npm - @jsonstudio/rcc - Versions diffs - 0.89.1968 → 0.89.2195 - Mend

@jsonstudio/rcc 0.89.1968 → 0.89.2195

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (555) hide show

package/dist/providers/auth/oauth-utils/camoufox-helper.js ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * Camoufox Helper for OAuth
+ *
+ * Opens Google account verification in Camoufox browser.
+ */
+import path from 'path';
+import { openAuthInCamoufox } from '../../core/config/camoufox-launcher.js';
+/**
+ * Resolve Camoufox alias from auth configuration
+ */
+export function resolveCamoufoxAliasForAuth(providerType, auth) {
+    const raw = typeof auth.tokenFile === 'string' ? auth.tokenFile.trim() : '';
+    if (raw && !raw.includes('/') && !raw.includes('\\') && !raw.endsWith('.json')) {
+        return raw;
+    }
+    const base = raw ? path.basename(raw) : '';
+    const pt = String(providerType || '').trim().toLowerCase();
+    if (base && pt) {
+        const re = new RegExp(`^${pt}-oauth-\\d+(?:-(.+))?\\.json$`, 'i');
+        const m = base.match(re);
+        const alias = m && m[1] ? String(m[1]).trim() : '';
+        if (alias) {
+            return alias;
+        }
+    }
+    return 'default';
+}
+/**
+ * Open Google account verification URL in Camoufox browser
+ */
+export async function openGoogleAccountVerificationInCamoufox(args) {
+    const providerType = args.providerType;
+    const url = args.url;
+    if (!url) {
+        return;
+    }
+    const alias = resolveCamoufoxAliasForAuth(providerType, args.auth);
+    const prevBrowser = process.env.ROUTECODEX_OAUTH_BROWSER;
+    const prevAutoMode = process.env.ROUTECODEX_CAMOUFOX_AUTO_MODE;
+    const prevDevMode = process.env.ROUTECODEX_CAMOUFOX_DEV_MODE;
+    const prevOpenOnly = process.env.ROUTECODEX_CAMOUFOX_OPEN_ONLY;
+    process.env.ROUTECODEX_OAUTH_BROWSER = 'camoufox';
+    delete process.env.ROUTECODEX_CAMOUFOX_AUTO_MODE;
+    process.env.ROUTECODEX_CAMOUFOX_DEV_MODE = '1';
+    process.env.ROUTECODEX_CAMOUFOX_OPEN_ONLY = '1';
+    try {
+        const ok = await openAuthInCamoufox({ url, provider: providerType, alias });
+        if (ok) {
+            console.warn(`[OAuth] Google account verification opened in Camoufox (provider=${providerType} alias=${alias}).`);
+        }
+    }
+    catch {
+        // best-effort; never block requests
+    }
+    finally {
+        if (prevBrowser === undefined) {
+            delete process.env.ROUTECODEX_OAUTH_BROWSER;
+        }
+        else {
+            process.env.ROUTECODEX_OAUTH_BROWSER = prevBrowser;
+        }
+        if (prevAutoMode === undefined) {
+            delete process.env.ROUTECODEX_CAMOUFOX_AUTO_MODE;
+        }
+        else {
+            process.env.ROUTECODEX_CAMOUFOX_AUTO_MODE = prevAutoMode;
+        }
+        if (prevDevMode === undefined) {
+            delete process.env.ROUTECODEX_CAMOUFOX_DEV_MODE;
+        }
+        else {
+            process.env.ROUTECODEX_CAMOUFOX_DEV_MODE = prevDevMode;
+        }
+        if (prevOpenOnly === undefined) {
+            delete process.env.ROUTECODEX_CAMOUFOX_OPEN_ONLY;
+        }
+        else {
+            process.env.ROUTECODEX_CAMOUFOX_OPEN_ONLY = prevOpenOnly;
+        }
+    }
+}
+//# sourceMappingURL=camoufox-helper.js.map

package/dist/providers/auth/oauth-utils/camoufox-helper.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"camoufox-helper.js","sourceRoot":"","sources":["../../../../src/providers/auth/oauth-utils/camoufox-helper.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,MAAM,wCAAwC,CAAC;AAM5E;;GAEG;AACH,MAAM,UAAU,2BAA2B,CAAC,YAAoB,EAAE,IAAuB;IACvF,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC5E,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/E,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3C,MAAM,EAAE,GAAG,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3D,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC;QACf,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,+BAA+B,EAAE,GAAG,CAAC,CAAC;QAClE,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACzB,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACnD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uCAAuC,CAAC,IAI7D;IACC,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;IACvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;IACrB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO;IACT,CAAC;IACD,MAAM,KAAK,GAAG,2BAA2B,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IAEnE,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC;IACzD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IAC/D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;IAC7D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IAE/D,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,UAAU,CAAC;IAClD,OAAO,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,GAAG,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,6BAA6B,GAAG,GAAG,CAAC;IAChD,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5E,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,IAAI,CAAC,oEAAoE,YAAY,UAAU,KAAK,IAAI,CAAC,CAAC;QACpH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,oCAAoC;IACtC,CAAC;YAAS,CAAC;QACT,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC;QAC9C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,WAAW,CAAC;QACrD,CAAC;QACD,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,6BAA6B,GAAG,YAAY,CAAC;QAC3D,CAAC;QACD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;QAClD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,WAAW,CAAC;QACzD,CAAC;QACD,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,6BAA6B,GAAG,YAAY,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/providers/auth/oauth-utils/error-extraction.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Error Extraction Utilities
+ *
+ * Extracts status codes and verification URLs from OAuth errors.
+ */
+/**
+ * Extract HTTP status code from error object
+ */
+export declare function extractStatusCode(upstreamError: unknown): number | undefined;
+/**
+ * Check if message indicates Google account verification required
+ */
+export declare function isGoogleAccountVerificationRequiredMessage(lower: string): boolean;
+/**
+ * Extract Google account verification URL from error message
+ */
+export declare function extractGoogleAccountVerificationUrl(message: string): string | null;

package/dist/providers/auth/oauth-utils/error-extraction.js ADDED Viewed

@@ -0,0 +1,80 @@
+/**
+ * Error Extraction Utilities
+ *
+ * Extracts status codes and verification URLs from OAuth errors.
+ */
+/**
+ * Extract HTTP status code from error object
+ */
+export function extractStatusCode(upstreamError) {
+    if (!upstreamError || typeof upstreamError !== 'object') {
+        return undefined;
+    }
+    const anyErr = upstreamError;
+    const direct = anyErr.statusCode;
+    if (typeof direct === 'number' && Number.isFinite(direct)) {
+        return direct;
+    }
+    const status = anyErr.status;
+    if (typeof status === 'number' && Number.isFinite(status)) {
+        return status;
+    }
+    const response = anyErr.response;
+    if (response && typeof response === 'object') {
+        const respStatus = response.status;
+        if (typeof respStatus === 'number' && Number.isFinite(respStatus)) {
+            return respStatus;
+        }
+        const respStatusCode = response.statusCode;
+        if (typeof respStatusCode === 'number' && Number.isFinite(respStatusCode)) {
+            return respStatusCode;
+        }
+    }
+    return undefined;
+}
+/**
+ * Check if message indicates Google account verification required
+ */
+export function isGoogleAccountVerificationRequiredMessage(lower) {
+    if (!lower) {
+        return false;
+    }
+    return (lower.includes('verify your account') ||
+        lower.includes('validation_required') ||
+        lower.includes('validation required') ||
+        lower.includes('validation_url') ||
+        lower.includes('validation url') ||
+        lower.includes('accounts.google.com/signin/continue') ||
+        lower.includes('support.google.com/accounts?p=al_alert'));
+}
+/**
+ * Extract Google account verification URL from error message
+ */
+export function extractGoogleAccountVerificationUrl(message) {
+    const msg = typeof message === 'string' ? message : '';
+    if (!msg) {
+        return null;
+    }
+    const normalized = msg
+        .replace(/\\\//g, '/')
+        .replace(/\\u0026/gi, '&')
+        .replace(/\\u003d/gi, '=')
+        .replace(/\\x26/gi, '&')
+        .replace(/\\x3d/gi, '=');
+    const patterns = [
+        /https:\/\/accounts\.google\.com\/signin\/continue[^\s"'\\<>)]*/i,
+        /https:\/\/accounts\.google\.com\/[^\s"'\\<>)]*/i,
+        /https:\/\/support\.google\.com\/accounts\?p=al_alert[^\s"'\\<>)]*/i
+    ];
+    for (const re of patterns) {
+        const m = normalized.match(re);
+        if (m && m[0]) {
+            const url = String(m[0]).trim().replace(/[\\"']+$/g, '').replace(/[),.]+$/g, '');
+            if (url) {
+                return url;
+            }
+        }
+    }
+    return null;
+}
+//# sourceMappingURL=error-extraction.js.map

package/dist/providers/auth/oauth-utils/error-extraction.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"error-extraction.js","sourceRoot":"","sources":["../../../../src/providers/auth/oauth-utils/error-extraction.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,aAAsB;IACtD,IAAI,CAAC,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;QACxD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,MAAM,GAAG,aAAoB,CAAC;IACpC,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC;IACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1D,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;IAC7B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1D,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IACjC,IAAI,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC7C,MAAM,UAAU,GAAI,QAAgB,CAAC,MAAM,CAAC;QAC5C,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAClE,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,MAAM,cAAc,GAAI,QAAgB,CAAC,UAAU,CAAC;QACpD,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YAC1E,OAAO,cAAc,CAAC;QACxB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0CAA0C,CAAC,KAAa;IACtE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,CACL,KAAK,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QACrC,KAAK,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QACrC,KAAK,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QACrC,KAAK,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QAChC,KAAK,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QAChC,KAAK,CAAC,QAAQ,CAAC,qCAAqC,CAAC;QACrD,KAAK,CAAC,QAAQ,CAAC,wCAAwC,CAAC,CACzD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mCAAmC,CAAC,OAAe;IACjE,MAAM,GAAG,GAAG,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;IACvD,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,UAAU,GAAG,GAAG;SACnB,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC;SACrB,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC;SACzB,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC;SACzB,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC;SACvB,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;IAC3B,MAAM,QAAQ,GAAa;QACzB,iEAAiE;QACjE,iDAAiD;QACjD,oEAAoE;KACrE,CAAC;IACF,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1B,MAAM,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACd,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;YACjF,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,GAAG,CAAC;YACb,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/providers/auth/oauth-utils/index.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * OAuth Utils Index
+ *
+ * Barrel exports for OAuth utility modules.
+ */
+export { extractStatusCode, isGoogleAccountVerificationRequiredMessage, extractGoogleAccountVerificationUrl } from './error-extraction.js';
+export { resolveCamoufoxAliasForAuth, openGoogleAccountVerificationInCamoufox } from './camoufox-helper.js';

package/dist/providers/auth/oauth-utils/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * OAuth Utils Index
+ *
+ * Barrel exports for OAuth utility modules.
+ */
+export { extractStatusCode, isGoogleAccountVerificationRequiredMessage, extractGoogleAccountVerificationUrl } from './error-extraction.js';
+export { resolveCamoufoxAliasForAuth, openGoogleAccountVerificationInCamoufox } from './camoufox-helper.js';
+//# sourceMappingURL=index.js.map

package/dist/providers/auth/oauth-utils/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/providers/auth/oauth-utils/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,iBAAiB,EACjB,0CAA0C,EAC1C,mCAAmC,EACpC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,2BAA2B,EAC3B,uCAAuC,EACxC,MAAM,sBAAsB,CAAC"}

package/dist/providers/auth/token-refresh/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * Token Refresh Index
+ *
+ * Barrel exports for token refresh modules.
+ */
+export { type TokenState, evaluateTokenState } from './token-state.js';

package/dist/providers/auth/token-refresh/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Token Refresh Index
+ *
+ * Barrel exports for token refresh modules.
+ */
+export { evaluateTokenState } from './token-state.js';
+//# sourceMappingURL=index.js.map

package/dist/providers/auth/token-refresh/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/providers/auth/token-refresh/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAEL,kBAAkB,EACnB,MAAM,kBAAkB,CAAC"}

package/dist/providers/auth/token-refresh/token-state.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Token State Evaluator
+ *
+ * Evaluates token validity and expiry state for different providers.
+ */
+import type { StoredOAuthToken } from '../oauth-token-utils.js';
+export interface TokenState {
+    hasApiKey: boolean;
+    hasAccess: boolean;
+    expiresAt: number | null;
+    isExpiredOrNear: boolean;
+    validAccess: boolean;
+}
+/**
+ * Evaluate token state for provider-specific validation
+ */
+export declare function evaluateTokenState(token: StoredOAuthToken | null, providerType: string): TokenState;

package/dist/providers/auth/token-refresh/token-state.js ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * Token State Evaluator
+ *
+ * Evaluates token validity and expiry state for different providers.
+ */
+import { hasApiKeyField, hasAccessToken, hasStableQwenApiKey, getExpiresAt } from '../oauth-token-utils.js';
+const TOKEN_REFRESH_SKEW_MS = 60_000;
+/**
+ * Evaluate token state for provider-specific validation
+ */
+export function evaluateTokenState(token, providerType) {
+    const hasApiKey = hasApiKeyField(token);
+    const hasAccess = hasAccessToken(token);
+    const expiresAt = getExpiresAt(token);
+    const isExpiredOrNear = expiresAt !== null && Date.now() >= (expiresAt - TOKEN_REFRESH_SKEW_MS);
+    let validAccess;
+    const pt = providerType.toLowerCase();
+    if (pt === 'iflow') {
+        validAccess = !isExpiredOrNear && hasAccess;
+    }
+    else if (pt === 'qwen') {
+        // Qwen: when stable api_key is obtained, skip refresh/reauth; otherwise rely on access_token expiry
+        validAccess = hasStableQwenApiKey(token) || (!isExpiredOrNear && hasAccess);
+    }
+    else {
+        validAccess = !isExpiredOrNear && hasAccess;
+    }
+    return { hasApiKey, hasAccess, expiresAt, isExpiredOrNear, validAccess };
+}
+//# sourceMappingURL=token-state.js.map

package/dist/providers/auth/token-refresh/token-state.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-state.js","sourceRoot":"","sources":["../../../../src/providers/auth/token-refresh/token-state.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAE5G,MAAM,qBAAqB,GAAG,MAAM,CAAC;AAUrC;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,KAA8B,EAAE,YAAoB;IACrF,MAAM,SAAS,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,eAAe,GAAG,SAAS,KAAK,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,GAAG,qBAAqB,CAAC,CAAC;IAChG,IAAI,WAAoB,CAAC;IAEzB,MAAM,EAAE,GAAG,YAAY,CAAC,WAAW,EAAE,CAAC;IACtC,IAAI,EAAE,KAAK,OAAO,EAAE,CAAC;QACnB,WAAW,GAAG,CAAC,eAAe,IAAI,SAAS,CAAC;IAC9C,CAAC;SAAM,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;QACzB,oGAAoG;QACpG,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,eAAe,IAAI,SAAS,CAAC,CAAC;IAC9E,CAAC;SAAM,CAAC;QACN,WAAW,GAAG,CAAC,eAAe,IAAI,SAAS,CAAC;IAC9C,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,eAAe,EAAE,WAAW,EAAE,CAAC;AAC3E,CAAC"}

package/dist/providers/auth/token-storage/index.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Token Storage Index
+ *
+ * Barrel exports for token storage modules.
+ */
+export { isGeminiCliFamily, resolveTokenFilePath } from './token-file-resolver.js';
+export { readTokenFromFile, backupTokenFile, restoreTokenFileFromBackup, discardBackupFile } from './token-persistence.js';

package/dist/providers/auth/token-storage/index.js ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * Token Storage Index
+ *
+ * Barrel exports for token storage modules.
+ */
+export { isGeminiCliFamily, resolveTokenFilePath } from './token-file-resolver.js';
+export { readTokenFromFile, backupTokenFile, restoreTokenFileFromBackup, discardBackupFile } from './token-persistence.js';
+//# sourceMappingURL=index.js.map

package/dist/providers/auth/token-storage/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/providers/auth/token-storage/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,0BAA0B,EAC1B,iBAAiB,EAClB,MAAM,wBAAwB,CAAC"}

package/dist/providers/auth/token-storage/token-file-resolver.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Token File Resolver
+ *
+ * Resolves token file paths for OAuth providers.
+ */
+export declare function isGeminiCliFamily(providerType: string): boolean;
+/**
+ * Resolve token file path from auth configuration
+ */
+export declare function resolveTokenFilePath(auth: {
+    tokenFile?: string;
+}, providerType: string): string;

package/dist/providers/auth/token-storage/token-file-resolver.js ADDED Viewed

@@ -0,0 +1,117 @@
+/**
+ * Token File Resolver
+ *
+ * Resolves token file paths for OAuth providers.
+ */
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+import { parseTokenSequenceFromPath } from '../token-scanner/index.js';
+const GEMINI_CLI_PROVIDER_IDS = new Set(['gemini-cli', 'antigravity']);
+export function isGeminiCliFamily(providerType) {
+    return GEMINI_CLI_PROVIDER_IDS.has(providerType.toLowerCase());
+}
+/**
+ * Expand ~ to home directory
+ */
+function expandHome(p) {
+    return p.startsWith('~/') ? p.replace(/^~/, `${process.env.HOME || ''}/`) : p;
+}
+/**
+ * Get default token file path for provider type
+ */
+function defaultTokenFile(providerType) {
+    const home = process.env.HOME || '';
+    if (providerType === 'iflow') {
+        return path.join(home, '.routecodex', 'auth', 'iflow-oauth-1-default.json');
+    }
+    if (providerType === 'qwen') {
+        // Align with TokenFileAuthProvider + token-daemon defaults:
+        // keep a stable, well-known Qwen token file for alias="default".
+        return path.join(home, '.routecodex', 'auth', 'qwen-oauth-1-default.json');
+    }
+    if (isGeminiCliFamily(providerType)) {
+        const file = providerType.toLowerCase() === 'antigravity'
+            ? 'antigravity-oauth.json'
+            : 'gemini-oauth.json';
+        return path.join(home, '.routecodex', 'auth', file);
+    }
+    return path.join(home, '.routecodex', 'tokens', `${providerType}-default.json`);
+}
+/**
+ * Resolve token file path from auth configuration
+ */
+export function resolveTokenFilePath(auth, providerType) {
+    const raw = typeof auth.tokenFile === 'string' ? auth.tokenFile.trim() : '';
+    // No configuration: use provider default token file (single-token scenario)
+    if (!raw) {
+        const fallback = defaultTokenFile(providerType);
+        auth.tokenFile = fallback;
+        return fallback;
+    }
+    // Explicit path (contains path separator or .json), expand ~ and return
+    if (raw.includes('/') || raw.includes('\\') || raw.endsWith('.json')) {
+        const resolved = expandHome(raw);
+        auth.tokenFile = resolved;
+        return resolved;
+    }
+    // Pure alias: search under ~/.routecodex/auth for <provider>-oauth-*-<alias>.json (sync version)
+    const alias = raw;
+    const homeDir = process.env.HOME || os.homedir();
+    const authDir = path.join(homeDir, '.routecodex', 'auth');
+    const pattern = new RegExp(`^${providerType}-oauth-(\\d+)(?:-(.+))?\\.json$`, 'i');
+    const pt = providerType.toLowerCase();
+    // Qwen: keep a stable "default" file name whenever possible.
+    if (pt === 'qwen' && alias === 'default') {
+        const pinned = path.join(authDir, 'qwen-oauth-1-default.json');
+        try {
+            if (fs.existsSync(pinned)) {
+                auth.tokenFile = pinned;
+                return pinned;
+            }
+        }
+        catch {
+            // ignore and fall back to scanning
+        }
+    }
+    let existingPath = null;
+    let bestSeqForAlias = 0;
+    let maxSeq = 0;
+    try {
+        const entries = fs.readdirSync(authDir);
+        for (const entry of entries) {
+            const match = entry.match(pattern);
+            if (!match) {
+                continue;
+            }
+            const seq = parseInt(match[1], 10);
+            if (!Number.isFinite(seq) || seq <= 0) {
+                continue;
+            }
+            const entryAlias = (match[2] || 'default');
+            if (entryAlias === alias && seq >= bestSeqForAlias) {
+                bestSeqForAlias = seq;
+                existingPath = path.join(authDir, entry);
+            }
+            if (seq > maxSeq) {
+                maxSeq = seq;
+            }
+        }
+    }
+    catch {
+        // ignore directory errors; treat as no existing tokens
+    }
+    if (existingPath) {
+        auth.tokenFile = existingPath;
+        return existingPath;
+    }
+    // When we don't have any existing token for this alias:
+    // - Qwen default alias should always map to seq=1 for stability.
+    // - Otherwise, allocate next seq to avoid collisions.
+    const nextSeq = (pt === 'qwen' && alias === 'default') ? 1 : (maxSeq + 1);
+    const fileName = `${providerType}-oauth-${nextSeq}-${alias}.json`;
+    const fullPath = path.join(authDir, fileName);
+    auth.tokenFile = fullPath;
+    return fullPath;
+}
+//# sourceMappingURL=token-file-resolver.js.map

package/dist/providers/auth/token-storage/token-file-resolver.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-file-resolver.js","sourceRoot":"","sources":["../../../../src/providers/auth/token-storage/token-file-resolver.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,0BAA0B,EAAE,MAAM,2BAA2B,CAAC;AAEvE,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC,CAAC;AAEvE,MAAM,UAAU,iBAAiB,CAAC,YAAoB;IACpD,OAAO,uBAAuB,CAAC,GAAG,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC,CAAC;AACjE,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAChF,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,YAAoB;IAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IACpC,IAAI,YAAY,KAAK,OAAO,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,4BAA4B,CAAC,CAAC;IAC9E,CAAC;IACD,IAAI,YAAY,KAAK,MAAM,EAAE,CAAC;QAC5B,4DAA4D;QAC5D,iEAAiE;QACjE,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,2BAA2B,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,iBAAiB,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,GAAG,YAAY,CAAC,WAAW,EAAE,KAAK,aAAa;YACvD,CAAC,CAAC,wBAAwB;YAC1B,CAAC,CAAC,mBAAmB,CAAC;QACxB,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,GAAG,YAAY,eAAe,CAAC,CAAC;AAClF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAClC,IAA4B,EAC5B,YAAoB;IAEpB,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAE5E,4EAA4E;IAC5E,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,QAAQ,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;QAC/C,IAAY,CAAC,SAAS,GAAG,QAAQ,CAAC;QACnC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,wEAAwE;IACxE,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACrE,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAChC,IAAY,CAAC,SAAS,GAAG,QAAQ,CAAC;QACnC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,iGAAiG;IACjG,MAAM,KAAK,GAAG,GAAG,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;IACjD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,IAAI,YAAY,iCAAiC,EAAE,GAAG,CAAC,CAAC;IAEnF,MAAM,EAAE,GAAG,YAAY,CAAC,WAAW,EAAE,CAAC;IACtC,6DAA6D;IAC7D,IAAI,EAAE,KAAK,MAAM,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,2BAA2B,CAAC,CAAC;QAC/D,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzB,IAAY,CAAC,SAAS,GAAG,MAAM,CAAC;gBACjC,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;IACH,CAAC;IAED,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,SAAS;YACX,CAAC;YACD,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;gBACtC,SAAS;YACX,CAAC;YACD,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC;YAC3C,IAAI,UAAU,KAAK,KAAK,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;gBACnD,eAAe,GAAG,GAAG,CAAC;gBACtB,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,GAAG,GAAG,MAAM,EAAE,CAAC;gBACjB,MAAM,GAAG,GAAG,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,uDAAuD;IACzD,CAAC;IAED,IAAI,YAAY,EAAE,CAAC;QAChB,IAAY,CAAC,SAAS,GAAG,YAAY,CAAC;QACvC,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,wDAAwD;IACxD,iEAAiE;IACjE,sDAAsD;IACtD,MAAM,OAAO,GAAG,CAAC,EAAE,KAAK,MAAM,IAAI,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC1E,MAAM,QAAQ,GAAG,GAAG,YAAY,UAAU,OAAO,IAAI,KAAK,OAAO,CAAC;IAClE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC7C,IAAY,CAAC,SAAS,GAAG,QAAQ,CAAC;IACnC,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/providers/auth/token-storage/token-persistence.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Token Persistence
+ *
+ * Handles reading, writing, and backup of token files.
+ */
+import { type StoredOAuthToken } from '../oauth-token-utils.js';
+/**
+ * Read and parse token from file
+ */
+export declare function readTokenFromFile(file: string): Promise<StoredOAuthToken | null>;
+/**
+ * Backup token file before modification
+ */
+export declare function backupTokenFile(file: string): Promise<string | null>;
+/**
+ * Restore token from backup
+ */
+export declare function restoreTokenFileFromBackup(backupFile: string | null, target: string): Promise<void>;
+/**
+ * Discard backup file
+ */
+export declare function discardBackupFile(backupFile: string | null): Promise<void>;

package/dist/providers/auth/token-storage/token-persistence.js ADDED Viewed

@@ -0,0 +1,86 @@
+/**
+ * Token Persistence
+ *
+ * Handles reading, writing, and backup of token files.
+ */
+import fs from 'fs/promises';
+import { sanitizeToken } from '../oauth-token-utils.js';
+import { logOAuthDebug } from '../oauth-logger.js';
+/**
+ * Read and parse token from file
+ */
+export async function readTokenFromFile(file) {
+    try {
+        const txt = await fs.readFile(file, 'utf-8');
+        return sanitizeToken(JSON.parse(txt));
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Backup token file before modification
+ */
+export async function backupTokenFile(file) {
+    if (!file) {
+        return null;
+    }
+    try {
+        await fs.access(file);
+    }
+    catch (error) {
+        const code = error?.code;
+        if (code === 'ENOENT') {
+            return null;
+        }
+        throw error;
+    }
+    const backup = `${file}.${Date.now()}.bak`;
+    try {
+        await fs.copyFile(file, backup);
+        logOAuthDebug(`[OAuth] token.backup: ${backup}`);
+        return backup;
+    }
+    catch (error) {
+        logOAuthDebug(`[OAuth] token.backup failed (${file}): ${error instanceof Error ? error.message : String(error)}`);
+        return null;
+    }
+}
+/**
+ * Restore token from backup
+ */
+export async function restoreTokenFileFromBackup(backupFile, target) {
+    if (!backupFile) {
+        return;
+    }
+    try {
+        await fs.copyFile(backupFile, target);
+        logOAuthDebug(`[OAuth] token.restore: ${target}`);
+    }
+    catch (error) {
+        logOAuthDebug(`[OAuth] token.restore failed (${target}): ${error instanceof Error ? error.message : String(error)}`);
+    }
+    finally {
+        try {
+            await fs.unlink(backupFile);
+        }
+        catch {
+            // ignore cleanup failure
+        }
+    }
+}
+/**
+ * Discard backup file
+ */
+export async function discardBackupFile(backupFile) {
+    if (!backupFile) {
+        return;
+    }
+    try {
+        await fs.unlink(backupFile);
+    }
+    catch {
+        // ignore
+    }
+}
+//# sourceMappingURL=token-persistence.js.map

package/dist/providers/auth/token-storage/token-persistence.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-persistence.js","sourceRoot":"","sources":["../../../../src/providers/auth/token-storage/token-persistence.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,aAAa,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAyB,MAAM,yBAAyB,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAY;IAClD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC7C,OAAO,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAkB,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAY;IAChD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACxB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,GAAI,KAAkC,EAAE,IAAI,CAAC;QACvD,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;IACD,MAAM,MAAM,GAAG,GAAG,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC;IAC3C,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAChC,aAAa,CAAC,yBAAyB,MAAM,EAAE,CAAC,CAAC;QACjD,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,aAAa,CACX,gCAAgC,IAAI,MAAM,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACnG,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAAC,UAAyB,EAAE,MAAc;IACxF,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QACtC,aAAa,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,aAAa,CACX,iCAAiC,MAAM,MAAM,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACtG,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;QAC3B,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,UAAyB;IAC/D,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,SAAS;IACX,CAAC;AACH,CAAC"}

package/dist/providers/auth/tokenfile-auth.js CHANGED Viewed

@@ -195,6 +195,8 @@ export class TokenFileAuthProvider {
     }
     ensureTokenFileExists(candidatePath) {
         const filePath = this.expandHome(candidatePath);
+        // Create the placeholder token file eagerly so initialize() can deterministically
+        // observe the configured path in the same call stack.
         try {
             if (!fs.existsSync(filePath)) {
                 fs.mkdirSync(path.dirname(filePath), { recursive: true });
@@ -254,16 +256,17 @@ export class TokenFileAuthProvider {
         }
         const providerId = this.getConfiguredProviderId();
         if (providerId === 'iflow') {
-            // iFlow CLI stores an already-usable API key in ~/.iflow/settings.json (field: apiKey).
-            // Prefer it and DO NOT fall back to access_token-only files (iFlow business calls require apiKey).
-            const home = process.env.HOME || '';
-            const settings = this.pickTokenFileIfItContainsApiKey(path.join(home, '.iflow', 'settings.json'));
-            if (settings) {
-                return settings;
+            // RouteCodex iFlow auth only accepts RouteCodex-managed OAuth files.
+            const latest = pickLatestTokenFile({ providerPrefix: 'iflow' });
+            if (latest) {
+                const latestWithApiKey = this.pickTokenFileIfItContainsApiKey(latest);
+                if (latestWithApiKey) {
+                    return latestWithApiKey;
+                }
             }
-            const creds = this.pickTokenFileIfItContainsApiKey(path.join(home, '.iflow', 'oauth_creds.json'));
-            if (creds) {
-                return creds;
+            const pinned = this.pickTokenFileIfItContainsApiKey(path.join(resolveAuthDir(), 'iflow-oauth-1-default.json'));
+            if (pinned) {
+                return pinned;
             }
             return null;
         }