@javargasm/opencode-kiro-auth 0.1.0

package/README.md

@@ -0,0 +1,190 @@
+# opencode-kiro
+
+Kiro provider plugin for [OpenCode](https://opencode.ai). Authenticates via AWS Builder ID or IAM Identity Center and exposes all Kiro models through an Anthropic-compatible local gateway.
+
+## Features
+
+- **AWS Builder ID / IAM Identity Center** — OAuth device-code login with automatic token refresh
+- **Dynamic model discovery** — fetches available models from the Kiro API at runtime; falls back to a curated static catalog
+- **Local Anthropic gateway** — translates Anthropic Messages API requests to Kiro's CodeWhisperer streaming protocol
+- **Adaptive thinking** — maps reasoning effort levels (`low` → `max`) through the `output_config.effort` parameter
+- **Multi-region** — supports `us-east-1` and `eu-central-1` Kiro API regions with automatic SSO region mapping
+- **Zero external dependencies** — self-contained plugin; no runtime deps beyond the OpenCode SDK
+
+## Supported Models
+
+| Model | Reasoning | Context | Effort Levels |
+|:---|:---:|:---:|:---|
+| Claude Fable 5 | ✅ | 1M | low, medium, high, xhigh, max |
+| Claude Opus 4.8 | ✅ | 1M | low, medium, high, xhigh, max |
+| Claude Opus 4.7 | ✅ | 1M | low, medium, high, xhigh, max |
+| Claude Opus 4.6 | ✅ | 1M | low, medium, high, max |
+| Claude Sonnet 4.6 | ✅ | 1M | low, medium, high, max |
+| Claude Opus 4.5 | ✅ | 200K | — |
+| Claude Sonnet 4.5 | ✅ | 200K | — |
+| Claude Sonnet 4 | ✅ | 200K | — |
+| Claude Haiku 4.5 | ❌ | 200K | — |
+| DeepSeek 3.2 | ✅ | 128K | — |
+| Kimi K2.5 | ✅ | 200K | — |
+| MiniMax M2.1 / M2.5 | ❌ | 196K | — |
+| GLM 4.7 / 4.7 Flash | ✅/❌ | 128K | — |
+| Qwen3 Coder Next | ✅ | 256K | — |
+| Qwen3 Coder 480B | ✅ | 128K | — |
+| AGI Nova Beta | ✅ | 1M | — |
+
+> Models without effort levels listed use Kiro's default reasoning behavior. Additional models may appear dynamically via the `ListAvailableModels` API.
+
+## Installation
+
+### From npm (recommended)
+
+Add the plugin to your `opencode.json`:
+
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "plugin": [
+    "opencode-kiro"
+  ]
+}
+```
+
+OpenCode will auto-install the package on startup.
+
+### From local source
+
+1. Clone the repository:
+
+```bash
+git clone https://github.com/your-org/opencode-kiro.git
+cd opencode-kiro
+```
+
+2. Install dependencies and build:
+
+```bash
+bun install
+bun run build
+```
+
+3. Register the plugin in your `opencode.json` using the absolute path to the built entry point:
+
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "plugin": [
+    "/absolute/path/to/opencode-kiro/dist/index.js"
+  ]
+}
+```
+
+## Authentication
+
+Once the plugin is loaded, authenticate through the OpenCode TUI:
+
+1. Run `/connect` inside OpenCode
+2. Select **Kiro (Builder ID / IAM Identity Center)**
+3. Choose your login method:
+   - **Builder ID** — press Enter at the SSO URL prompt (default)
+   - **IAM Identity Center** — enter your organization's SSO Start URL (e.g. `https://mycompany.awsapps.com/start`) and optionally the SSO region
+4. Complete the browser-based authorization using the provided verification code
+5. Tokens are stored securely and refreshed automatically
+
+## Usage
+
+After authentication, select any Kiro model in the OpenCode model picker. The plugin:
+
+1. Starts a local Anthropic-compatible gateway on a random port
+2. Registers all available models as OpenCode provider entries
+3. Routes requests through `@ai-sdk/anthropic` → local gateway → Kiro CodeWhisperer API
+
+### Selecting a model
+
+Use the model picker in the OpenCode TUI or set a default in your `opencode.json`:
+
+```json
+{
+  "model": "kiro/claude-opus-4-7"
+}
+```
+
+### Reasoning effort
+
+Models that support adaptive thinking accept effort levels through OpenCode's reasoning configuration. The plugin passes them 1:1 to Kiro's `output_config.effort` parameter:
+
+- `low` — speed/cost optimized
+- `medium` — balanced general-purpose
+- `high` — default, best balance
+- `xhigh` — complex multi-step tasks (Fable 5, Opus 4.7, 4.8)
+- `max` — maximum reasoning depth (Fable 5, Opus 4.7, 4.8)
+
+Not all models support every level — see the model table above for supported efforts per model.
+
+## Development
+
+### Prerequisites
+
+- [Bun](https://bun.sh) ≥ 1.0
+- TypeScript ≥ 5.0
+
+### Commands
+
+```bash
+# Type-check + run tests
+bun run check
+
+# Type-check only
+bun run typecheck
+
+# Run tests
+bun test
+
+# Run tests in watch mode
+bun test --watch
+
+# Build for distribution
+bun run build
+```
+
+### Project Structure
+
+```
+src/
+├── index.ts            # Plugin entry: auth hooks, model registration, gateway lifecycle
+├── types.ts            # Local type definitions and runtime utilities
+├── server.ts           # Bun.serve Anthropic gateway (Messages API → Kiro SSE)
+├── stream.ts           # Kiro streaming orchestrator (request build, retry, event parsing)
+├── models.ts           # Model catalog, region mapping, dynamic model discovery
+├── oauth.ts            # OIDC device-code auth (Builder ID + Identity Center)
+├── transform.ts        # Message format conversion (OpenCode ↔ Kiro wire format)
+├── thinking-parser.ts  # Streaming <thinking> tag parser for inline reasoning
+├── event-parser.ts     # Kiro JSON event stream parser
+├── kiro-defaults.ts    # Static protocol constants (system seed, tool schemas)
+├── health.ts           # Permanent error classification
+├── tokenizer.ts        # Lightweight token estimation
+└── debug.ts            # Structured logging
+test/
+└── gateway.test.ts     # Gateway integration tests (health, auth, streaming, non-streaming)
+```
+
+## Architecture
+
+```
+┌──────────────┐     ┌─────────────────────┐     ┌──────────────────┐
+│   OpenCode   │────▶│  Local Gateway      │────▶│  Kiro API        │
+│  (@ai-sdk/   │     │  (Bun.serve)        │     │  (CodeWhisperer  │
+│   anthropic) │◀────│                     │◀────│   Streaming)     │
+│              │ SSE │  POST /v1/messages   │     │                  │
+└──────────────┘     └─────────────────────┘     └──────────────────┘
+                        ▲
+                        │ Translates:
+                        │ • Anthropic Messages → Kiro request body
+                        │ • Kiro JSON events → Anthropic SSE events
+                        │ • Handles retry, capacity, context truncation
+```
+
+The gateway runs on `127.0.0.1` on a random port. It accepts standard Anthropic Messages API requests and translates them bidirectionally to Kiro's proprietary CodeWhisperer streaming protocol.
+
+## License
+
+MIT

package/dist/dashboard-stats.d.ts

@@ -0,0 +1,22 @@
+export interface RequestMetrics {
+    id: string;
+    timestamp: number;
+    model: string;
+    inputTokens: number;
+    outputTokens: number;
+    credits: number;
+    stream: boolean;
+}
+declare class DashboardStats {
+    private requests;
+    recordRequest(metrics: Omit<RequestMetrics, "timestamp">): void;
+    getStats(): {
+        totalRequests: number;
+        totalTokens: number;
+        totalCredits: number;
+        requests: RequestMetrics[];
+    };
+}
+export declare const stats: DashboardStats;
+export {};
+//# sourceMappingURL=dashboard-stats.d.ts.map

package/dist/dashboard-stats.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dashboard-stats.d.ts","sourceRoot":"","sources":["../src/dashboard-stats.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,OAAO,CAAC;CACjB;AAID,cAAM,cAAc;IAClB,OAAO,CAAC,QAAQ,CAAwB;IAExC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,WAAW,CAAC;IAOxD,QAAQ;;;;;;CAYT;AAED,eAAO,MAAM,KAAK,gBAAuB,CAAC"}

package/dist/dashboard-ui.d.ts

@@ -0,0 +1,2 @@
+export declare function getDashboardHtml(): string;
+//# sourceMappingURL=dashboard-ui.d.ts.map

package/dist/dashboard-ui.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dashboard-ui.d.ts","sourceRoot":"","sources":["../src/dashboard-ui.ts"],"names":[],"mappings":"AAAA,wBAAgB,gBAAgB,IAAI,MAAM,CA8TzC"}

package/dist/debug.d.ts

@@ -0,0 +1,12 @@
+export type LogLevel = "error" | "warn" | "info" | "debug";
+export declare const log: {
+    error: (msg: string, data?: unknown) => void;
+    warn: (msg: string, data?: unknown) => void;
+    info: (msg: string, data?: unknown) => void;
+    debug: (msg: string, data?: unknown) => void;
+    /** True when the current threshold includes `debug`. Use to avoid
+     *  expensive serialization of payloads we won't log. */
+    isDebug: () => boolean;
+};
+export declare function previewChunk(s: string): string;
+//# sourceMappingURL=debug.d.ts.map

package/dist/debug.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"debug.d.ts","sourceRoot":"","sources":["../src/debug.ts"],"names":[],"mappings":"AAYA,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAgF3D,eAAO,MAAM,GAAG;iBACD,MAAM,SAAS,OAAO;gBACvB,MAAM,SAAS,OAAO;gBACtB,MAAM,SAAS,OAAO;iBACrB,MAAM,SAAS,OAAO;IACnC;4DACwD;;CAEzD,CAAC;AAWF,wBAAgB,YAAY,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAa9C"}

package/dist/event-parser.d.ts

@@ -0,0 +1,61 @@
+export type KiroStreamEvent = {
+    type: "content";
+    data: string;
+} | {
+    type: "toolUse";
+    data: {
+        name: string;
+        toolUseId: string;
+        input: string;
+        stop?: boolean;
+    };
+} | {
+    type: "toolUseInput";
+    data: {
+        input: string;
+    };
+} | {
+    type: "toolUseStop";
+    data: {
+        stop: boolean;
+    };
+} | {
+    type: "contextUsage";
+    data: {
+        contextUsagePercentage: number;
+    };
+} | {
+    type: "reasoning";
+    data: {
+        text: string;
+        signature?: string;
+    };
+} | {
+    type: "followupPrompt";
+    data: string;
+} | {
+    type: "usage";
+    data: {
+        inputTokens?: number;
+        outputTokens?: number;
+    };
+} | {
+    type: "error";
+    data: {
+        error: string;
+        message?: string;
+    };
+} | {
+    type: "metering";
+    data: {
+        usage: number;
+    };
+};
+/** Find the matching `}` for the `{` at `start`. Returns -1 if incomplete. */
+export declare function findJsonEnd(text: string, start: number): number;
+export declare function parseKiroEventMulti(parsed: Record<string, unknown>): KiroStreamEvent[];
+export declare function parseKiroEvents(buffer: string): {
+    events: KiroStreamEvent[];
+    remaining: string;
+};
+//# sourceMappingURL=event-parser.d.ts.map

package/dist/event-parser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"event-parser.d.ts","sourceRoot":"","sources":["../src/event-parser.ts"],"names":[],"mappings":"AASA,MAAM,MAAM,eAAe,GACvB;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GACjC;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,OAAO,CAAA;KAAE,CAAA;CAAE,GAC7F;IAAE,IAAI,EAAE,cAAc,CAAC;IAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,GACjD;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,IAAI,EAAE;QAAE,IAAI,EAAE,OAAO,CAAA;KAAE,CAAA;CAAE,GAChD;IAAE,IAAI,EAAE,cAAc,CAAC;IAAC,IAAI,EAAE;QAAE,sBAAsB,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,GAClE;IAAE,IAAI,EAAE,WAAW,CAAC;IAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,GACjE;IAAE,IAAI,EAAE,gBAAgB,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GACxC;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,IAAI,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,GACxE;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,GAC5D;IAAE,IAAI,EAAE,UAAU,CAAC;IAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAAC;AAElD,8EAA8E;AAC9E,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CA2B/D;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,eAAe,EAAE,CAqItF;AAoCD,wBAAgB,eAAe,CAC7B,MAAM,EAAE,MAAM,GACb;IAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAqElD"}

package/dist/health.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Returns true if the error message indicates a permanent failure that
+ * will not resolve without user re-authentication.
+ */
+export declare function isPermanentError(reason?: string): boolean;
+//# sourceMappingURL=health.d.ts.map

package/dist/health.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../src/health.ts"],"names":[],"mappings":"AAiBA;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAGzD"}

package/dist/index.d.ts

@@ -0,0 +1,8 @@
+import type { Plugin } from "@opencode-ai/plugin";
+export declare const KiroPlugin: Plugin;
+declare const _default: {
+    id: string;
+    server: Plugin;
+};
+export default _default;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAuB,MAAM,qBAAqB,CAAC;AAoBvE,eAAO,MAAM,UAAU,EAAE,MAiUxB,CAAC;;;;;AAEF,wBAGyB"}