
|
156
|
+
}
|
|
157
|
+
};
|
|
158
|
+
const server = createServer((req, res) => {
|
|
159
|
+
const url = new URL(req.url, `http://localhost:${config.callbackPort}`);
|
|
160
|
+
if (url.pathname !== config.callbackPath) {
|
|
161
|
+
res.writeHead(404);
|
|
162
|
+
res.end();
|
|
163
|
+
return;
|
|
164
|
+
}
|
|
165
|
+
const code = url.searchParams.get('code');
|
|
166
|
+
const state = url.searchParams.get('state');
|
|
167
|
+
const error = url.searchParams.get('error');
|
|
168
|
+
if (error) {
|
|
169
|
+
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
170
|
+
res.end('<h2>Authorization failed</h2><p>You can close this tab.</p>');
|
|
171
|
+
server.close();
|
|
172
|
+
settle(() => reject(new Error(`OAuth error: ${error}`)));
|
|
173
|
+
return;
|
|
174
|
+
}
|
|
175
|
+
if (state !== expectedState) {
|
|
176
|
+
res.writeHead(400, { 'Content-Type': 'text/html' });
|
|
177
|
+
res.end('<h2>Invalid state</h2>');
|
|
178
|
+
server.close();
|
|
179
|
+
settle(() => reject(new Error('OAuth state mismatch')));
|
|
180
|
+
return;
|
|
181
|
+
}
|
|
182
|
+
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
183
|
+
res.end('<h2>Authorized!</h2><p>You can close this tab and return to CereWorker.</p>');
|
|
184
|
+
server.close();
|
|
185
|
+
settle(() => resolve(code));
|
|
186
|
+
});
|
|
187
|
+
server.listen(config.callbackPort, () => {
|
|
188
|
+
onListening();
|
|
189
|
+
});
|
|
190
|
+
const timeout = setTimeout(() => {
|
|
191
|
+
server.close();
|
|
192
|
+
settle(() => reject(new Error('OAuth callback timed out (5 minutes)')));
|
|
193
|
+
}, 300_000);
|
|
194
|
+
server.on('close', () => clearTimeout(timeout));
|
|
195
|
+
});
|
|
196
|
+
}
|
|
197
|
+
async function exchangeCode(config, code, codeVerifier, clientId, clientSecret) {
|
|
198
|
+
const params = {
|
|
199
|
+
grant_type: 'authorization_code',
|
|
200
|
+
code,
|
|
201
|
+
redirect_uri: `http://localhost:${config.callbackPort}${config.callbackPath}`,
|
|
202
|
+
client_id: clientId,
|
|
203
|
+
code_verifier: codeVerifier,
|
|
204
|
+
};
|
|
205
|
+
if (clientSecret)
|
|
206
|
+
params.client_secret = clientSecret;
|
|
207
|
+
const res = await fetch(config.tokenUrl, {
|
|
208
|
+
method: 'POST',
|
|
209
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
210
|
+
body: new URLSearchParams(params),
|
|
211
|
+
});
|
|
212
|
+
if (!res.ok) {
|
|
213
|
+
const body = await res.text();
|
|
214
|
+
throw new Error(`Token exchange failed: ${res.status} ${body}`);
|
|
215
|
+
}
|
|
216
|
+
const data = (await res.json());
|
|
217
|
+
return {
|
|
218
|
+
accessToken: data.access_token,
|
|
219
|
+
refreshToken: data.refresh_token,
|
|
220
|
+
expiresAt: Date.now() + (data.expires_in ?? 3600) * 1000,
|
|
221
|
+
tokenType: data.token_type ?? 'bearer',
|
|
222
|
+
scope: data.scope,
|
|
223
|
+
};
|
|
224
|
+
}
|
|
225
|
+
//# sourceMappingURL=flow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"flow.js","sourceRoot":"","sources":["../../src/oauth/flow.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAe,MAAM,WAAW,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,eAAe,EAA8C,MAAM,YAAY,CAAC;AACzF,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AAQ/F,MAAM,UAAU,mBAAmB;IACjC,OAAO,CAAC,CAAC,CACP,OAAO,CAAC,GAAG,CAAC,cAAc;QAC1B,OAAO,CAAC,GAAG,CAAC,UAAU;QACtB,OAAO,CAAC,GAAG,CAAC,eAAe;QAC3B,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAC9B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAgB,EAChB,OAA0B;IAE1B,MAAM,MAAM,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;IAE1E,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC;IACtD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CACb,+BAA+B,QAAQ,4BAA4B,QAAQ,4BAA4B,CACxG,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,MAAM,CAAC,YAAY,CAAC;IAElE,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAC;IAC5C,MAAM,aAAa,GAAG,qBAAqB,CAAC,YAAY,CAAC,CAAC;IAE1D,mDAAmD;IACnD,MAAM,OAAO,GAAG,qBAAqB,CAAC,MAAM,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;IAErF,IAAI,IAAY,CAAC;IACjB,IAAI,mBAAmB,EAAE,EAAE,CAAC;QAC1B,OAAO,EAAE,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC;QAC5B,IAAI,GAAG,MAAM,eAAe,CAAC,YAAY,CAAC,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,IAAI,GAAG,MAAM,mBAAmB,CAAC,MAAM,EAAE,YAAY,EAAE,GAAG,EAAE;YAC1D,OAAO,EAAE,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACtF,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,OAAO,MAAM,CAAC;AAChB,CAAC;AAQD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,OAA+B;IAE/B,MAAM,MAAM,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;IAC1E,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,YAAY,QAAQ,oCAAoC,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC;IACtD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CACb,+BAA+B,QAAQ,4BAA4B,QAAQ,4BAA4B,CACxG,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,MAAM,CAAC,YAAY,CAAC;IAElE,8BAA8B;IAC9B,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE;QAClD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,SAAS,EAAE,QAAQ;YACnB,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;SAC/B,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;QAClB,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,+BAA+B,SAAS,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,CAA4B,CAAC;IACvE,MAAM,UAAU,GAAG,UAAU,CAAC,WAAqB,CAAC;IACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,SAAmB,CAAC;IAChD,MAAM,eAAe,GAAG,UAAU,CAAC,gBAA0B,CAAC;IAC9D,MAAM,SAAS,GAAI,UAAU,CAAC,UAAqB,IAAI,GAAG,CAAC;IAC3D,IAAI,QAAQ,GAAG,CAAE,UAAU,CAAC,QAAmB,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;IAE7D,OAAO,EAAE,UAAU,EAAE,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAEjD,yBAAyB;IACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,IAAI,CAAC;IAE/C,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;QAElD,MAAM,MAAM,GAA2B;YACrC,UAAU,EAAE,8CAA8C;YAC1D,WAAW,EAAE,UAAU;YACvB,SAAS,EAAE,QAAQ;SACpB,CAAC;QACF,IAAI,YAAY;YAAE,MAAM,CAAC,aAAa,GAAG,YAAY,CAAC;QAEtD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE;YAC5C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,eAAe,CAAC,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;QAErE,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO;gBACL,WAAW,EAAE,SAAS,CAAC,YAAsB;gBAC7C,YAAY,EAAE,SAAS,CAAC,aAAmC;gBAC3D,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAE,SAAS,CAAC,UAAqB,IAAI,IAAI,CAAC,GAAG,IAAI;gBACzE,SAAS,EAAG,SAAS,CAAC,UAAqB,IAAI,QAAQ;gBACvD,KAAK,EAAE,SAAS,CAAC,KAA2B;gBAC5C,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,SAAS,CAAC,KAAe,CAAC;QACxC,IAAI,KAAK,KAAK,uBAAuB;YAAE,SAAS;QAChD,IAAI,KAAK,KAAK,WAAW,EAAE,CAAC;YAC1B,QAAQ,IAAI,IAAI,CAAC;YACjB,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,eAAe,CAAC,aAAqB;IAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;QAE7E,EAAE,CAAC,QAAQ,CACT,8CAA8C,EAC9C,CAAC,KAAK,EAAE,EAAE;YACR,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAClC,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC5C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAE5C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC,CAAC;oBAC3C,OAAO;gBACT,CAAC;gBACD,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;oBAC5B,MAAM,CAAC,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC,CAAC;oBACjE,OAAO;gBACT,CAAC;gBACD,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,MAAM,CAAC,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC,CAAC;oBAClD,OAAO;gBACT,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAC1B,MAA2B,EAC3B,aAAqB,EACrB,WAAuB;IAEvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,MAAM,MAAM,GAAG,CAAC,EAAc,EAAE,EAAE;YAChC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,GAAG,IAAI,CAAC;gBACf,EAAE,EAAE,CAAC;YACP,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,MAAM,GAAW,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YAC/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAI,EAAE,oBAAoB,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;YACzE,IAAI,GAAG,CAAC,QAAQ,KAAK,MAAM,CAAC,YAAY,EAAE,CAAC;gBACzC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,EAAE,CAAC;gBACV,OAAO;YACT,CAAC;YAED,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC5C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAE5C,IAAI,KAAK,EAAE,CAAC;gBACV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;gBACvE,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;gBACzD,OAAO;YACT,CAAC;YAED,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;gBAC5B,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;gBAClC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;gBACxD,OAAO;YACT,CAAC;YAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;YACpD,GAAG,CAAC,GAAG,CAAC,6EAA6E,CAAC,CAAC;YACvF,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAK,CAAC,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,GAAG,EAAE;YACtC,WAAW,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC,EAAE,OAAO,CAAC,CAAC;QAEZ,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,MAA2B,EAC3B,IAAY,EACZ,YAAoB,EACpB,QAAgB,EAChB,YAAqB;IAErB,MAAM,MAAM,GAA2B;QACrC,UAAU,EAAE,oBAAoB;QAChC,IAAI;QACJ,YAAY,EAAE,oBAAoB,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,EAAE;QAC7E,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;KAC5B,CAAC;IACF,IAAI,YAAY;QAAE,MAAM,CAAC,aAAa,GAAG,YAAY,CAAC;IAEtD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE;QACvC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC,MAAM,CAAC;KAClC,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA4B,CAAC;IAC3D,OAAO;QACL,WAAW,EAAE,IAAI,CAAC,YAAsB;QACxC,YAAY,EAAE,IAAI,CAAC,aAAmC;QACtD,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAE,IAAI,CAAC,UAAiC,IAAI,IAAI,CAAC,GAAG,IAAI;QAChF,SAAS,EAAG,IAAI,CAAC,UAAiC,IAAI,QAAQ;QAC9D,KAAK,EAAE,IAAI,CAAC,KAA2B;KACxC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export { OAUTH_PROVIDERS, type OAuthProviderConfig, type OAuthTokens } from './types.js';
|
|
2
|
+
export { generateCodeVerifier, generateCodeChallenge, buildAuthorizationUrl } from './pkce.js';
|
|
3
|
+
export { TokenStore, refreshAccessToken } from './token-store.js';
|
|
4
|
+
export { runOAuthFlow, runDeviceCodeFlow, isRemoteEnvironment, type OAuthFlowOptions, type DeviceCodeFlowOptions, } from './flow.js';
|
|
5
|
+
export { loginOpenAI, loginGoogle, refreshOpenAIToken, refreshGoogleToken, type PiAuthCallbacks, } from './pi-auth.js';
|
|
6
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,KAAK,mBAAmB,EAAE,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AACzF,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AAC/F,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,mBAAmB,EACnB,KAAK,gBAAgB,EACrB,KAAK,qBAAqB,GAC3B,MAAM,WAAW,CAAC;AACnB,OAAO,EACL,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,kBAAkB,EAClB,KAAK,eAAe,GACrB,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export { OAUTH_PROVIDERS } from './types.js';
|
|
2
|
+
export { generateCodeVerifier, generateCodeChallenge, buildAuthorizationUrl } from './pkce.js';
|
|
3
|
+
export { TokenStore, refreshAccessToken } from './token-store.js';
|
|
4
|
+
export { runOAuthFlow, runDeviceCodeFlow, isRemoteEnvironment, } from './flow.js';
|
|
5
|
+
export { loginOpenAI, loginGoogle, refreshOpenAIToken, refreshGoogleToken, } from './pi-auth.js';
|
|
6
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/oauth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAA8C,MAAM,YAAY,CAAC;AACzF,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AAC/F,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,mBAAmB,GAGpB,MAAM,WAAW,CAAC;AACnB,OAAO,EACL,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,kBAAkB,GAEnB,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Thin wrappers around @mariozechner/pi-ai OAuth login & refresh functions.
|
|
3
|
+
* Converts pi-ai credential format to CereWorker OAuthTokens.
|
|
4
|
+
*/
|
|
5
|
+
import type { OAuthTokens } from './types.js';
|
|
6
|
+
export interface PiAuthCallbacks {
|
|
7
|
+
onAuth: (url: string, instructions?: string) => void;
|
|
8
|
+
onPrompt?: (message: string) => Promise<string>;
|
|
9
|
+
onProgress?: (message: string) => void;
|
|
10
|
+
onManualCodeInput?: () => Promise<string>;
|
|
11
|
+
}
|
|
12
|
+
export declare function loginOpenAI(callbacks: PiAuthCallbacks): Promise<OAuthTokens>;
|
|
13
|
+
export declare function loginGoogle(callbacks: PiAuthCallbacks): Promise<OAuthTokens>;
|
|
14
|
+
export declare function refreshOpenAIToken(refreshToken: string): Promise<OAuthTokens>;
|
|
15
|
+
export declare function refreshGoogleToken(refreshToken: string, projectId: string): Promise<OAuthTokens>;
|
|
16
|
+
//# sourceMappingURL=pi-auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pi-auth.d.ts","sourceRoot":"","sources":["../../src/oauth/pi-auth.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAe9C,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;IACrD,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IACvC,iBAAiB,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;CAC3C;AAED,wBAAsB,WAAW,CAAC,SAAS,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,CAAC,CAYlF;AAED,wBAAsB,WAAW,CAAC,SAAS,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,CAAC,CAQlF;AAED,wBAAsB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAGnF;AAED,wBAAsB,kBAAkB,CACtC,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,WAAW,CAAC,CAGtB"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
function toTokens(creds) {
|
|
2
|
+
return {
|
|
3
|
+
accessToken: creds.access,
|
|
4
|
+
refreshToken: creds.refresh,
|
|
5
|
+
expiresAt: creds.expires,
|
|
6
|
+
tokenType: 'bearer',
|
|
7
|
+
email: creds.email,
|
|
8
|
+
projectId: creds.projectId,
|
|
9
|
+
};
|
|
10
|
+
}
|
|
11
|
+
export async function loginOpenAI(callbacks) {
|
|
12
|
+
const { loginOpenAICodex } = await import('@mariozechner/pi-ai/oauth');
|
|
13
|
+
const creds = await loginOpenAICodex({
|
|
14
|
+
onAuth: (info) => callbacks.onAuth(info.url, info.instructions),
|
|
15
|
+
onPrompt: async (prompt) => {
|
|
16
|
+
if (!callbacks.onPrompt)
|
|
17
|
+
throw new Error('Manual input required but no prompt handler');
|
|
18
|
+
return callbacks.onPrompt(prompt.message);
|
|
19
|
+
},
|
|
20
|
+
onProgress: callbacks.onProgress,
|
|
21
|
+
onManualCodeInput: callbacks.onManualCodeInput,
|
|
22
|
+
});
|
|
23
|
+
return toTokens(creds);
|
|
24
|
+
}
|
|
25
|
+
export async function loginGoogle(callbacks) {
|
|
26
|
+
const { loginGeminiCli } = await import('@mariozechner/pi-ai/oauth');
|
|
27
|
+
const creds = await loginGeminiCli((info) => callbacks.onAuth(info.url, info.instructions), callbacks.onProgress, callbacks.onManualCodeInput);
|
|
28
|
+
return toTokens(creds);
|
|
29
|
+
}
|
|
30
|
+
export async function refreshOpenAIToken(refreshToken) {
|
|
31
|
+
const { refreshOpenAICodexToken } = await import('@mariozechner/pi-ai/oauth');
|
|
32
|
+
return toTokens(await refreshOpenAICodexToken(refreshToken));
|
|
33
|
+
}
|
|
34
|
+
export async function refreshGoogleToken(refreshToken, projectId) {
|
|
35
|
+
const { refreshGoogleCloudToken } = await import('@mariozechner/pi-ai/oauth');
|
|
36
|
+
return toTokens(await refreshGoogleCloudToken(refreshToken, projectId));
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=pi-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pi-auth.js","sourceRoot":"","sources":["../../src/oauth/pi-auth.ts"],"names":[],"mappings":"AAQA,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO;QACL,WAAW,EAAE,KAAK,CAAC,MAAM;QACzB,YAAY,EAAE,KAAK,CAAC,OAAO;QAC3B,SAAS,EAAE,KAAK,CAAC,OAAO;QACxB,SAAS,EAAE,QAAQ;QACnB,KAAK,EAAE,KAAK,CAAC,KAA2B;QACxC,SAAS,EAAE,KAAK,CAAC,SAA+B;KACjD,CAAC;AACJ,CAAC;AASD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,SAA0B;IAC1D,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,2BAA2B,CAAC,CAAC;IACvE,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC;QACnC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC;QAC/D,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE;YACzB,IAAI,CAAC,SAAS,CAAC,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACxF,OAAO,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;QACD,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,iBAAiB,EAAE,SAAS,CAAC,iBAAiB;KAC/C,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,SAA0B;IAC1D,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,MAAM,CAAC,2BAA2B,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG,MAAM,cAAc,CAChC,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,EACvD,SAAS,CAAC,UAAU,EACpB,SAAS,CAAC,iBAAiB,CAC5B,CAAC;IACF,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,YAAoB;IAC3D,MAAM,EAAE,uBAAuB,EAAE,GAAG,MAAM,MAAM,CAAC,2BAA2B,CAAC,CAAC;IAC9E,OAAO,QAAQ,CAAC,MAAM,uBAAuB,CAAC,YAAY,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,YAAoB,EACpB,SAAiB;IAEjB,MAAM,EAAE,uBAAuB,EAAE,GAAG,MAAM,MAAM,CAAC,2BAA2B,CAAC,CAAC;IAC9E,OAAO,QAAQ,CAAC,MAAM,uBAAuB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;AAC1E,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import type { OAuthProviderConfig } from './types.js';
|
|
2
|
+
export declare function generateCodeVerifier(): string;
|
|
3
|
+
export declare function generateCodeChallenge(verifier: string): string;
|
|
4
|
+
export declare function buildAuthorizationUrl(config: OAuthProviderConfig, codeChallenge: string, state: string, clientIdOverride?: string): string;
|
|
5
|
+
//# sourceMappingURL=pkce.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pkce.d.ts","sourceRoot":"","sources":["../../src/oauth/pkce.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAEtD,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAED,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED,wBAAgB,qBAAqB,CACnC,MAAM,EAAE,mBAAmB,EAC3B,aAAa,EAAE,MAAM,EACrB,KAAK,EAAE,MAAM,EACb,gBAAgB,CAAC,EAAE,MAAM,GACxB,MAAM,CAWR"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { randomBytes, createHash } from 'node:crypto';
|
|
2
|
+
export function generateCodeVerifier() {
|
|
3
|
+
return randomBytes(32).toString('base64url');
|
|
4
|
+
}
|
|
5
|
+
export function generateCodeChallenge(verifier) {
|
|
6
|
+
return createHash('sha256').update(verifier).digest('base64url');
|
|
7
|
+
}
|
|
8
|
+
export function buildAuthorizationUrl(config, codeChallenge, state, clientIdOverride) {
|
|
9
|
+
const params = new URLSearchParams({
|
|
10
|
+
response_type: 'code',
|
|
11
|
+
client_id: clientIdOverride ?? config.clientId,
|
|
12
|
+
redirect_uri: `http://localhost:${config.callbackPort}${config.callbackPath}`,
|
|
13
|
+
code_challenge: codeChallenge,
|
|
14
|
+
code_challenge_method: 'S256',
|
|
15
|
+
scope: config.scopes.join(' '),
|
|
16
|
+
state,
|
|
17
|
+
});
|
|
18
|
+
return `${config.authorizationUrl}?${params}`;
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=pkce.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pkce.js","sourceRoot":"","sources":["../../src/oauth/pkce.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGtD,MAAM,UAAU,oBAAoB;IAClC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,MAA2B,EAC3B,aAAqB,EACrB,KAAa,EACb,gBAAyB;IAEzB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;QACjC,aAAa,EAAE,MAAM;QACrB,SAAS,EAAE,gBAAgB,IAAI,MAAM,CAAC,QAAQ;QAC9C,YAAY,EAAE,oBAAoB,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,EAAE;QAC7E,cAAc,EAAE,aAAa;QAC7B,qBAAqB,EAAE,MAAM;QAC7B,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;QAC9B,KAAK;KACN,CAAC,CAAC;IACH,OAAO,GAAG,MAAM,CAAC,gBAAgB,IAAI,MAAM,EAAE,CAAC;AAChD,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { OAuthProviderConfig, OAuthTokens } from './types.js';
|
|
2
|
+
export declare class TokenStore {
|
|
3
|
+
private dir;
|
|
4
|
+
constructor(dir?: string);
|
|
5
|
+
save(provider: string, tokens: OAuthTokens): void;
|
|
6
|
+
load(provider: string): OAuthTokens | null;
|
|
7
|
+
delete(provider: string): void;
|
|
8
|
+
isExpired(tokens: OAuthTokens, bufferMs?: number): boolean;
|
|
9
|
+
}
|
|
10
|
+
export declare function refreshAccessToken(providerConfig: OAuthProviderConfig, refreshToken: string, clientId?: string, clientSecret?: string): Promise<OAuthTokens>;
|
|
11
|
+
//# sourceMappingURL=token-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../../src/oauth/token-store.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAInE,qBAAa,UAAU;IACrB,OAAO,CAAC,GAAG,CAAS;gBAER,GAAG,CAAC,EAAE,MAAM;IAIxB,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,IAAI;IASjD,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAM1C,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAK9B,SAAS,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,SAAU,GAAG,OAAO;CAG5D;AAED,wBAAsB,kBAAkB,CACtC,cAAc,EAAE,mBAAmB,EACnC,YAAY,EAAE,MAAM,EACpB,QAAQ,CAAC,EAAE,MAAM,EACjB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,WAAW,CAAC,CA4BtB"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import { homedir } from 'node:os';
|
|
2
|
+
import { join } from 'node:path';
|
|
3
|
+
import { readFileSync, writeFileSync, mkdirSync, existsSync, unlinkSync } from 'node:fs';
|
|
4
|
+
const DEFAULT_OAUTH_DIR = join(homedir(), '.cereworker', 'oauth');
|
|
5
|
+
export class TokenStore {
|
|
6
|
+
dir;
|
|
7
|
+
constructor(dir) {
|
|
8
|
+
this.dir = dir ?? DEFAULT_OAUTH_DIR;
|
|
9
|
+
}
|
|
10
|
+
save(provider, tokens) {
|
|
11
|
+
mkdirSync(this.dir, { recursive: true });
|
|
12
|
+
writeFileSync(join(this.dir, `${provider}.json`), JSON.stringify(tokens, null, 2), { mode: 0o600 });
|
|
13
|
+
}
|
|
14
|
+
load(provider) {
|
|
15
|
+
const path = join(this.dir, `${provider}.json`);
|
|
16
|
+
if (!existsSync(path))
|
|
17
|
+
return null;
|
|
18
|
+
return JSON.parse(readFileSync(path, 'utf-8'));
|
|
19
|
+
}
|
|
20
|
+
delete(provider) {
|
|
21
|
+
const path = join(this.dir, `${provider}.json`);
|
|
22
|
+
if (existsSync(path))
|
|
23
|
+
unlinkSync(path);
|
|
24
|
+
}
|
|
25
|
+
isExpired(tokens, bufferMs = 300_000) {
|
|
26
|
+
return Date.now() >= tokens.expiresAt - bufferMs;
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
export async function refreshAccessToken(providerConfig, refreshToken, clientId, clientSecret) {
|
|
30
|
+
const params = {
|
|
31
|
+
grant_type: 'refresh_token',
|
|
32
|
+
refresh_token: refreshToken,
|
|
33
|
+
client_id: clientId ?? providerConfig.clientId,
|
|
34
|
+
};
|
|
35
|
+
const secret = clientSecret ?? providerConfig.clientSecret;
|
|
36
|
+
if (secret)
|
|
37
|
+
params.client_secret = secret;
|
|
38
|
+
const res = await fetch(providerConfig.tokenUrl, {
|
|
39
|
+
method: 'POST',
|
|
40
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
41
|
+
body: new URLSearchParams(params),
|
|
42
|
+
});
|
|
43
|
+
if (!res.ok) {
|
|
44
|
+
const body = await res.text();
|
|
45
|
+
throw new Error(`Token refresh failed: ${res.status} ${body}`);
|
|
46
|
+
}
|
|
47
|
+
const data = (await res.json());
|
|
48
|
+
return {
|
|
49
|
+
accessToken: data.access_token,
|
|
50
|
+
refreshToken: data.refresh_token ?? refreshToken,
|
|
51
|
+
expiresAt: Date.now() + (data.expires_in ?? 3600) * 1000,
|
|
52
|
+
tokenType: data.token_type ?? 'bearer',
|
|
53
|
+
scope: data.scope,
|
|
54
|
+
};
|
|
55
|
+
}
|
|
56
|
+
//# sourceMappingURL=token-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-store.js","sourceRoot":"","sources":["../../src/oauth/token-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAGzF,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,OAAO,CAAC,CAAC;AAElE,MAAM,OAAO,UAAU;IACb,GAAG,CAAS;IAEpB,YAAY,GAAY;QACtB,IAAI,CAAC,GAAG,GAAG,GAAG,IAAI,iBAAiB,CAAC;IACtC,CAAC;IAED,IAAI,CAAC,QAAgB,EAAE,MAAmB;QACxC,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzC,aAAa,CACX,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,OAAO,CAAC,EAClC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAC/B,EAAE,IAAI,EAAE,KAAK,EAAE,CAChB,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAgB;QACnB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,CAAC,QAAgB;QACrB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,OAAO,CAAC,CAAC;QAChD,IAAI,UAAU,CAAC,IAAI,CAAC;YAAE,UAAU,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,SAAS,CAAC,MAAmB,EAAE,QAAQ,GAAG,OAAO;QAC/C,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,SAAS,GAAG,QAAQ,CAAC;IACnD,CAAC;CACF;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,cAAmC,EACnC,YAAoB,EACpB,QAAiB,EACjB,YAAqB;IAErB,MAAM,MAAM,GAA2B;QACrC,UAAU,EAAE,eAAe;QAC3B,aAAa,EAAE,YAAY;QAC3B,SAAS,EAAE,QAAQ,IAAI,cAAc,CAAC,QAAQ;KAC/C,CAAC;IACF,MAAM,MAAM,GAAG,YAAY,IAAI,cAAc,CAAC,YAAY,CAAC;IAC3D,IAAI,MAAM;QAAE,MAAM,CAAC,aAAa,GAAG,MAAM,CAAC;IAE1C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,cAAc,CAAC,QAAQ,EAAE;QAC/C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC,MAAM,CAAC;KAClC,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA4B,CAAC;IAC3D,OAAO;QACL,WAAW,EAAE,IAAI,CAAC,YAAsB;QACxC,YAAY,EAAG,IAAI,CAAC,aAAoC,IAAI,YAAY;QACxE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAE,IAAI,CAAC,UAAiC,IAAI,IAAI,CAAC,GAAG,IAAI;QAChF,SAAS,EAAG,IAAI,CAAC,UAAiC,IAAI,QAAQ;QAC9D,KAAK,EAAE,IAAI,CAAC,KAA2B;KACxC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
export interface OAuthProviderConfig {
|
|
2
|
+
authorizationUrl: string;
|
|
3
|
+
tokenUrl: string;
|
|
4
|
+
clientId: string;
|
|
5
|
+
clientSecret?: string;
|
|
6
|
+
deviceCodeUrl?: string;
|
|
7
|
+
scopes: string[];
|
|
8
|
+
callbackPort: number;
|
|
9
|
+
callbackPath: string;
|
|
10
|
+
}
|
|
11
|
+
export interface OAuthTokens {
|
|
12
|
+
accessToken: string;
|
|
13
|
+
refreshToken?: string;
|
|
14
|
+
expiresAt: number;
|
|
15
|
+
tokenType: string;
|
|
16
|
+
scope?: string;
|
|
17
|
+
clientId?: string;
|
|
18
|
+
email?: string;
|
|
19
|
+
projectId?: string;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Provider-specific OAuth endpoints.
|
|
23
|
+
* Users override clientId in their config (register their own OAuth app).
|
|
24
|
+
*/
|
|
25
|
+
export declare const OAUTH_PROVIDERS: Record<string, OAuthProviderConfig>;
|
|
26
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/oauth/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,mBAAmB;IAClC,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CAsB/D,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Provider-specific OAuth endpoints.
|
|
3
|
+
* Users override clientId in their config (register their own OAuth app).
|
|
4
|
+
*/
|
|
5
|
+
export const OAUTH_PROVIDERS = {
|
|
6
|
+
openai: {
|
|
7
|
+
authorizationUrl: 'https://auth0.openai.com/authorize',
|
|
8
|
+
tokenUrl: 'https://auth0.openai.com/oauth/token',
|
|
9
|
+
clientId: '', // Must be provided by user in config
|
|
10
|
+
scopes: ['openai.organization.read', 'openai.api'],
|
|
11
|
+
callbackPort: 18888,
|
|
12
|
+
callbackPath: '/callback',
|
|
13
|
+
},
|
|
14
|
+
google: {
|
|
15
|
+
authorizationUrl: 'https://accounts.google.com/o/oauth2/v2/auth',
|
|
16
|
+
tokenUrl: 'https://oauth2.googleapis.com/token',
|
|
17
|
+
clientId: '',
|
|
18
|
+
deviceCodeUrl: 'https://oauth2.googleapis.com/device/code',
|
|
19
|
+
scopes: [
|
|
20
|
+
'https://www.googleapis.com/auth/cloud-platform',
|
|
21
|
+
'https://www.googleapis.com/auth/userinfo.email',
|
|
22
|
+
'https://www.googleapis.com/auth/userinfo.profile',
|
|
23
|
+
],
|
|
24
|
+
callbackPort: 18888,
|
|
25
|
+
callbackPath: '/callback',
|
|
26
|
+
},
|
|
27
|
+
};
|
|
28
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/oauth/types.ts"],"names":[],"mappings":"AAsBA;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAwC;IAClE,MAAM,EAAE;QACN,gBAAgB,EAAE,oCAAoC;QACtD,QAAQ,EAAE,sCAAsC;QAChD,QAAQ,EAAE,EAAE,EAAE,qCAAqC;QACnD,MAAM,EAAE,CAAC,0BAA0B,EAAE,YAAY,CAAC;QAClD,YAAY,EAAE,KAAK;QACnB,YAAY,EAAE,WAAW;KAC1B;IACD,MAAM,EAAE;QACN,gBAAgB,EAAE,8CAA8C;QAChE,QAAQ,EAAE,qCAAqC;QAC/C,QAAQ,EAAE,EAAE;QACZ,aAAa,EAAE,2CAA2C;QAC1D,MAAM,EAAE;YACN,gDAAgD;YAChD,gDAAgD;YAChD,kDAAkD;SACnD;QACD,YAAY,EAAE,KAAK;QACnB,YAAY,EAAE,WAAW;KAC1B;CACF,CAAC"}
|
package/dist/provider.d.ts
CHANGED
|
@@ -5,7 +5,9 @@ export declare class CerebrumProvider {
|
|
|
5
5
|
private config;
|
|
6
6
|
private builtinTools;
|
|
7
7
|
private retryOptions;
|
|
8
|
+
private tokenStore;
|
|
8
9
|
constructor(config: CerebrumConfig, shellConfig?: Partial<import('./tools/shell.js').ShellToolConfig>, retryOptions?: RetryOptions);
|
|
10
|
+
private resolveApiKey;
|
|
9
11
|
private getModel;
|
|
10
12
|
private convertMessages;
|
|
11
13
|
stream(messages: Message[], callbacks: StreamCallbacks, options?: {
|
package/dist/provider.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../src/provider.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,cAAc,EAAkB,eAAe,EAAE,MAAM,YAAY,CAAC;AAElF,OAAO,EAAa,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../src/provider.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,KAAK,EAAE,cAAc,EAAkB,eAAe,EAAE,MAAM,YAAY,CAAC;AAElF,OAAO,EAAa,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;AAK1D,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,UAAU,CAAoB;gBAGpC,MAAM,EAAE,cAAc,EACtB,WAAW,CAAC,EAAE,OAAO,CAAC,OAAO,kBAAkB,EAAE,eAAe,CAAC,EACjE,YAAY,CAAC,EAAE,YAAY;YAOf,aAAa;YA6Cb,QAAQ;IAwCtB,OAAO,CAAC,eAAe;IA2BjB,MAAM,CACV,QAAQ,EAAE,OAAO,EAAE,EACnB,SAAS,EAAE,eAAe,EAC1B,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GACxF,OAAO,CAAC,IAAI,CAAC;IAwDhB,kBAAkB,IAAI,MAAM;IAI5B,eAAe,IAAI,MAAM;IAIzB,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAInC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAI7B;;;OAGG;IACG,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAgBrD,qDAAqD;IAC/C,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAYhD"}
|
package/dist/provider.js
CHANGED
|
@@ -5,45 +5,78 @@ import { createGoogleGenerativeAI } from '@ai-sdk/google';
|
|
|
5
5
|
import { createBuiltinTools } from './tools/index.js';
|
|
6
6
|
import { withRetry } from './retry.js';
|
|
7
7
|
import { buildCompactionPrompt } from './context.js';
|
|
8
|
+
import { TokenStore, refreshAccessToken, OAUTH_PROVIDERS } from './oauth/index.js';
|
|
9
|
+
import { refreshOpenAIToken, refreshGoogleToken } from './oauth/pi-auth.js';
|
|
8
10
|
export class CerebrumProvider {
|
|
9
11
|
config;
|
|
10
12
|
builtinTools;
|
|
11
13
|
retryOptions;
|
|
14
|
+
tokenStore = new TokenStore();
|
|
12
15
|
constructor(config, shellConfig, retryOptions) {
|
|
13
16
|
this.config = config;
|
|
14
17
|
this.builtinTools = createBuiltinTools(shellConfig);
|
|
15
18
|
this.retryOptions = retryOptions ?? {};
|
|
16
19
|
}
|
|
17
|
-
|
|
20
|
+
async resolveApiKey(providerName, providerConfig) {
|
|
21
|
+
if (providerConfig?.auth !== 'oauth') {
|
|
22
|
+
return providerConfig?.apiKey;
|
|
23
|
+
}
|
|
24
|
+
const tokens = this.tokenStore.load(providerName);
|
|
25
|
+
if (!tokens) {
|
|
26
|
+
throw new Error(`No OAuth tokens found for ${providerName}. Run: cereworker auth ${providerName}`);
|
|
27
|
+
}
|
|
28
|
+
if (this.tokenStore.isExpired(tokens)) {
|
|
29
|
+
if (!tokens.refreshToken) {
|
|
30
|
+
throw new Error(`OAuth token expired and no refresh token. Run: cereworker auth ${providerName}`);
|
|
31
|
+
}
|
|
32
|
+
let refreshed;
|
|
33
|
+
if (providerName === 'openai') {
|
|
34
|
+
refreshed = await refreshOpenAIToken(tokens.refreshToken);
|
|
35
|
+
}
|
|
36
|
+
else if (providerName === 'google') {
|
|
37
|
+
refreshed = await refreshGoogleToken(tokens.refreshToken, tokens.projectId ?? '');
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
const oauthConfig = OAUTH_PROVIDERS[providerName];
|
|
41
|
+
if (!oauthConfig)
|
|
42
|
+
throw new Error(`No OAuth config for ${providerName}`);
|
|
43
|
+
refreshed = await refreshAccessToken(oauthConfig, tokens.refreshToken, tokens.clientId ?? providerConfig.oauth?.clientId, providerConfig.oauth?.clientSecret);
|
|
44
|
+
}
|
|
45
|
+
this.tokenStore.save(providerName, refreshed);
|
|
46
|
+
return refreshed.accessToken;
|
|
47
|
+
}
|
|
48
|
+
return tokens.accessToken;
|
|
49
|
+
}
|
|
50
|
+
async getModel(provider, model) {
|
|
18
51
|
const providerName = provider ?? this.config.defaultProvider;
|
|
19
52
|
const modelName = model ?? this.config.defaultModel;
|
|
20
53
|
const providerConfig = this.config.providers[providerName];
|
|
54
|
+
const apiKey = await this.resolveApiKey(providerName, providerConfig);
|
|
21
55
|
switch (providerName) {
|
|
22
56
|
case 'anthropic': {
|
|
23
57
|
const anthropic = createAnthropic({
|
|
24
|
-
apiKey
|
|
58
|
+
apiKey,
|
|
25
59
|
...(providerConfig?.baseUrl ? { baseURL: providerConfig.baseUrl } : {}),
|
|
26
60
|
});
|
|
27
61
|
return anthropic(modelName);
|
|
28
62
|
}
|
|
29
63
|
case 'openai': {
|
|
30
64
|
const openai = createOpenAI({
|
|
31
|
-
apiKey
|
|
65
|
+
apiKey,
|
|
32
66
|
...(providerConfig?.baseUrl ? { baseURL: providerConfig.baseUrl } : {}),
|
|
33
67
|
});
|
|
34
68
|
return openai(modelName);
|
|
35
69
|
}
|
|
36
70
|
case 'google': {
|
|
37
71
|
const google = createGoogleGenerativeAI({
|
|
38
|
-
apiKey
|
|
72
|
+
apiKey,
|
|
39
73
|
...(providerConfig?.baseUrl ? { baseURL: providerConfig.baseUrl } : {}),
|
|
40
74
|
});
|
|
41
75
|
return google(modelName);
|
|
42
76
|
}
|
|
43
77
|
case 'local': {
|
|
44
|
-
// Local models via OpenAI-compatible API (e.g., Ollama, vLLM)
|
|
45
78
|
const local = createOpenAI({
|
|
46
|
-
apiKey:
|
|
79
|
+
apiKey: apiKey ?? 'not-needed',
|
|
47
80
|
baseURL: providerConfig?.baseUrl ?? 'http://localhost:11434/v1',
|
|
48
81
|
});
|
|
49
82
|
return local(providerConfig?.model ?? modelName);
|
|
@@ -79,12 +112,10 @@ export class CerebrumProvider {
|
|
|
79
112
|
});
|
|
80
113
|
}
|
|
81
114
|
async stream(messages, callbacks, options) {
|
|
82
|
-
// Extract system messages from the messages array for system prompt
|
|
83
115
|
const systemMessages = messages.filter((m) => m.role === 'system');
|
|
84
116
|
const nonSystemMessages = messages.filter((m) => m.role !== 'system');
|
|
85
|
-
const model = this.getModel(options?.provider, options?.model);
|
|
117
|
+
const model = await this.getModel(options?.provider, options?.model);
|
|
86
118
|
const coreMessages = this.convertMessages(nonSystemMessages);
|
|
87
|
-
// Build system prompt from explicit option + system messages
|
|
88
119
|
const systemParts = [];
|
|
89
120
|
if (options?.systemPrompt)
|
|
90
121
|
systemParts.push(options.systemPrompt);
|
|
@@ -125,7 +156,7 @@ export class CerebrumProvider {
|
|
|
125
156
|
}
|
|
126
157
|
catch (error) {
|
|
127
158
|
callbacks.onError(error instanceof Error ? error : new Error(String(error)));
|
|
128
|
-
throw error;
|
|
159
|
+
throw error;
|
|
129
160
|
}
|
|
130
161
|
}, this.retryOptions);
|
|
131
162
|
}
|
|
@@ -146,13 +177,13 @@ export class CerebrumProvider {
|
|
|
146
177
|
* Used for context window compaction.
|
|
147
178
|
*/
|
|
148
179
|
async summarize(messages) {
|
|
149
|
-
const model = this.getModel();
|
|
180
|
+
const model = await this.getModel();
|
|
150
181
|
const prompt = buildCompactionPrompt(messages);
|
|
151
182
|
const result = await withRetry(async () => {
|
|
152
183
|
const { text } = await generateText({
|
|
153
184
|
model,
|
|
154
185
|
prompt,
|
|
155
|
-
temperature: 0.3,
|
|
186
|
+
temperature: 0.3,
|
|
156
187
|
});
|
|
157
188
|
return text;
|
|
158
189
|
}, this.retryOptions);
|
|
@@ -160,7 +191,7 @@ export class CerebrumProvider {
|
|
|
160
191
|
}
|
|
161
192
|
/** Single-shot text generation from a raw prompt. */
|
|
162
193
|
async generate(prompt) {
|
|
163
|
-
const model = this.getModel();
|
|
194
|
+
const model = await this.getModel();
|
|
164
195
|
const result = await withRetry(async () => {
|
|
165
196
|
const { text } = await generateText({
|
|
166
197
|
model,
|
package/dist/provider.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"provider.js","sourceRoot":"","sources":["../src/provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAwC,MAAM,IAAI,CAAC;AACpF,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAG1D,OAAO,EAAE,kBAAkB,EAAqB,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,SAAS,EAAqB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"provider.js","sourceRoot":"","sources":["../src/provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAwC,MAAM,IAAI,CAAC;AACpF,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAG1D,OAAO,EAAE,kBAAkB,EAAqB,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,SAAS,EAAqB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAE5E,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAiB;IACvB,YAAY,CAAe;IAC3B,YAAY,CAAe;IAC3B,UAAU,GAAG,IAAI,UAAU,EAAE,CAAC;IAEtC,YACE,MAAsB,EACtB,WAAiE,EACjE,YAA2B;QAE3B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,YAAY,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;QACpD,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,EAAE,CAAC;IACzC,CAAC;IAEO,KAAK,CAAC,aAAa,CACzB,YAAoB,EACpB,cAA+B;QAE/B,IAAI,cAAc,EAAE,IAAI,KAAK,OAAO,EAAE,CAAC;YACrC,OAAO,cAAc,EAAE,MAAM,CAAC;QAChC,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAClD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CACb,6BAA6B,YAAY,0BAA0B,YAAY,EAAE,CAClF,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;YACtC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,IAAI,KAAK,CACb,kEAAkE,YAAY,EAAE,CACjF,CAAC;YACJ,CAAC;YAED,IAAI,SAAS,CAAC;YACd,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;gBAC9B,SAAS,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAC5D,CAAC;iBAAM,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;gBACrC,SAAS,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;YACpF,CAAC;iBAAM,CAAC;gBACN,MAAM,WAAW,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;gBAClD,IAAI,CAAC,WAAW;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,YAAY,EAAE,CAAC,CAAC;gBACzE,SAAS,GAAG,MAAM,kBAAkB,CAClC,WAAW,EACX,MAAM,CAAC,YAAY,EACnB,MAAM,CAAC,QAAQ,IAAI,cAAc,CAAC,KAAK,EAAE,QAAQ,EACjD,cAAc,CAAC,KAAK,EAAE,YAAY,CACnC,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;YAC9C,OAAO,SAAS,CAAC,WAAW,CAAC;QAC/B,CAAC;QAED,OAAO,MAAM,CAAC,WAAW,CAAC;IAC5B,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,QAAiB,EAAE,KAAc;QACtD,MAAM,YAAY,GAAG,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;QAC7D,MAAM,SAAS,GAAG,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;QACpD,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QAEtE,QAAQ,YAAY,EAAE,CAAC;YACrB,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,MAAM,SAAS,GAAG,eAAe,CAAC;oBAChC,MAAM;oBACN,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACxE,CAAC,CAAC;gBACH,OAAO,SAAS,CAAC,SAAS,CAAC,CAAC;YAC9B,CAAC;YACD,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,MAAM,GAAG,YAAY,CAAC;oBAC1B,MAAM;oBACN,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACxE,CAAC,CAAC;gBACH,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC;YAC3B,CAAC;YACD,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,MAAM,GAAG,wBAAwB,CAAC;oBACtC,MAAM;oBACN,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACxE,CAAC,CAAC;gBACH,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC;YAC3B,CAAC;YACD,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,MAAM,KAAK,GAAG,YAAY,CAAC;oBACzB,MAAM,EAAE,MAAM,IAAI,YAAY;oBAC9B,OAAO,EAAE,cAAc,EAAE,OAAO,IAAI,2BAA2B;iBAChE,CAAC,CAAC;gBACH,OAAO,KAAK,CAAC,cAAc,EAAE,KAAK,IAAI,SAAS,CAAC,CAAC;YACnD,CAAC;YACD;gBACE,MAAM,IAAI,KAAK,CAAC,qBAAqB,YAAY,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,QAAmB;QACzC,OAAO,QAAQ;aACZ,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC;aAC7D,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACT,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC;gBACf,KAAK,MAAM;oBACT,OAAO,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBACvD,KAAK,UAAU;oBACb,OAAO,EAAE,IAAI,EAAE,WAAoB,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC5D,KAAK,MAAM;oBACT,OAAO;wBACL,IAAI,EAAE,MAAe;wBACrB,OAAO,EAAE;4BACP;gCACE,IAAI,EAAE,aAAsB;gCAC5B,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,MAAM,IAAI,EAAE;gCACtC,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,QAAkB,IAAI,SAAS;gCACrD,MAAM,EAAE,CAAC,CAAC,OAAO;6BAClB;yBACF;qBACF,CAAC;gBACJ;oBACE,OAAO,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;YACzD,CAAC;QACH,CAAC,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,MAAM,CACV,QAAmB,EACnB,SAA0B,EAC1B,OAAyF;QAEzF,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QACnE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QAEtE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACrE,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,iBAAiB,CAAC,CAAC;QAE7D,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,IAAI,OAAO,EAAE,YAAY;YAAE,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAClE,KAAK,MAAM,EAAE,IAAI,cAAc,EAAE,CAAC;YAChC,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QACD,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEnF,MAAM,SAAS,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,UAAU,CAAC;oBACxB,KAAK;oBACL,QAAQ,EAAE,YAAY;oBACtB,KAAK,EAAE,IAAI,CAAC,YAAY;oBACxB,QAAQ,EAAE,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ;oBACnD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAClD,CAAC,CAAC;gBAEH,IAAI,WAAW,GAAG,EAAE,CAAC;gBAErB,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;oBAC3C,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;wBAClB,KAAK,YAAY;4BACf,WAAW,IAAI,IAAI,CAAC,SAAS,CAAC;4BAC9B,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;4BAClC,MAAM;wBACR,KAAK,WAAW;4BACd,MAAM,SAAS,CAAC,UAAU,CAAC;gCACzB,EAAE,EAAE,IAAI,CAAC,UAAU;gCACnB,IAAI,EAAE,IAAI,CAAC,QAAQ;gCACnB,IAAI,EAAE,IAAI,CAAC,IAA+B;6BAC3C,CAAC,CAAC;4BACH,MAAM;wBACR,KAAK,OAAO;4BACV,SAAS,CAAC,OAAO,CACf,IAAI,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CACzE,CAAC;4BACF,MAAM;oBACV,CAAC;gBACH,CAAC;gBAED,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YAClC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,CAAC,OAAO,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC7E,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;IACxB,CAAC;IAED,kBAAkB;QAChB,OAAO,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;IACrC,CAAC;IAED,eAAe;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;IAClC,CAAC;IAED,WAAW,CAAC,QAAgB;QAC1B,IAAI,CAAC,MAAM,CAAC,eAAe,GAAG,QAAQ,CAAC;IACzC,CAAC;IAED,QAAQ,CAAC,KAAa;QACpB,IAAI,CAAC,MAAM,CAAC,YAAY,GAAG,KAAK,CAAC;IACnC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,SAAS,CAAC,QAAmB;QACjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAE/C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,KAAK,IAAI,EAAE;YACxC,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,YAAY,CAAC;gBAClC,KAAK;gBACL,MAAM;gBACN,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAEtB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,qDAAqD;IACrD,KAAK,CAAC,QAAQ,CAAC,MAAc;QAC3B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,KAAK,IAAI,EAAE;YACxC,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,YAAY,CAAC;gBAClC,KAAK;gBACL,MAAM;gBACN,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QACtB,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}
|
package/dist/types.d.ts
CHANGED
|
@@ -11,6 +11,12 @@ export interface ProviderConfig {
|
|
|
11
11
|
baseUrl?: string;
|
|
12
12
|
models?: string[];
|
|
13
13
|
model?: string;
|
|
14
|
+
auth?: 'apikey' | 'oauth';
|
|
15
|
+
oauth?: {
|
|
16
|
+
clientId?: string;
|
|
17
|
+
clientSecret?: string;
|
|
18
|
+
callbackPort?: number;
|
|
19
|
+
};
|
|
14
20
|
}
|
|
15
21
|
export interface CerebrumRequest {
|
|
16
22
|
messages: Message[];
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEtE,MAAM,WAAW,cAAc;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAC1C,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEtE,MAAM,WAAW,cAAc;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAC1C,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC;IAC1B,KAAK,CAAC,EAAE;QACN,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IACjC,UAAU,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;IACxD,QAAQ,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IACpC,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CACjC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cereworker/cerebrum",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "26.313.2",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -16,13 +16,14 @@
|
|
|
16
16
|
"directory": "packages/cerebrum"
|
|
17
17
|
},
|
|
18
18
|
"dependencies": {
|
|
19
|
-
"ai": "^4.1.0",
|
|
20
19
|
"@ai-sdk/anthropic": "^1.2.0",
|
|
21
|
-
"@ai-sdk/openai": "^1.2.0",
|
|
22
20
|
"@ai-sdk/google": "^1.2.0",
|
|
21
|
+
"@ai-sdk/openai": "^1.2.0",
|
|
22
|
+
"@mariozechner/pi-ai": "^0.57.1",
|
|
23
|
+
"ai": "^4.1.0",
|
|
23
24
|
"zod": "^3.24.0",
|
|
24
|
-
"@cereworker/
|
|
25
|
-
"@cereworker/
|
|
25
|
+
"@cereworker/config": "26.313.2",
|
|
26
|
+
"@cereworker/core": "26.313.2"
|
|
26
27
|
},
|
|
27
28
|
"devDependencies": {
|
|
28
29
|
"typescript": "^5.7.3"
|