@freetison/git-super 0.2.0

package/lib/providers/azure-openai-provider.mjs

@@ -0,0 +1,185 @@
+/**
+ * Azure OpenAI Provider with Azure AD Authentication
+ * Uses Microsoft Identity Platform (MSAL) for OAuth
+ */
+
+import { BaseOAuthProvider } from './base-oauth-provider.mjs';
+import { TokenManager } from '../auth/token-manager.mjs';
+
+export class AzureOpenAIProvider extends BaseOAuthProvider {
+  constructor(config) {
+    // Azure AD configuration
+    const tenantId = config.azureTenantId || 'common';
+    const clientId = config.azureClientId;
+    
+    if (!clientId) {
+      throw new Error(
+        'Azure Client ID is required. Set AZURE_CLIENT_ID or configure in .gitsuperrc'
+      );
+    }
+
+    // Create token manager for Azure AD
+    const tokenManager = new TokenManager('azure-openai', {
+      clientId,
+      scopes: ['https://cognitiveservices.azure.com/.default'],
+      tokenEndpoint: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`,
+    });
+
+    super(config, tokenManager);
+    
+    this.tenantId = tenantId;
+    this.resourceEndpoint = config.azureResourceEndpoint;
+    this.deploymentName = config.azureDeploymentName || config.aiModel;
+    
+    if (!this.resourceEndpoint) {
+      throw new Error(
+        'Azure OpenAI endpoint is required. Set AZURE_OPENAI_ENDPOINT or configure in .gitsuperrc\n' +
+        'Example: https://your-resource.openai.azure.com'
+      );
+    }
+  }
+
+  /**
+   * Initiate Azure AD device code flow
+   */
+  async initiateAuth() {
+    const response = await fetch(
+      `https://login.microsoftonline.com/${this.tenantId}/oauth2/v2.0/devicecode`,
+      {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/x-www-form-urlencoded',
+        },
+        body: new URLSearchParams({
+          client_id: this.tokenManager.clientId,
+          scope: this.tokenManager.scopes.join(' '),
+        }),
+      }
+    );
+
+    if (!response.ok) {
+      throw new Error(`Azure AD device code request failed: ${response.statusText}`);
+    }
+
+    const data = await response.json();
+    
+    return {
+      deviceCode: data.device_code,
+      userCode: data.user_code,
+      verificationUri: data.verification_uri,
+      verificationUriComplete: data.verification_url, // Note: Azure uses verification_url
+      expiresIn: data.expires_in,
+      interval: data.interval || 5,
+      message: data.message,
+    };
+  }
+
+  /**
+   * Poll for Azure AD token
+   */
+  async completeAuth(deviceCode, interval) {
+    const pollInterval = interval * 1000;
+    const maxAttempts = 180;
+
+    for (let attempt = 0; attempt < maxAttempts; attempt++) {
+      await new Promise(resolve => setTimeout(resolve, pollInterval));
+
+      try {
+        const response = await fetch(
+          `https://login.microsoftonline.com/${this.tenantId}/oauth2/v2.0/token`,
+          {
+            method: 'POST',
+            headers: {
+              'Content-Type': 'application/x-www-form-urlencoded',
+            },
+            body: new URLSearchParams({
+              grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
+              client_id: this.tokenManager.clientId,
+              device_code: deviceCode,
+            }),
+          }
+        );
+
+        const data = await response.json();
+
+        if (data.error) {
+          if (data.error === 'authorization_pending') {
+            continue;
+          } else if (data.error === 'slow_down') {
+            await new Promise(resolve => setTimeout(resolve, pollInterval));
+            continue;
+          } else if (data.error === 'expired_token') {
+            throw new Error('Device code expired. Please try again.');
+          } else if (data.error === 'access_denied') {
+            throw new Error('User denied authorization.');
+          } else {
+            throw new Error(`Azure AD error: ${data.error} - ${data.error_description || ''}`);
+          }
+        }
+
+        // Success
+        const tokens = {
+          accessToken: data.access_token,
+          refreshToken: data.refresh_token,
+          expiresIn: data.expires_in,
+          tokenType: data.token_type,
+          scope: data.scope,
+        };
+
+        await this.tokenManager.storeTokens(tokens);
+        return;
+      } catch (error) {
+        if (error.message.includes('error:') || 
+            error.message.includes('expired') || 
+            error.message.includes('denied')) {
+          throw error;
+        }
+        console.warn(`Polling attempt ${attempt + 1} failed: ${error.message}`);
+      }
+    }
+
+    throw new Error('Azure AD authorization timeout. Please try again.');
+  }
+
+  /**
+   * Generate commit message using Azure OpenAI
+   */
+  async generate(prompt) {
+    const isAuthenticated = await this.isAuthenticated();
+    
+    if (!isAuthenticated) {
+      throw new Error(
+        'Azure AD authentication required. ' +
+        'Please authenticate with: git super auth login --provider azure-openai'
+      );
+    }
+
+    // Build Azure OpenAI endpoint
+    const apiVersion = '2024-02-01';
+    const endpoint = `${this.resourceEndpoint}/openai/deployments/${this.deploymentName}/chat/completions?api-version=${apiVersion}`;
+
+    const response = await this.authenticatedFetch(endpoint, {
+      method: 'POST',
+      body: JSON.stringify({
+        messages: [{ role: 'user', content: prompt }],
+        max_tokens: 200,
+        temperature: 0.7,
+      }),
+    });
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      throw new Error(`Azure OpenAI error: ${response.status} - ${errorText}`);
+    }
+
+    const data = await response.json();
+    return data.choices[0].message.content.trim().replace(/^["']|["']$/g, '');
+  }
+
+  /**
+   * Get provider display name
+   */
+  getName() {
+    return 'azure-openai';
+  }
+}

package/lib/providers/base-oauth-provider.mjs

@@ -0,0 +1,62 @@
+/**
+ * Base OAuth Provider
+ * Extended base for providers using OAuth authentication
+ */
+
+import { BaseAIProvider } from './base-provider.mjs';
+import { OAuthAuthStrategy } from '../auth/auth-strategy.mjs';
+
+export class BaseOAuthProvider extends BaseAIProvider {
+  constructor(config, tokenManager) {
+    super(config);
+    this.tokenManager = tokenManager;
+    this.authStrategy = new OAuthAuthStrategy(config, tokenManager);
+  }
+
+  /**
+   * Get authentication headers (with automatic token refresh)
+   * @returns {Promise<Object>}
+   */
+  async getAuthHeaders() {
+    return await this.authStrategy.getAuthHeaders();
+  }
+
+  /**
+   * Check if authenticated
+   * @returns {Promise<boolean>}
+   */
+  async isAuthenticated() {
+    return await this.authStrategy.isValid();
+  }
+
+  /**
+   * Get common headers for API requests
+   * @returns {Object}
+   */
+  getCommonHeaders() {
+    return {
+      'Content-Type': 'application/json',
+    };
+  }
+
+  /**
+   * Make authenticated API request
+   * @param {string} url - API endpoint
+   * @param {Object} options - Fetch options
+   * @returns {Promise<Response>}
+   */
+  async authenticatedFetch(url, options = {}) {
+    const authHeaders = await this.getAuthHeaders();
+    
+    const response = await fetch(url, {
+      ...options,
+      headers: {
+        ...this.getCommonHeaders(),
+        ...authHeaders,
+        ...(options.headers || {}),
+      },
+    });
+
+    return response;
+  }
+}

package/lib/providers/base-provider.mjs

@@ -0,0 +1,29 @@
+/**
+ * Base AI Provider - Strategy Pattern interface
+ * All AI providers must extend this class
+ */
+
+export class BaseAIProvider {
+  constructor(config, authStrategy = null) {
+    this.config = config;
+    this.authStrategy = authStrategy;
+  }
+
+  /**
+   * Generate a commit message from a prompt
+   * @param {string} prompt - The prompt to send to the AI
+   * @returns {Promise<string>} - The generated message
+   * @throws {Error} - Must be implemented by subclasses
+   */
+  async generate(prompt) {
+    throw new Error(`${this.constructor.name} must implement generate(prompt)`);
+  }
+
+  /**
+   * Get the provider name (used for logging)
+   * @returns {string}
+   */
+  getName() {
+    return this.constructor.name.replace('Provider', '').toLowerCase();
+  }
+}

package/lib/providers/generic-oidc-provider.mjs

@@ -0,0 +1,144 @@
+/**
+ * Generic OIDC (OpenID Connect) Provider
+ * Supports any OAuth 2.0 / OIDC compliant identity provider
+ */
+
+import { BaseOAuthProvider } from './base-oauth-provider.mjs';
+import { TokenManager } from '../auth/token-manager.mjs';
+import { DeviceCodeFlow } from '../auth/oauth-flows.mjs';
+
+export class GenericOIDCProvider extends BaseOAuthProvider {
+  constructor(config) {
+    const issuer = config.oidcIssuer;
+    const clientId = config.oidcClientId;
+    
+    if (!issuer || !clientId) {
+      throw new Error(
+        'OIDC configuration required: OIDC_ISSUER and OIDC_CLIENT_ID must be set'
+      );
+    }
+
+    // Create token manager
+    const tokenManager = new TokenManager('generic-oidc', {
+      clientId,
+      scopes: config.oidcScopes || ['openid', 'profile', 'email'],
+      tokenEndpoint: config.oidcTokenEndpoint || `${issuer}/oauth2/token`,
+    });
+
+    super(config, tokenManager);
+    
+    this.issuer = issuer;
+    this.apiEndpoint = config.oidcApiEndpoint;
+    this.deviceAuthEndpoint = config.oidcDeviceAuthEndpoint || `${issuer}/oauth2/device/authorize`;
+    
+    if (!this.apiEndpoint) {
+      throw new Error(
+        'OIDC API endpoint required: Set OIDC_API_ENDPOINT in config\n' +
+        'This should be the endpoint where your AI service is hosted'
+      );
+    }
+  }
+
+  /**
+   * Discover OIDC configuration from well-known endpoint
+   * @returns {Promise<Object>}
+   */
+  async discoverConfig() {
+    try {
+      const response = await fetch(`${this.issuer}/.well-known/openid-configuration`);
+      if (!response.ok) {
+        throw new Error(`OIDC discovery failed: ${response.statusText}`);
+      }
+      return await response.json();
+    } catch (error) {
+      console.warn(`OIDC discovery failed: ${error.message}, using manual configuration`);
+      return null;
+    }
+  }
+
+  /**
+   * Initiate device code flow
+   */
+  async initiateAuth() {
+    const flow = new DeviceCodeFlow({
+      clientId: this.tokenManager.clientId,
+      deviceAuthEndpoint: this.deviceAuthEndpoint,
+      tokenEndpoint: this.tokenManager.tokenEndpoint,
+      scopes: this.tokenManager.scopes,
+    });
+
+    return await flow.initiate();
+  }
+
+  /**
+   * Complete device code flow
+   */
+  async completeAuth(deviceCode, interval) {
+    const flow = new DeviceCodeFlow({
+      clientId: this.tokenManager.clientId,
+      deviceAuthEndpoint: this.deviceAuthEndpoint,
+      tokenEndpoint: this.tokenManager.tokenEndpoint,
+      scopes: this.tokenManager.scopes,
+    });
+
+    const tokens = await flow.pollForToken(deviceCode, interval);
+    await this.tokenManager.storeTokens(tokens);
+  }
+
+  /**
+   * Generate commit message using generic OIDC-protected API
+   */
+  async generate(prompt) {
+    const isAuthenticated = await this.isAuthenticated();
+    
+    if (!isAuthenticated) {
+      throw new Error(
+        'OIDC authentication required. ' +
+        'Please authenticate with: git super auth login --provider generic-oidc'
+      );
+    }
+
+    // Make request to configured API endpoint
+    // This assumes a standard chat completions interface, but can be customized
+    const response = await this.authenticatedFetch(this.apiEndpoint, {
+      method: 'POST',
+      body: JSON.stringify({
+        model: this.config.aiModel || 'default',
+        messages: [{ role: 'user', content: prompt }],
+        max_tokens: 200,
+        temperature: 0.7,
+      }),
+    });
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      throw new Error(`OIDC API error: ${response.status} - ${errorText}`);
+    }
+
+    const data = await response.json();
+    
+    // Try to extract message from common response formats
+    if (data.choices && data.choices[0]?.message?.content) {
+      // OpenAI-compatible format
+      return data.choices[0].message.content.trim().replace(/^["']|["']$/g, '');
+    } else if (data.content && Array.isArray(data.content) && data.content[0]?.text) {
+      // Anthropic-compatible format
+      return data.content[0].text.trim().replace(/^["']|["']$/g, '');
+    } else if (data.response) {
+      // Simple response format
+      return data.response.trim().replace(/^["']|["']$/g, '');
+    } else if (typeof data === 'string') {
+      // Plain text response
+      return data.trim().replace(/^["']|["']$/g, '');
+    } else {
+      throw new Error('Unexpected API response format');
+    }
+  }
+
+  /**
+   * Get provider display name
+   */
+  getName() {
+    return 'generic-oidc';
+  }
+}

package/lib/providers/github-copilot-provider.mjs

@@ -0,0 +1,113 @@
+/**
+ * GitHub Copilot Enterprise Provider
+ * Uses GitHub OAuth for authentication
+ */
+
+import { BaseOAuthProvider } from './base-oauth-provider.mjs';
+import { TokenManager } from '../auth/token-manager.mjs';
+import { DeviceCodeFlow } from '../auth/oauth-flows.mjs';
+
+export class GitHubCopilotProvider extends BaseOAuthProvider {
+  constructor(config) {
+    // Create token manager for GitHub OAuth
+    const tokenManager = new TokenManager('github-copilot', {
+      clientId: config.githubClientId || 'Iv1.b507a08c87ecfe98', // GitHub CLI client ID
+      scopes: ['read:user', 'read:org'], // Copilot scopes may vary
+      tokenEndpoint: 'https://github.com/login/oauth/access_token',
+    });
+
+    super(config, tokenManager);
+    this.githubOrg = config.githubOrg;
+  }
+
+  /**
+   * Initiate device code flow for GitHub authentication
+   * @returns {Promise<Object>} Device authorization details
+   */
+  async initiateAuth() {
+    const flow = new DeviceCodeFlow({
+      clientId: this.tokenManager.clientId,
+      deviceAuthEndpoint: 'https://github.com/login/device/code',
+      tokenEndpoint: 'https://github.com/login/oauth/access_token',
+      scopes: this.tokenManager.scopes,
+    });
+
+    return await flow.initiate();
+  }
+
+  /**
+   * Complete device code flow
+   * @param {string} deviceCode - Device code from initiateAuth
+   * @param {number} interval - Poll interval in seconds
+   */
+  async completeAuth(deviceCode, interval) {
+    const flow = new DeviceCodeFlow({
+      clientId: this.tokenManager.clientId,
+      deviceAuthEndpoint: 'https://github.com/login/device/code',
+      tokenEndpoint: 'https://github.com/login/oauth/access_token',
+      scopes: this.tokenManager.scopes,
+    });
+
+    const tokens = await flow.pollForToken(deviceCode, interval);
+    await this.tokenManager.storeTokens(tokens);
+  }
+
+  /**
+   * Generate commit message using GitHub Copilot
+   * Note: This is a conceptual implementation
+   * Real GitHub Copilot API may differ or require enterprise access
+   */
+  async generate(prompt) {
+    // GitHub Copilot doesn't have a public API for commit message generation yet
+    // This is a placeholder that would use GitHub's model endpoint when available
+    
+    // For now, we'll use GitHub Models (preview) or return a helpful message
+    const isAuthenticated = await this.isAuthenticated();
+    
+    if (!isAuthenticated) {
+      throw new Error(
+        'GitHub Copilot Enterprise authentication required. ' +
+        'Please authenticate with: git super auth login --provider github-copilot'
+      );
+    }
+
+    try {
+      // Attempt to use GitHub Models API (if available)
+      // https://github.blog/2024-05-21-github-models-a-new-generation-of-ai-models/
+      const response = await this.authenticatedFetch(
+        'https://models.inference.ai.azure.com/chat/completions',
+        {
+          method: 'POST',
+          body: JSON.stringify({
+            model: this.config.aiModel || 'gpt-4o',
+            messages: [{ role: 'user', content: prompt }],
+            max_tokens: 200,
+            temperature: 0.7,
+          }),
+        }
+      );
+
+      if (!response.ok) {
+        throw new Error(`GitHub Copilot API error: ${response.status} ${response.statusText}`);
+      }
+
+      const data = await response.json();
+      return data.choices[0].message.content.trim().replace(/^["']|["']$/g, '');
+    } catch (error) {
+      throw new Error(
+        `GitHub Copilot is not fully available yet for commit generation. ` +
+        `Original error: ${error.message}\n\n` +
+        `Note: GitHub Copilot Enterprise API for commit messages may require ` +
+        `special access or may use a different endpoint. Please check GitHub's ` +
+        `documentation for the latest API details.`
+      );
+    }
+  }
+
+  /**
+   * Get provider display name
+   */
+  getName() {
+    return 'github-copilot';
+  }
+}

package/lib/providers/ollama-provider.mjs

@@ -0,0 +1,109 @@
+/**
+ * Ollama AI Provider implementation
+ */
+
+import { BaseAIProvider } from './base-provider.mjs';
+import { NoAuthStrategy } from '../auth/auth-strategy.mjs';
+
+export class OllamaProvider extends BaseAIProvider {
+  constructor(config) {
+    // Ollama doesn't need authentication (local server)
+    super(config, new NoAuthStrategy(config));
+  }
+
+  async generate(prompt) {
+    let modelToUse = this.config.aiModel;
+    
+    let response = await fetch(`${this.config.ollamaUrl}/api/generate`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        model: modelToUse,
+        prompt,
+        stream: false,
+        options: {
+          temperature: 0.7,
+          top_p: 0.9,
+        },
+      }),
+    });
+
+    // If model not found, try to find an alternative
+    if (response.status === 404) {
+      const availableModels = await this.getAvailableModels();
+      
+      if (availableModels.length === 0) {
+        throw new Error(`Ollama is running but no models are installed. Install one with: ollama pull mistral`);
+      }
+      
+      modelToUse = this.findBestModel(availableModels);
+      console.log(`  ℹ️  Model '${this.config.aiModel}' not found, using '${modelToUse}'`);
+      
+      // Retry with available model
+      response = await fetch(`${this.config.ollamaUrl}/api/generate`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          model: modelToUse,
+          prompt,
+          stream: false,
+          options: {
+            temperature: 0.7,
+            top_p: 0.9,
+          },
+        }),
+      });
+    }
+
+    if (!response.ok) {
+      throw new Error(`Ollama error: ${response.status} ${response.statusText}`);
+    }
+
+    const data = await response.json();
+    return this.cleanResponse(data.response);
+  }
+
+  async getAvailableModels() {
+    try {
+      const response = await fetch(`${this.config.ollamaUrl}/api/tags`);
+      if (!response.ok) return [];
+      const data = await response.json();
+      return data.models?.map(m => m.name) || [];
+    } catch {
+      return [];
+    }
+  }
+
+  findBestModel(availableModels) {
+    const preferredModels = [
+      'qwen2.5-coder',
+      'deepseek-coder',
+      'codellama',
+      'mistral',
+      'llama3',
+      'llama2'
+    ];
+    
+    return preferredModels.find(m => 
+      availableModels.some(a => a.startsWith(m))
+    ) || availableModels[0];
+  }
+
+  cleanResponse(response) {
+    let message = response.trim()
+      .replace(/^["'`]|["'`]$/g, '')       // Remove quotes
+      .replace(/^\*\*|\*\*$/g, '')          // Remove bold markdown
+      .replace(/^```.*\n?|\n?```$/g, '')    // Remove code blocks
+      .split('\n')[0]                       // Take first line only
+      .trim();
+    
+    // If message looks invalid, return generic
+    if (message.length > 100 || 
+        message.toLowerCase().includes('based on') || 
+        message.toLowerCase().includes('appears')) {
+      return 'chore: update files';
+    }
+    
+    return message;
+  }
+}

package/lib/providers/openai-provider.mjs

@@ -0,0 +1,44 @@
+/**
+ * OpenAI AI Provider implementation
+ */
+
+import { BaseAIProvider } from './base-provider.mjs';
+import { ApiKeyAuthStrategy } from '../auth/auth-strategy.mjs';
+
+export class OpenAIProvider extends BaseAIProvider {
+  constructor(config) {
+    // Use API Key authentication strategy
+    const authStrategy = new ApiKeyAuthStrategy(config, {
+      keyName: 'openaiKey',
+      headerName: 'Authorization',
+      headerFormat: 'Bearer {key}',
+    });
+    super(config, authStrategy);
+  }
+
+  async generate(prompt) {
+    // Get auth headers from strategy
+    const authHeaders = await this.authStrategy.getAuthHeaders();
+
+    const response = await fetch('https://api.openai.com/v1/chat/completions', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        ...authHeaders,
+      },
+      body: JSON.stringify({
+        model: this.config.aiModel || 'gpt-4',
+        messages: [{ role: 'user', content: prompt }],
+        max_tokens: 200,
+        temperature: 0.7,
+      }),
+    });
+
+    if (!response.ok) {
+      throw new Error(`OpenAI error: ${response.statusText}`);
+    }
+
+    const data = await response.json();
+    return data.choices[0].message.content.trim().replace(/^["']|["']$/g, '');
+  }
+}