@iamtoricool/opencool-qwen-auth 0.0.1-alpha → 0.0.2-alpha

package/dist/lib/auth/browser.js

@@ -0,0 +1,86 @@
+/**
+ * Browser utilities for OAuth flow
+ * Handles platform-specific browser opening
+ */
+import { spawn } from "node:child_process";
+import fs from "node:fs";
+import path from "node:path";
+import { PLATFORM_OPENERS } from "../constants.js";
+/**
+ * Gets the platform-specific command to open a URL in the default browser
+ * @returns Browser opener command for the current platform
+ */
+export function getBrowserOpener() {
+    const platform = process.platform;
+    if (platform === "darwin")
+        return PLATFORM_OPENERS.darwin;
+    if (platform === "win32")
+        return PLATFORM_OPENERS.win32;
+    return PLATFORM_OPENERS.linux;
+}
+/**
+ * Check if a command exists in PATH
+ * @param command - Command to check
+ * @returns True if command exists
+ */
+function commandExists(command) {
+    if (!command)
+        return false;
+    // "start" is a shell builtin on Windows; rely on shell execution
+    if (process.platform === "win32" && command.toLowerCase() === "start") {
+        return true;
+    }
+    const pathValue = process.env.PATH || "";
+    const entries = pathValue.split(path.delimiter).filter(Boolean);
+    if (entries.length === 0)
+        return false;
+    if (process.platform === "win32") {
+        const pathext = (process.env.PATHEXT || ".EXE;.CMD;.BAT;.COM")
+            .split(";")
+            .filter(Boolean);
+        for (const entry of entries) {
+            for (const ext of pathext) {
+                const candidate = path.join(entry, `${command}${ext}`);
+                if (fs.existsSync(candidate))
+                    return true;
+            }
+        }
+        return false;
+    }
+    for (const entry of entries) {
+        const candidate = path.join(entry, command);
+        if (fs.existsSync(candidate))
+            return true;
+    }
+    return false;
+}
+/**
+ * Opens a URL in the default browser
+ * Silently fails if browser cannot be opened (user can copy URL manually)
+ * @param url - URL to open
+ * @returns True if a browser launch was attempted
+ */
+export function openBrowserUrl(url) {
+    try {
+        const opener = getBrowserOpener();
+        if (!commandExists(opener)) {
+            return false;
+        }
+        const child = spawn(opener, [url], {
+            stdio: "ignore",
+            shell: process.platform === "win32",
+            detached: true,
+        });
+        child.on("error", () => {
+            // Silently fail - user can manually open the URL from instructions
+        });
+        // Unref so the process can exit independently
+        child.unref();
+        return true;
+    }
+    catch (error) {
+        // Silently fail - user can manually open the URL from instructions
+        return false;
+    }
+}
+//# sourceMappingURL=browser.js.map

package/dist/lib/auth/browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../../lib/auth/browser.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAe,MAAM,iBAAiB,CAAC;AAEhE;;;GAGG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAClC,IAAI,QAAQ,KAAK,QAAQ;QAAE,OAAO,gBAAgB,CAAC,MAAM,CAAC;IAC1D,IAAI,QAAQ,KAAK,OAAO;QAAE,OAAO,gBAAgB,CAAC,KAAK,CAAC;IACxD,OAAO,gBAAgB,CAAC,KAAK,CAAC;AAChC,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CAAC,OAAe;IACpC,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAE3B,iEAAiE;IACjE,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,IAAI,OAAO,CAAC,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;QACtE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAChE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvC,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,qBAAqB,CAAC;aAC3D,KAAK,CAAC,GAAG,CAAC;aACV,MAAM,CAAC,OAAO,CAAC,CAAC;QACnB,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;gBAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,OAAO,GAAG,GAAG,EAAE,CAAC,CAAC;gBACvD,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;oBAAE,OAAO,IAAI,CAAC;YAC5C,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC5C,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,IAAI,CAAC;IAC5C,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW;IACxC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;QAClC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE;YACjC,KAAK,EAAE,QAAQ;YACf,KAAK,EAAE,OAAO,CAAC,QAAQ,KAAK,OAAO;YACnC,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACrB,mEAAmE;QACrE,CAAC,CAAC,CAAC;QAEH,8CAA8C;QAC9C,KAAK,CAAC,KAAK,EAAE,CAAC;QAEd,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,mEAAmE;QACnE,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/lib/auth/server.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Local OAuth callback server for handling the OAuth redirect
+ * Listens on port 1455 for the authorization code/token
+ */
+import type { OAuthServerInfo } from "../types.js";
+/**
+ * Start a local HTTP server that waits for /auth/callback and returns the token
+ * @param options - OAuth state for validation
+ * @returns Promise that resolves to server info
+ */
+export declare function startLocalOAuthServer({ state }: {
+    state: string;
+}): Promise<OAuthServerInfo>;
+//# sourceMappingURL=server.d.ts.map

package/dist/lib/auth/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../lib/auth/server.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAoKnD;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAqF5F"}

package/dist/lib/auth/server.js

@@ -0,0 +1,253 @@
+/**
+ * Local OAuth callback server for handling the OAuth redirect
+ * Listens on port 1455 for the authorization code/token
+ */
+import http from "node:http";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import { PLUGIN_NAME, ERROR_MESSAGES } from "../constants.js";
+// Resolve path to oauth-success.html (one level up from auth/ subfolder)
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const successHtmlPath = path.join(__dirname, "..", "oauth-success.html");
+/**
+ * Generate HTML page that extracts token from URL fragment
+ * This is needed because URL fragments are not sent to the server
+ */
+function getFragmentExtractorPage(state) {
+    return `
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Qwen Authentication</title>
+  <style>
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+      background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+      min-height: 100vh;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      padding: 20px;
+    }
+    .container {
+      background: white;
+      border-radius: 16px;
+      padding: 48px;
+      text-align: center;
+      box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
+      max-width: 500px;
+      width: 100%;
+    }
+    .icon {
+      width: 80px;
+      height: 80px;
+      background: linear-gradient(135deg, #10a37f 0%, #0d8c6d 100%);
+      border-radius: 50%;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      margin: 0 auto 24px;
+      font-size: 40px;
+      color: white;
+    }
+    .icon.error {
+      background: linear-gradient(135deg, #e74c3c 0%, #c0392b 100%);
+    }
+    h1 {
+      color: #1a1a1a;
+      font-size: 28px;
+      margin-bottom: 12px;
+      font-weight: 600;
+    }
+    p {
+      color: #666;
+      font-size: 16px;
+      line-height: 1.6;
+      margin-bottom: 16px;
+    }
+    .token-box {
+      background: #f5f5f5;
+      border-radius: 8px;
+      padding: 16px;
+      margin: 20px 0;
+      word-break: break-all;
+      font-family: monospace;
+      font-size: 12px;
+      text-align: left;
+      max-height: 150px;
+      overflow-y: auto;
+      border: 1px solid #ddd;
+    }
+    .loading {
+      display: inline-block;
+      width: 40px;
+      height: 40px;
+      border: 4px solid #f3f3f3;
+      border-top: 4px solid #667eea;
+      border-radius: 50%;
+      animation: spin 1s linear infinite;
+      margin: 20px auto;
+    }
+    @keyframes spin {
+      0% { transform: rotate(0deg); }
+      100% { transform: rotate(360deg); }
+    }
+    .hidden { display: none; }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div id="loading-state">
+      <div class="loading"></div>
+      <h1>Completing Authentication...</h1>
+      <p>Please wait while we complete the authentication process.</p>
+    </div>
+    
+    <div id="success-state" class="hidden">
+      <div class="icon">✓</div>
+      <h1>Authentication Successful!</h1>
+      <p>You can now close this window and return to the terminal.</p>
+    </div>
+    
+    <div id="error-state" class="hidden">
+      <div class="icon error">✗</div>
+      <h1>Authentication Failed</h1>
+      <p id="error-message">An error occurred during authentication.</p>
+      <div id="token-display" class="token-box hidden"></div>
+      <p>If you see a token above, you may need to manually copy it.</p>
+    </div>
+  </div>
+
+  <script>
+    const STATE = "${state}";
+    
+    async function completeAuth() {
+      try {
+        // Extract token from URL fragment
+        const fragment = window.location.hash;
+        const params = new URLSearchParams(fragment.substring(1));
+        const token = params.get("token");
+        
+        if (!token) {
+          throw new Error("No token found in URL");
+        }
+        
+        // Send token to local server
+        const response = await fetch("/auth/callback?token=" + encodeURIComponent(token) + "&state=" + encodeURIComponent(STATE));
+        
+        if (response.ok) {
+          document.getElementById("loading-state").classList.add("hidden");
+          document.getElementById("success-state").classList.remove("hidden");
+        } else {
+          throw new Error("Server rejected token");
+        }
+      } catch (error) {
+        document.getElementById("loading-state").classList.add("hidden");
+        document.getElementById("error-state").classList.remove("hidden");
+        document.getElementById("error-message").textContent = error.message;
+        
+        // Show token if we have it
+        const fragment = window.location.hash;
+        if (fragment) {
+          document.getElementById("token-display").textContent = fragment;
+          document.getElementById("token-display").classList.remove("hidden");
+        }
+      }
+    }
+    
+    // Run on page load
+    completeAuth();
+  </script>
+</body>
+</html>
+  `.trim();
+}
+/**
+ * Start a local HTTP server that waits for /auth/callback and returns the token
+ * @param options - OAuth state for validation
+ * @returns Promise that resolves to server info
+ */
+export function startLocalOAuthServer({ state }) {
+    const server = http.createServer((req, res) => {
+        try {
+            const url = new URL(req.url || "", "http://localhost");
+            // Handle root path - serve fragment extractor page
+            if (url.pathname === "/") {
+                res.statusCode = 200;
+                res.setHeader("Content-Type", "text/html; charset=utf-8");
+                res.end(getFragmentExtractorPage(state));
+                return;
+            }
+            // Only handle /auth/callback path
+            if (url.pathname !== "/auth/callback") {
+                res.statusCode = 404;
+                res.end("Not found");
+                return;
+            }
+            // Validate state
+            const returnedState = url.searchParams.get("state");
+            if (returnedState !== state) {
+                res.statusCode = 400;
+                res.end("State mismatch");
+                return;
+            }
+            // Extract token from query params (sent by JavaScript from fragment)
+            const token = url.searchParams.get("token");
+            if (!token) {
+                res.statusCode = 400;
+                res.end(ERROR_MESSAGES.MISSING_AUTH_CODE);
+                return;
+            }
+            // Serve success response
+            res.statusCode = 200;
+            res.setHeader("Content-Type", "text/html; charset=utf-8");
+            res.end("<html><body>OK</body></html>");
+            // Store the token
+            server._lastToken = token;
+        }
+        catch {
+            res.statusCode = 500;
+            res.end("Internal error");
+        }
+    });
+    return new Promise((resolve) => {
+        server
+            .listen(1455, "127.0.0.1", () => {
+            resolve({
+                port: 1455,
+                ready: true,
+                close: () => server.close(),
+                waitForCode: async () => {
+                    const poll = () => new Promise((r) => setTimeout(r, 100));
+                    for (let i = 0; i < 600; i++) {
+                        const lastToken = server._lastToken;
+                        if (lastToken)
+                            return { code: lastToken };
+                        await poll();
+                    }
+                    return null;
+                },
+            });
+        })
+            .on("error", (err) => {
+            console.error(`[${PLUGIN_NAME}] Failed to bind http://127.0.0.1:1455 (${err?.code}). Falling back to manual paste.`);
+            resolve({
+                port: 1455,
+                ready: false,
+                close: () => {
+                    try {
+                        server.close();
+                    }
+                    catch {
+                        // Ignore close errors
+                    }
+                },
+                waitForCode: async () => null,
+            });
+        });
+    });
+}
+//# sourceMappingURL=server.js.map

package/dist/lib/auth/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../lib/auth/server.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAE9D,yEAAyE;AACzE,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,oBAAoB,CAAC,CAAC;AAEzE;;;GAGG;AACH,SAAS,wBAAwB,CAAC,KAAa;IAC7C,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;qBA4GY,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAyCvB,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,EAAE,KAAK,EAAqB;IAChE,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAC5C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,EAAE,EAAE,kBAAkB,CAAC,CAAC;YAEvD,mDAAmD;YACnD,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBACzB,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;gBACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;gBAC1D,GAAG,CAAC,GAAG,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAC;gBACzC,OAAO;YACT,CAAC;YAED,kCAAkC;YAClC,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE,CAAC;gBACtC,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;gBACrB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACrB,OAAO;YACT,CAAC;YAED,iBAAiB;YACjB,MAAM,aAAa,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACpD,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBAC5B,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;gBACrB,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;gBAC1B,OAAO;YACT,CAAC;YAED,qEAAqE;YACrE,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;gBACrB,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;gBAC1C,OAAO;YACT,CAAC;YAED,yBAAyB;YACzB,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;YACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;YAC1D,GAAG,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAExC,kBAAkB;YACjB,MAAgD,CAAC,UAAU,GAAG,KAAK,CAAC;QACvE,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;YACrB,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM;aACH,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;YAC9B,OAAO,CAAC;gBACN,IAAI,EAAE,IAAI;gBACV,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE;gBAC3B,WAAW,EAAE,KAAK,IAAI,EAAE;oBACtB,MAAM,IAAI,GAAG,GAAG,EAAE,CAAC,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;oBAChE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC7B,MAAM,SAAS,GAAI,MAAgD,CAAC,UAAU,CAAC;wBAC/E,IAAI,SAAS;4BAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;wBAC1C,MAAM,IAAI,EAAE,CAAC;oBACf,CAAC;oBACD,OAAO,IAAI,CAAC;gBACd,CAAC;aACF,CAAC,CAAC;QACL,CAAC,CAAC;aACD,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;YAC1C,OAAO,CAAC,KAAK,CACX,IAAI,WAAW,2CAA2C,GAAG,EAAE,IAAI,kCAAkC,CACtG,CAAC;YACF,OAAO,CAAC;gBACN,IAAI,EAAE,IAAI;gBACV,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,GAAG,EAAE;oBACV,IAAI,CAAC;wBACH,MAAM,CAAC,KAAK,EAAE,CAAC;oBACjB,CAAC;oBAAC,MAAM,CAAC;wBACP,sBAAsB;oBACxB,CAAC;gBACH,CAAC;gBACD,WAAW,EAAE,KAAK,IAAI,EAAE,CAAC,IAAI;aAC9B,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/lib/config.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Configuration loading for the Qwen Auth Plugin
+ */
+import type { PluginConfig, UserConfig } from "./types.js";
+import { initLogger as initLoggerFromLogger } from "./logger.js";
+/**
+ * Load plugin configuration from ~/.opencode/qwen-auth-config.json
+ * @returns Plugin configuration with defaults
+ */
+export declare function loadPluginConfig(): PluginConfig;
+/**
+ * Get debug mode from environment or config
+ * @param config - Plugin configuration
+ * @returns Whether debug mode is enabled
+ */
+export declare function getDebugMode(config: PluginConfig): boolean;
+/**
+ * Parse user configuration from provider options
+ * @param provider - Provider configuration from opencode.json
+ * @returns Normalized user configuration
+ */
+export declare function parseUserConfig(provider: unknown): UserConfig;
+/**
+ * Initialize the logger with plugin configuration
+ * Re-exported from logger module for convenience
+ */
+export declare const initLogger: typeof initLoggerFromLogger;
+//# sourceMappingURL=config.d.ts.map

package/dist/lib/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../lib/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE3D,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEjE;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,YAAY,CAsB/C;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAS1D;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,OAAO,GAChB,UAAU,CASZ;AAED;;;GAGG;AACH,eAAO,MAAM,UAAU,6BAAuB,CAAC"}

package/dist/lib/config.js

@@ -0,0 +1,67 @@
+/**
+ * Configuration loading for the Qwen Auth Plugin
+ */
+import { readFileSync, existsSync } from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+import { PLUGIN_NAME } from "./constants.js";
+import { initLogger as initLoggerFromLogger } from "./logger.js";
+/**
+ * Load plugin configuration from ~/.opencode/qwen-auth-config.json
+ * @returns Plugin configuration with defaults
+ */
+export function loadPluginConfig() {
+    const configPath = join(homedir(), ".opencode", "qwen-auth-config.json");
+    if (!existsSync(configPath)) {
+        return {
+            debug: false,
+        };
+    }
+    try {
+        const content = readFileSync(configPath, "utf-8");
+        const config = JSON.parse(content);
+        return {
+            debug: false,
+            ...config,
+        };
+    }
+    catch (error) {
+        console.warn(`[${PLUGIN_NAME}] Failed to load plugin config:`, error);
+        return {
+            debug: false,
+        };
+    }
+}
+/**
+ * Get debug mode from environment or config
+ * @param config - Plugin configuration
+ * @returns Whether debug mode is enabled
+ */
+export function getDebugMode(config) {
+    // Environment variable takes precedence
+    if (process.env.QWEN_AUTH_DEBUG === "true") {
+        return true;
+    }
+    if (process.env.QWEN_AUTH_DEBUG === "false") {
+        return false;
+    }
+    return config.debug ?? false;
+}
+/**
+ * Parse user configuration from provider options
+ * @param provider - Provider configuration from opencode.json
+ * @returns Normalized user configuration
+ */
+export function parseUserConfig(provider) {
+    const providerConfig = provider;
+    return {
+        global: providerConfig?.options || {},
+        models: providerConfig?.models || {},
+    };
+}
+/**
+ * Initialize the logger with plugin configuration
+ * Re-exported from logger module for convenience
+ */
+export const initLogger = initLoggerFromLogger;
+//# sourceMappingURL=config.js.map

package/dist/lib/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../lib/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEjE;;;GAGG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,uBAAuB,CAAC,CAAC;IAEzE,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO;YACL,KAAK,EAAE,KAAK;SACb,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAiB,CAAC;QACnD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,IAAI,WAAW,iCAAiC,EAAE,KAAK,CAAC,CAAC;QACtE,OAAO;YACL,KAAK,EAAE,KAAK;SACb,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,MAAoB;IAC/C,wCAAwC;IACxC,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,MAAM,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,OAAO,EAAE,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,IAAI,KAAK,CAAC;AAC/B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAC7B,QAAiB;IAEjB,MAAM,cAAc,GAAG,QAEV,CAAC;IAEd,OAAO;QACL,MAAM,EAAG,cAAc,EAAE,OAAgC,IAAI,EAAE;QAC/D,MAAM,EAAE,cAAc,EAAE,MAAM,IAAI,EAAE;KACrC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,oBAAoB,CAAC"}

package/dist/lib/constants.d.ts

@@ -0,0 +1,77 @@
+/**
+ * Constants used throughout the Qwen Auth Plugin
+ * Centralized for easy maintenance and configuration
+ */
+/** Plugin identifier for logging and error messages */
+export declare const PLUGIN_NAME = "opencool-qwen-auth";
+/** Base URL for Qwen chat backend API */
+export declare const QWEN_BASE_URL = "https://chat.qwen.ai/api";
+/** Dummy API key used for Qwen SDK (actual auth via OAuth) */
+export declare const DUMMY_API_KEY = "qwen-oauth";
+/** Provider ID for opencode configuration */
+export declare const PROVIDER_ID = "qwen";
+/** OAuth Client ID from Google (extracted from HAR) */
+export declare const GOOGLE_CLIENT_ID = "452911428355-3lrs59r3icntb0d0e053n98fkg9ha1j3.apps.googleusercontent.com";
+/** Qwen OAuth endpoints (uses Google OAuth) */
+export declare const QWEN_OAUTH_LOGIN = "https://chat.qwen.ai/oauth/google/login";
+export declare const QWEN_OAUTH_CALLBACK = "https://chat.qwen.ai/oauth/google/callback";
+/** Google OAuth authorization endpoint */
+export declare const GOOGLE_AUTHORIZE_URL = "https://accounts.google.com/o/oauth2/v2/auth";
+/** OAuth redirect URI for local callback */
+export declare const REDIRECT_URI = "http://localhost:1455/auth/callback";
+/** OAuth scope for Google */
+export declare const GOOGLE_SCOPE = "openid email profile";
+/** HTTP Status Codes */
+export declare const HTTP_STATUS: {
+    readonly OK: 200;
+    readonly UNAUTHORIZED: 401;
+    readonly NOT_FOUND: 404;
+    readonly TOO_MANY_REQUESTS: 429;
+};
+/** Qwen-specific headers */
+export declare const QWEN_HEADERS: {
+    readonly AUTHORIZATION: "Authorization";
+    readonly CONTENT_TYPE: "Content-Type";
+    readonly ACCEPT: "Accept";
+};
+/** URL path segments */
+export declare const URL_PATHS: {
+    readonly CHAT_COMPLETIONS: "/v1/chat/completions";
+    readonly MODELS: "/models";
+    readonly AUTHS: "/v1/auths";
+};
+/** Error messages */
+export declare const ERROR_MESSAGES: {
+    readonly NO_ACCOUNT_ID: "Failed to extract account info from token";
+    readonly TOKEN_REFRESH_FAILED: "Failed to refresh token, authentication required";
+    readonly REQUEST_PARSE_ERROR: "Error parsing request";
+    readonly OAUTH_STATE_MISMATCH: "OAuth state mismatch - possible CSRF attack";
+    readonly MISSING_AUTH_CODE: "Missing authorization code in callback";
+    readonly MISSING_TOKEN: "Missing token";
+    readonly TOKEN_NOT_FOUND: "Token not found in URL fragment";
+};
+/** Log stages for request logging */
+export declare const LOG_STAGES: {
+    readonly BEFORE_TRANSFORM: "before-transform";
+    readonly AFTER_TRANSFORM: "after-transform";
+    readonly RESPONSE: "response";
+    readonly ERROR_RESPONSE: "error-response";
+};
+/** Platform-specific browser opener commands */
+export declare const PLATFORM_OPENERS: {
+    readonly darwin: "open";
+    readonly win32: "start";
+    readonly linux: "xdg-open";
+};
+/** OAuth authorization labels */
+export declare const AUTH_LABELS: {
+    readonly OAUTH: "Qwen AI (Google Sign-In)";
+    readonly OAUTH_MANUAL: "Qwen AI (Manual Token Paste)";
+    readonly API_KEY: "Manually enter API Key";
+    readonly INSTRUCTIONS: "A browser window should open. Sign in with Google to authenticate with Qwen.";
+    readonly INSTRUCTIONS_MANUAL: "After logging in, copy the token from the URL and paste it here.";
+};
+/** Qwen model definitions */
+export declare const QWEN_MODELS: Record<string, QwenModel>;
+import type { QwenModel } from "./types.js";
+//# sourceMappingURL=constants.d.ts.map

package/dist/lib/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../lib/constants.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,uDAAuD;AACvD,eAAO,MAAM,WAAW,uBAAuB,CAAC;AAEhD,yCAAyC;AACzC,eAAO,MAAM,aAAa,6BAA6B,CAAC;AAExD,8DAA8D;AAC9D,eAAO,MAAM,aAAa,eAAe,CAAC;AAE1C,6CAA6C;AAC7C,eAAO,MAAM,WAAW,SAAS,CAAC;AAElC,uDAAuD;AACvD,eAAO,MAAM,gBAAgB,6EAA6E,CAAC;AAE3G,+CAA+C;AAC/C,eAAO,MAAM,gBAAgB,4CAA4C,CAAC;AAC1E,eAAO,MAAM,mBAAmB,+CAA+C,CAAC;AAEhF,0CAA0C;AAC1C,eAAO,MAAM,oBAAoB,iDAAiD,CAAC;AAEnF,4CAA4C;AAC5C,eAAO,MAAM,YAAY,wCAAwC,CAAC;AAElE,6BAA6B;AAC7B,eAAO,MAAM,YAAY,yBAAyB,CAAC;AAEnD,wBAAwB;AACxB,eAAO,MAAM,WAAW;;;;;CAKd,CAAC;AAEX,4BAA4B;AAC5B,eAAO,MAAM,YAAY;;;;CAIf,CAAC;AAEX,wBAAwB;AACxB,eAAO,MAAM,SAAS;;;;CAIZ,CAAC;AAEX,qBAAqB;AACrB,eAAO,MAAM,cAAc;;;;;;;;CAQjB,CAAC;AAEX,qCAAqC;AACrC,eAAO,MAAM,UAAU;;;;;CAKb,CAAC;AAEX,gDAAgD;AAChD,eAAO,MAAM,gBAAgB;;;;CAInB,CAAC;AAEX,iCAAiC;AACjC,eAAO,MAAM,WAAW;;;;;;CAQd,CAAC;AAEX,6BAA6B;AAC7B,eAAO,MAAM,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,SAAS,CAiCxC,CAAC;AAGX,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC"}

package/dist/lib/constants.js

@@ -0,0 +1,109 @@
+/**
+ * Constants used throughout the Qwen Auth Plugin
+ * Centralized for easy maintenance and configuration
+ */
+/** Plugin identifier for logging and error messages */
+export const PLUGIN_NAME = "opencool-qwen-auth";
+/** Base URL for Qwen chat backend API */
+export const QWEN_BASE_URL = "https://chat.qwen.ai/api";
+/** Dummy API key used for Qwen SDK (actual auth via OAuth) */
+export const DUMMY_API_KEY = "qwen-oauth";
+/** Provider ID for opencode configuration */
+export const PROVIDER_ID = "qwen";
+/** OAuth Client ID from Google (extracted from HAR) */
+export const GOOGLE_CLIENT_ID = "452911428355-3lrs59r3icntb0d0e053n98fkg9ha1j3.apps.googleusercontent.com";
+/** Qwen OAuth endpoints (uses Google OAuth) */
+export const QWEN_OAUTH_LOGIN = "https://chat.qwen.ai/oauth/google/login";
+export const QWEN_OAUTH_CALLBACK = "https://chat.qwen.ai/oauth/google/callback";
+/** Google OAuth authorization endpoint */
+export const GOOGLE_AUTHORIZE_URL = "https://accounts.google.com/o/oauth2/v2/auth";
+/** OAuth redirect URI for local callback */
+export const REDIRECT_URI = "http://localhost:1455/auth/callback";
+/** OAuth scope for Google */
+export const GOOGLE_SCOPE = "openid email profile";
+/** HTTP Status Codes */
+export const HTTP_STATUS = {
+    OK: 200,
+    UNAUTHORIZED: 401,
+    NOT_FOUND: 404,
+    TOO_MANY_REQUESTS: 429,
+};
+/** Qwen-specific headers */
+export const QWEN_HEADERS = {
+    AUTHORIZATION: "Authorization",
+    CONTENT_TYPE: "Content-Type",
+    ACCEPT: "Accept",
+};
+/** URL path segments */
+export const URL_PATHS = {
+    CHAT_COMPLETIONS: "/v1/chat/completions",
+    MODELS: "/models",
+    AUTHS: "/v1/auths",
+};
+/** Error messages */
+export const ERROR_MESSAGES = {
+    NO_ACCOUNT_ID: "Failed to extract account info from token",
+    TOKEN_REFRESH_FAILED: "Failed to refresh token, authentication required",
+    REQUEST_PARSE_ERROR: "Error parsing request",
+    OAUTH_STATE_MISMATCH: "OAuth state mismatch - possible CSRF attack",
+    MISSING_AUTH_CODE: "Missing authorization code in callback",
+    MISSING_TOKEN: "Missing token",
+    TOKEN_NOT_FOUND: "Token not found in URL fragment",
+};
+/** Log stages for request logging */
+export const LOG_STAGES = {
+    BEFORE_TRANSFORM: "before-transform",
+    AFTER_TRANSFORM: "after-transform",
+    RESPONSE: "response",
+    ERROR_RESPONSE: "error-response",
+};
+/** Platform-specific browser opener commands */
+export const PLATFORM_OPENERS = {
+    darwin: "open",
+    win32: "start",
+    linux: "xdg-open",
+};
+/** OAuth authorization labels */
+export const AUTH_LABELS = {
+    OAUTH: "Qwen AI (Google Sign-In)",
+    OAUTH_MANUAL: "Qwen AI (Manual Token Paste)",
+    API_KEY: "Manually enter API Key",
+    INSTRUCTIONS: "A browser window should open. Sign in with Google to authenticate with Qwen.",
+    INSTRUCTIONS_MANUAL: "After logging in, copy the token from the URL and paste it here.",
+};
+/** Qwen model definitions */
+export const QWEN_MODELS = {
+    "qwen3-max": {
+        id: "qwen3-max",
+        name: "Qwen3 Max",
+        description: "Most capable Qwen3 model for complex tasks",
+        maxTokens: 32768,
+        supportsVision: false,
+        supportsCode: true,
+    },
+    "qwen3-coder-plus": {
+        id: "qwen3-coder-plus",
+        name: "Qwen3 Coder Plus",
+        description: "Optimized for code generation and programming tasks",
+        maxTokens: 32768,
+        supportsVision: false,
+        supportsCode: true,
+    },
+    "qwen3-vl-plus": {
+        id: "qwen3-vl-plus",
+        name: "Qwen3 VL Plus",
+        description: "Vision language model for image understanding",
+        maxTokens: 32768,
+        supportsVision: true,
+        supportsCode: false,
+    },
+    "qwen3-235b-a22b": {
+        id: "qwen3-235b-a22b",
+        name: "Qwen3 235B A22B",
+        description: "Large mixture-of-experts model",
+        maxTokens: 32768,
+        supportsVision: false,
+        supportsCode: true,
+    },
+};
+//# sourceMappingURL=constants.js.map

package/dist/lib/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../lib/constants.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,uDAAuD;AACvD,MAAM,CAAC,MAAM,WAAW,GAAG,oBAAoB,CAAC;AAEhD,yCAAyC;AACzC,MAAM,CAAC,MAAM,aAAa,GAAG,0BAA0B,CAAC;AAExD,8DAA8D;AAC9D,MAAM,CAAC,MAAM,aAAa,GAAG,YAAY,CAAC;AAE1C,6CAA6C;AAC7C,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC;AAElC,uDAAuD;AACvD,MAAM,CAAC,MAAM,gBAAgB,GAAG,0EAA0E,CAAC;AAE3G,+CAA+C;AAC/C,MAAM,CAAC,MAAM,gBAAgB,GAAG,yCAAyC,CAAC;AAC1E,MAAM,CAAC,MAAM,mBAAmB,GAAG,4CAA4C,CAAC;AAEhF,0CAA0C;AAC1C,MAAM,CAAC,MAAM,oBAAoB,GAAG,8CAA8C,CAAC;AAEnF,4CAA4C;AAC5C,MAAM,CAAC,MAAM,YAAY,GAAG,qCAAqC,CAAC;AAElE,6BAA6B;AAC7B,MAAM,CAAC,MAAM,YAAY,GAAG,sBAAsB,CAAC;AAEnD,wBAAwB;AACxB,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,EAAE,EAAE,GAAG;IACP,YAAY,EAAE,GAAG;IACjB,SAAS,EAAE,GAAG;IACd,iBAAiB,EAAE,GAAG;CACd,CAAC;AAEX,4BAA4B;AAC5B,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,aAAa,EAAE,eAAe;IAC9B,YAAY,EAAE,cAAc;IAC5B,MAAM,EAAE,QAAQ;CACR,CAAC;AAEX,wBAAwB;AACxB,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,gBAAgB,EAAE,sBAAsB;IACxC,MAAM,EAAE,SAAS;IACjB,KAAK,EAAE,WAAW;CACV,CAAC;AAEX,qBAAqB;AACrB,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,aAAa,EAAE,2CAA2C;IAC1D,oBAAoB,EAAE,kDAAkD;IACxE,mBAAmB,EAAE,uBAAuB;IAC5C,oBAAoB,EAAE,6CAA6C;IACnE,iBAAiB,EAAE,wCAAwC;IAC3D,aAAa,EAAE,eAAe;IAC9B,eAAe,EAAE,iCAAiC;CAC1C,CAAC;AAEX,qCAAqC;AACrC,MAAM,CAAC,MAAM,UAAU,GAAG;IACxB,gBAAgB,EAAE,kBAAkB;IACpC,eAAe,EAAE,iBAAiB;IAClC,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,gBAAgB;CACxB,CAAC;AAEX,gDAAgD;AAChD,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,MAAM,EAAE,MAAM;IACd,KAAK,EAAE,OAAO;IACd,KAAK,EAAE,UAAU;CACT,CAAC;AAEX,iCAAiC;AACjC,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,KAAK,EAAE,0BAA0B;IACjC,YAAY,EAAE,8BAA8B;IAC5C,OAAO,EAAE,wBAAwB;IACjC,YAAY,EACV,8EAA8E;IAChF,mBAAmB,EACjB,kEAAkE;CAC5D,CAAC;AAEX,6BAA6B;AAC7B,MAAM,CAAC,MAAM,WAAW,GAA8B;IACpD,WAAW,EAAE;QACX,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,4CAA4C;QACzD,SAAS,EAAE,KAAK;QAChB,cAAc,EAAE,KAAK;QACrB,YAAY,EAAE,IAAI;KACnB;IACD,kBAAkB,EAAE;QAClB,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,qDAAqD;QAClE,SAAS,EAAE,KAAK;QAChB,cAAc,EAAE,KAAK;QACrB,YAAY,EAAE,IAAI;KACnB;IACD,eAAe,EAAE;QACf,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,+CAA+C;QAC5D,SAAS,EAAE,KAAK;QAChB,cAAc,EAAE,IAAI;QACpB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,gCAAgC;QAC7C,SAAS,EAAE,KAAK;QAChB,cAAc,EAAE,KAAK;QACrB,YAAY,EAAE,IAAI;KACnB;CACO,CAAC"}