@javargasm/opencode-kiro-auth 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/README.md +5 -5
  2. package/dist/index.d.ts.map +1 -1
  3. package/dist/index.js +1229 -488
  4. package/dist/kiro-cli-sync.d.ts +58 -4
  5. package/dist/kiro-cli-sync.d.ts.map +1 -1
  6. package/dist/models.d.ts +9 -1
  7. package/dist/models.d.ts.map +1 -1
  8. package/dist/oauth.d.ts +32 -2
  9. package/dist/oauth.d.ts.map +1 -1
  10. package/dist/server.d.ts.map +1 -1
  11. package/dist/stream.d.ts +0 -16
  12. package/dist/stream.d.ts.map +1 -1
  13. package/package.json +5 -4
package/dist/kiro-cli-sync.d.ts CHANGED
@@ -1,16 +1,70 @@
1
+ export type KiroCredentialSource = "kiro-cli-db" | "kiro-sso-cache";
1
2
  export interface KiroCliCredentials {
2
3
  accessToken: string;
3
4
  refreshToken: string;
4
5
  clientId?: string;
5
6
  clientSecret?: string;
6
7
  region: string;
7
- authMethod: "idc" | "desktop";
8
- email?: string;
9
8
  profileArn?: string;
9
+ authMethod: "idc" | "desktop" | "social" | "builder-id";
10
+ email?: string;
11
+ source?: KiroCredentialSource;
12
+ /** Exact `auth_kv.key` for the imported token row, present for DB imports. */
13
+ tokenKey?: string;
14
+ }
15
+ export interface AuthKvRow {
16
+ key: string;
17
+ value: string;
10
18
  }
19
+ export declare function selectKiroTokenRowForWrite(rows: AuthKvRow[], creds: Pick<KiroCliCredentials, "authMethod" | "tokenKey">): AuthKvRow | undefined;
20
+ export declare function sameKiroCliCredential(left: KiroCliCredentials | null, right: KiroCliCredentials | null): boolean;
21
+ /**
22
+ * Import credentials from Kiro IDE's AWS SSO OIDC cache file.
23
+ *
24
+ * Path: `~/.aws/sso/cache/kiro-auth-token.json` (per the AWS SSO OIDC
25
+ * client spec; AWS CLI and Kiro IDE both write here on successful SSO login).
26
+ *
27
+ * The file contains the bearer access token, refresh token, expiry, region,
28
+ * and the SSO auth method ("IdC", etc.). It does NOT contain the OIDC
29
+ * clientId/clientSecret — those are stored in Kiro IDE's SQLite DB.
30
+ *
31
+ * This is a fallback for when the SQLite read fails (locked, missing,
32
+ * unreadable) or yields no tokens. Without OIDC client creds, refresh must
33
+ * go through the desktop endpoint; we set `authMethod: "desktop"` for that
34
+ * path. The original SSO identity (IdC) is preserved by leaving
35
+ * `region` and the token values intact.
36
+ *
37
+ * Returns null if the file doesn't exist, is unreadable, isn't valid JSON,
38
+ * or has no token fields. Never throws.
39
+ */
40
+ export declare function importFromKiroSsoCache(): Promise<KiroCliCredentials | null>;
11
41
  /**
12
- * Import credentials from Kiro CLI DB first, then SSO cache fallback.
13
- * Returns null if neither source yields valid credentials. Never throws.
42
+ * Top-level import: try the Kiro IDE SQLite DB first, then fall back to
43
+ * the AWS SSO cache JSON. The cache is a strictly weaker source (no
44
+ * OIDC clientId/clientSecret) so the SQLite read is preferred.
45
+ *
46
+ * Returns null only when neither path yields valid credentials.
47
+ * Never throws.
14
48
  */
15
49
  export declare function importFromKiroCli(): Promise<KiroCliCredentials | null>;
50
+ /**
51
+ * Attempt to read credentials from Kiro IDE's local database WITHOUT checking
52
+ * token expiry. This is the last-resort fallback: the access token is probably
53
+ * stale, but the refresh token might still be valid for one more exchange.
54
+ *
55
+ * Returns null if the DB doesn't exist, is unreadable, or has no tokens at all.
56
+ * Never throws.
57
+ */
58
+ export declare function getKiroCliCredentialsAllowExpired(exclude?: KiroCliCredentials | null): Promise<KiroCliCredentials | null>;
59
+ /**
60
+ * Write refreshed credentials back to Kiro CLI's local SQLite database.
61
+ *
62
+ * This enables bidirectional sync for credentials originally imported from the
63
+ * DB. The credential must carry `source: "kiro-cli-db"` and the exact imported
64
+ * `auth_kv` token key; unrelated token families are never overwritten.
65
+ *
66
+ * Never throws — all errors are caught and logged. A failed write-back is
67
+ * non-fatal; the refreshed token is still valid in memory.
68
+ */
69
+ export declare function saveKiroCliCredentials(creds: KiroCliCredentials): Promise<boolean>;
16
70
  //# sourceMappingURL=kiro-cli-sync.d.ts.map
package/dist/kiro-cli-sync.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"kiro-cli-sync.d.ts","sourceRoot":"","sources":["../src/kiro-cli-sync.ts"],"names":[],"mappings":"AAaA,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,KAAK,GAAG,SAAS,CAAC;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAgND;;;GAGG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAI5E"}
1
+ {"version":3,"file":"kiro-cli-sync.d.ts","sourceRoot":"","sources":["../src/kiro-cli-sync.ts"],"names":[],"mappings":"AA2CA,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG,gBAAgB,CAAC;AAEpE,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,KAAK,GAAG,SAAS,GAAG,QAAQ,GAAG,YAAY,CAAC;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAC9B,8EAA8E;IAC9E,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;CACf;AA6PD,wBAAgB,0BAA0B,CACxC,IAAI,EAAE,SAAS,EAAE,EACjB,KAAK,EAAE,IAAI,CAAC,kBAAkB,EAAE,YAAY,GAAG,UAAU,CAAC,GACzD,SAAS,GAAG,SAAS,CAIvB;AAED,wBAAgB,qBAAqB,CACnC,IAAI,EAAE,kBAAkB,GAAG,IAAI,EAC/B,KAAK,EAAE,kBAAkB,GAAG,IAAI,GAC/B,OAAO,CAQT;AAqLD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CA2CjF;AAED;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAI5E;AAED;;;;;;;GAOG;AACH,wBAAsB,iCAAiC,CACrD,OAAO,CAAC,EAAE,kBAAkB,GAAG,IAAI,GAClC,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAQpC;AAED;;;;;;;;;GASG;AACH,wBAAsB,sBAAsB,CAAC,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,CA4FxF"}
package/dist/models.d.ts CHANGED
@@ -87,12 +87,20 @@ export interface KiroApiModel {
87
87
  };
88
88
  };
89
89
  }
90
+ export declare function resetProfileArnCache(skipResolution?: boolean): void;
91
+ export declare function seedProfileArn(arn: string): void;
92
+ /**
93
+ * Resolve the Kiro profile ARN by calling ListAvailableProfiles.
94
+ * Builder ID device-code login doesn't receive a profileArn, so we
95
+ * discover it here. Returns null on failure (graceful fallback).
96
+ */
97
+ export declare function resolveProfileArn(accessToken: string, apiRegion: string): Promise<string | null>;
90
98
  /**
91
99
  * Fetch the list of models actually available for this account from Kiro.
92
100
  * Filters out "auto" — it appears in ListAvailableModels but is rejected
93
101
  * by GenerateAssistantResponse with INVALID_MODEL_ID.
94
102
  */
95
- export declare function fetchAvailableModels(accessToken: string, apiRegion: string, fallbackProfileArn?: string): Promise<KiroApiModel[]>;
103
+ export declare function fetchAvailableModels(accessToken: string, apiRegion: string, profileArn: string): Promise<KiroApiModel[]>;
96
104
  /**
97
105
  * Build pi model definitions from the Kiro ListAvailableModels API response.
98
106
  * Adds any new model IDs dynamically to KIRO_MODEL_IDS so resolveKiroModel passes.
package/dist/models.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../src/models.ts"],"names":[],"mappings":"AAQA,gEAAgE;AAChE,eAAO,MAAM,cAAc,aAuBzB,CAAC;AAGH,sEAAsE;AACtE,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED,0EAA0E;AAC1E,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAMxD;AA8BD,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,CAGtE;AAaD,KAAK,KAAK,GAAG,CAAC,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC;AAIlC,MAAM,WAAW,SAAS;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,UAAU,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,CAAC;IACb,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/E,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,oEAAoE;IACpE,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,iEAAiE;IACjE,sBAAsB,CAAC,EAAE,OAAO,CAAC;CAClC;AAED,eAAO,MAAM,UAAU,EAAE,SAAS,EAwNjC,CAAC;AAIF,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE;QAAE,cAAc,CAAC,EAAE,MAAM,CAAC;QAAC,eAAe,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACpE,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,qEAAqE;IACrE,kCAAkC,CAAC,EAAE;QACnC,UAAU,CAAC,EAAE;YACX,aAAa,CAAC,EAAE;gBAAE,UAAU,CAAC,EAAE;oBAAE,MAAM,CAAC,EAAE;wBAAE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;qBAAE,CAAA;iBAAE,CAAA;aAAE,CAAC;YAClE,QAAQ,CAAC,EAAE;gBAAE,UAAU,CAAC,EAAE;oBAAE,IAAI,CAAC,EAAE;wBAAE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;qBAAE,CAAA;iBAAE,CAAA;aAAE,CAAC;SAC5D,CAAC;KACH,CAAC;CACH;AAED;;;;GAIG;AACH,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,EACjB,kBAAkB,CAAC,EAAE,MAAM,GAC1B,OAAO,CAAC,YAAY,EAAE,CAAC,CA0BzB;AAqBD;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,YAAY,EAAE,GAAG,SAAS,EAAE,CAkCzE;AAKD,wBAAgB,sBAAsB,IAAI,SAAS,EAAE,GAAG,IAAI,CAE3D;AAED,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,GAAG,IAAI,CAEvE"}
1
+ {"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../src/models.ts"],"names":[],"mappings":"AAOA,gEAAgE;AAChE,eAAO,MAAM,cAAc,aAuBzB,CAAC;AAGH,sEAAsE;AACtE,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED,0EAA0E;AAC1E,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAMxD;AA8BD,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,CAGtE;AAaD,KAAK,KAAK,GAAG,CAAC,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC;AAIlC,MAAM,WAAW,SAAS;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,UAAU,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,KAAK,CAAC;IACb,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAC/E,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,oEAAoE;IACpE,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,iEAAiE;IACjE,sBAAsB,CAAC,EAAE,OAAO,CAAC;CAClC;AAED,eAAO,MAAM,UAAU,EAAE,SAAS,EAwNjC,CAAC;AAIF,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE;QAAE,cAAc,CAAC,EAAE,MAAM,CAAC;QAAC,eAAe,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACpE,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,qEAAqE;IACrE,kCAAkC,CAAC,EAAE;QACnC,UAAU,CAAC,EAAE;YACX,aAAa,CAAC,EAAE;gBAAE,UAAU,CAAC,EAAE;oBAAE,MAAM,CAAC,EAAE;wBAAE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;qBAAE,CAAA;iBAAE,CAAA;aAAE,CAAC;YAClE,QAAQ,CAAC,EAAE;gBAAE,UAAU,CAAC,EAAE;oBAAE,IAAI,CAAC,EAAE;wBAAE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;qBAAE,CAAA;iBAAE,CAAA;aAAE,CAAC;SAC5D,CAAC;KACH,CAAC;CACH;AAKD,wBAAgB,oBAAoB,CAAC,cAAc,UAAQ,GAAG,IAAI,CAGjE;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAEhD;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CACrC,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA4BxB;AAED;;;;GAIG;AACH,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,YAAY,EAAE,CAAC,CAiBzB;AAqBD;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,YAAY,EAAE,GAAG,SAAS,EAAE,CAkCzE;AAKD,wBAAgB,sBAAsB,IAAI,SAAS,EAAE,GAAG,IAAI,CAE3D;AAED,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,IAAI,GAAG,IAAI,CAEvE"}
package/dist/oauth.d.ts CHANGED
@@ -12,7 +12,7 @@ export interface KiroCredentials {
12
12
  clientId: string;
13
13
  clientSecret: string;
14
14
  region: string;
15
- authMethod: "builder-id" | "idc" | "desktop";
15
+ authMethod: "builder-id" | "idc" | "desktop" | "social";
16
16
  }
17
17
  export interface DeviceAuthResponse {
18
18
  verificationUri: string;
@@ -37,10 +37,40 @@ export declare function tryRegisterAndAuthorize(startUrl: string, region: string
37
37
  devAuth: DeviceAuthResponse;
38
38
  } | null>;
39
39
  export declare function pollForToken(oidcEndpoint: string, clientId: string, clientSecret: string, devAuth: DeviceAuthResponse, signal: AbortSignal | undefined): Promise<TokenResponse>;
40
- export declare function refreshKiroToken(refreshTokenPacked: string, region: string, authMethod: "builder-id" | "idc" | "desktop"): Promise<{
40
+ export declare function refreshKiroToken(refreshTokenPacked: string, region: string, authMethod: "builder-id" | "idc" | "desktop" | "social"): Promise<{
41
41
  access: string;
42
42
  refresh: string;
43
43
  expires: number;
44
44
  }>;
45
+ /**
46
+ * Run the full social (Builder ID) sign-in flow.
47
+ *
48
+ * 1. Generate PKCE verifier + challenge.
49
+ * 2. Start localhost callback server on port 49153.
50
+ * 3. Return the sign-in URL for the caller to redirect the browser to.
51
+ * 4. Wait for the OAuth callback with the authorization code.
52
+ * 5. Exchange the code for tokens via Kiro's desktop auth endpoint.
53
+ * 6. Fetch and cache dynamic models if profileArn is returned.
54
+ *
55
+ * If Kiro portal detects an enterprise (IdC) account, it redirects with
56
+ * `login_option=awsidc` instead of a code. In that case, the callback
57
+ * server shows the IdC delegation page and the flow transparently
58
+ * switches to a device-code flow for IdC.
59
+ *
60
+ * Returns the sign-in URL immediately and a promise that resolves with the
61
+ * credentials once the flow completes (regardless of social or IdC path).
62
+ */
63
+ export declare function startSocialLogin(): Promise<{
64
+ signInUrl: string;
65
+ waitForCredentials: () => Promise<{
66
+ accessToken: string;
67
+ refreshToken: string;
68
+ refreshPacked: string;
69
+ profileArn?: string;
70
+ region: string;
71
+ authMethod: "social" | "idc";
72
+ expiresAt: number;
73
+ }>;
74
+ }>;
45
75
  export {};
46
76
  //# sourceMappingURL=oauth.d.ts.map
package/dist/oauth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAQA,eAAO,MAAM,oBAAoB,mCAAmC,CAAC;AACrE,eAAO,MAAM,iBAAiB,cAAc,CAAC;AAC7C,eAAO,MAAM,UAAU,UAMtB,CAAC;AAEF,+DAA+D;AAC/D,eAAO,MAAM,iBAAiB,UAW7B,CAAC;AAEF,gEAAgE;AAChE,eAAO,MAAM,iBAAiB,QAAgB,CAAC;AAE/C,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,YAAY,GAAG,KAAK,GAAG,SAAS,CAAC;CAC9C;AAED,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,EAAE,MAAM,CAAC;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAOD,UAAU,aAAa;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qEAAqE;AACrE,wBAAgB,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAa9E;AAED,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;IACT,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,kBAAkB,CAAC;CAC7B,GAAG,IAAI,CAAC,CAkCR;AAED,wBAAsB,YAAY,CAChC,YAAY,EAAE,MAAM,EACpB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,kBAAkB,EAC3B,MAAM,EAAE,WAAW,GAAG,SAAS,GAC9B,OAAO,CAAC,aAAa,CAAC,CA8CxB;AAED,wBAAsB,gBAAgB,CACpC,kBAAkB,EAAE,MAAM,EAC1B,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,YAAY,GAAG,KAAK,GAAG,SAAS,GAC3C,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CA6D/D"}
1
+ {"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAcA,eAAO,MAAM,oBAAoB,mCAAmC,CAAC;AACrE,eAAO,MAAM,iBAAiB,cAAc,CAAC;AAC7C,eAAO,MAAM,UAAU,UAMtB,CAAC;AAEF,+DAA+D;AAC/D,eAAO,MAAM,iBAAiB,UAW7B,CAAC;AAEF,gEAAgE;AAChE,eAAO,MAAM,iBAAiB,QAAgB,CAAC;AAE/C,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,YAAY,GAAG,KAAK,GAAG,SAAS,GAAG,QAAQ,CAAC;CACzD;AAED,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,EAAE,MAAM,CAAC;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAOD,UAAU,aAAa;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qEAAqE;AACrE,wBAAgB,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAa9E;AAED,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;IACT,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,kBAAkB,CAAC;CAC7B,GAAG,IAAI,CAAC,CAkCR;AAED,wBAAsB,YAAY,CAChC,YAAY,EAAE,MAAM,EACpB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,kBAAkB,EAC3B,MAAM,EAAE,WAAW,GAAG,SAAS,GAC9B,OAAO,CAAC,aAAa,CAAC,CA8CxB;AAED,wBAAsB,gBAAgB,CACpC,kBAAkB,EAAE,MAAM,EAC1B,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,YAAY,GAAG,KAAK,GAAG,SAAS,GAAG,QAAQ,GACtD,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAgG/D;AAuXD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC;IAChD,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE,MAAM,OAAO,CAAC;QAChC,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC;QACtB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC;QACf,UAAU,EAAE,QAAQ,GAAG,KAAK,CAAC;QAC7B,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;CACJ,CAAC,CA8ID"}
package/dist/server.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AA2BlC,wBAAgB,aAAa,IAAI,MAAM,CAA0C;AAEjF,kDAAkD;AAClD,wBAAsB,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC,CAuCrD;AAsBD,qEAAqE;AACrE,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,SAAc,QAQnE;AAwBD,wBAAgB,kBAAkB,CAAC,IAAI,GAAE,MAAU,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAobzE"}
1
+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AA2BlC,wBAAgB,aAAa,IAAI,MAAM,CAA0C;AAEjF,kDAAkD;AAClD,wBAAsB,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC,CA+DrD;AAsBD,qEAAqE;AACrE,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,SAAc,QAQnE;AAwBD,wBAAgB,kBAAkB,CAAC,IAAI,GAAE,MAAU,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CA8dzE"}
package/dist/stream.d.ts CHANGED
@@ -9,21 +9,5 @@ import { AssistantMessageEventStream } from "./types";
9
9
  * time.
10
10
  */
11
11
  export declare const HIDDEN_REASONING_COUNTDOWN_MS = 2000;
12
- /**
13
- * Reset cache state. Pass `skipResolution: true` to disable profileArn lookup
14
- * entirely (useful for tests that don't mock ListAvailableProfiles).
15
- * Production code should never pass true — cache is reset on logout/refresh
16
- * without disabling resolution.
17
- */
18
- export declare function resetProfileArnCache(skipResolution?: boolean): void;
19
- /**
20
- * Pre-seed the profileArn cache for a given endpoint. When set,
21
- * `resolveProfileArn` returns the seeded value without hitting the
22
- * management endpoint. Use this to inject a known profileArn from
23
- * external sources (e.g. Kiro CLI auth.json) as a fallback when the
24
- * management API returns 400.
25
- */
26
- export declare function seedProfileArn(endpoint: string, arn: string): void;
27
- export declare function resolveProfileArn(accessToken: string, endpoint: string): Promise<string | undefined>;
28
12
  export declare function streamKiro(model: Model<Api>, context: Context, options?: SimpleStreamOptions): AssistantMessageEventStream;
29
13
  //# sourceMappingURL=stream.d.ts.map
package/dist/stream.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../src/stream.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,GAAG,EAEH,OAAO,EAEP,KAAK,EACL,mBAAmB,EAKpB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,2BAA2B,EAAiB,MAAM,SAAS,CAAC;AA6FrE;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,OAAO,CAAC;AAgDlD;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,cAAc,UAAQ,GAAG,IAAI,CAGjE;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI,CAElE;AAED,wBAAsB,iBAAiB,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAuC1G;AA2DD,wBAAgB,UAAU,CACxB,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,EACjB,OAAO,EAAE,OAAO,EAChB,OAAO,CAAC,EAAE,mBAAmB,GAC5B,2BAA2B,CAg0B7B"}
1
+ {"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../src/stream.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,GAAG,EAEH,OAAO,EAEP,KAAK,EACL,mBAAmB,EAKpB,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,2BAA2B,EAAiB,MAAM,SAAS,CAAC;AA6FrE;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,OAAO,CAAC;AAkGlD,wBAAgB,UAAU,CACxB,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,EACjB,OAAO,EAAE,OAAO,EAChB,OAAO,CAAC,EAAE,mBAAmB,GAC5B,2BAA2B,CAm0B7B"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@javargasm/opencode-kiro-auth",
3
- "version": "0.1.0",
3
+ "version": "0.2.0",
4
4
  "description": "Kiro provider plugin for OpenCode: AWS Builder ID / Identity Center login and OpenAI compatible local gateway for CodeWhisperer streaming.",
5
5
  "type": "module",
6
6
  "license": "MIT",
@@ -45,9 +45,10 @@
45
45
  "build:types": "tsc -p tsconfig.build.json",
46
46
  "build": "bun run clean && bun run build:js && bun run build:types",
47
47
  "typecheck": "tsc --noEmit",
48
- "test": "bun test",
49
- "test:watch": "bun test --watch",
50
- "check": "bun run typecheck && bun run test",
48
+ "test": "vitest run",
49
+ "test:bun": "bun test test/gateway.test.ts",
50
+ "test:watch": "vitest",
51
+ "check": "bun run typecheck && bun run test && bun run test:bun",
51
52
  "changeset": "changeset",
52
53
  "version": "changeset version",
53
54
  "prepack": "bun run build",