@kervnet/opencode-kiro-auth 1.5.1

package/dist/plugin/config/loader.js

@@ -0,0 +1,129 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { dirname, join } from 'node:path';
+import * as logger from '../logger';
+import { AccountSelectionStrategySchema, DEFAULT_CONFIG, KiroConfigSchema, RegionSchema } from './schema';
+function getConfigDir() {
+    const platform = process.platform;
+    if (platform === 'win32') {
+        return join(process.env.APPDATA || join(homedir(), 'AppData', 'Roaming'), 'opencode');
+    }
+    const xdgConfig = process.env.XDG_CONFIG_HOME || join(homedir(), '.config');
+    return join(xdgConfig, 'opencode');
+}
+export function getUserConfigPath() {
+    return join(getConfigDir(), 'kiro.json');
+}
+function ensureUserConfigTemplate() {
+    const path = getUserConfigPath();
+    if (!existsSync(path)) {
+        try {
+            mkdirSync(dirname(path), { recursive: true });
+            writeFileSync(path, JSON.stringify(DEFAULT_CONFIG, null, 2), 'utf-8');
+            logger.log(`Created default config template at ${path}`);
+        }
+        catch (error) {
+            logger.warn(`Failed to create config template at ${path}: ${String(error)}`);
+        }
+    }
+}
+export function getProjectConfigPath(directory) {
+    return join(directory, '.opencode', 'kiro.json');
+}
+function loadConfigFile(path) {
+    try {
+        if (!existsSync(path)) {
+            return null;
+        }
+        const content = readFileSync(path, 'utf-8');
+        const rawConfig = JSON.parse(content);
+        const result = KiroConfigSchema.partial().safeParse(rawConfig);
+        if (!result.success) {
+            const issues = result.error.issues.map((i) => `${i.path.join('.')}: ${i.message}`).join(', ');
+            logger.warn(`Config validation error at ${path}: ${issues}`);
+            return null;
+        }
+        return result.data;
+    }
+    catch (error) {
+        if (error instanceof SyntaxError) {
+            logger.warn(`Invalid JSON in config file ${path}: ${error.message}`);
+        }
+        else {
+            logger.warn(`Failed to load config file ${path}: ${String(error)}`);
+        }
+        return null;
+    }
+}
+function mergeConfigs(base, override) {
+    return {
+        ...base,
+        ...override
+    };
+}
+function parseBooleanEnv(value, fallback) {
+    if (value === undefined) {
+        return fallback;
+    }
+    if (value === '1' || value === 'true') {
+        return true;
+    }
+    if (value === '0' || value === 'false') {
+        return false;
+    }
+    return fallback;
+}
+function parseNumberEnv(value, fallback) {
+    if (value === undefined) {
+        return fallback;
+    }
+    const parsed = Number(value);
+    if (isNaN(parsed)) {
+        return fallback;
+    }
+    return parsed;
+}
+function applyEnvOverrides(config) {
+    const env = process.env;
+    return {
+        ...config,
+        account_selection_strategy: env.KIRO_ACCOUNT_SELECTION_STRATEGY
+            ? AccountSelectionStrategySchema.catch('lowest-usage').parse(env.KIRO_ACCOUNT_SELECTION_STRATEGY)
+            : config.account_selection_strategy,
+        default_region: env.KIRO_DEFAULT_REGION
+            ? RegionSchema.catch('us-east-1').parse(env.KIRO_DEFAULT_REGION)
+            : config.default_region,
+        rate_limit_retry_delay_ms: parseNumberEnv(env.KIRO_RATE_LIMIT_RETRY_DELAY_MS, config.rate_limit_retry_delay_ms),
+        rate_limit_max_retries: parseNumberEnv(env.KIRO_RATE_LIMIT_MAX_RETRIES, config.rate_limit_max_retries),
+        max_request_iterations: parseNumberEnv(env.KIRO_MAX_REQUEST_ITERATIONS, config.max_request_iterations),
+        request_timeout_ms: parseNumberEnv(env.KIRO_REQUEST_TIMEOUT_MS, config.request_timeout_ms),
+        token_expiry_buffer_ms: parseNumberEnv(env.KIRO_TOKEN_EXPIRY_BUFFER_MS, config.token_expiry_buffer_ms),
+        usage_sync_max_retries: parseNumberEnv(env.KIRO_USAGE_SYNC_MAX_RETRIES, config.usage_sync_max_retries),
+        auth_server_port_start: parseNumberEnv(env.KIRO_AUTH_SERVER_PORT_START, config.auth_server_port_start),
+        auth_server_port_range: parseNumberEnv(env.KIRO_AUTH_SERVER_PORT_RANGE, config.auth_server_port_range),
+        usage_tracking_enabled: parseBooleanEnv(env.KIRO_USAGE_TRACKING_ENABLED, config.usage_tracking_enabled),
+        enable_log_api_request: parseBooleanEnv(env.KIRO_ENABLE_LOG_API_REQUEST, config.enable_log_api_request)
+    };
+}
+export function loadConfig(directory) {
+    ensureUserConfigTemplate();
+    let config = { ...DEFAULT_CONFIG };
+    const userConfigPath = getUserConfigPath();
+    const userConfig = loadConfigFile(userConfigPath);
+    if (userConfig) {
+        config = mergeConfigs(config, userConfig);
+    }
+    const projectConfigPath = getProjectConfigPath(directory);
+    const projectConfig = loadConfigFile(projectConfigPath);
+    if (projectConfig) {
+        config = mergeConfigs(config, projectConfig);
+    }
+    config = applyEnvOverrides(config);
+    return config;
+}
+export function configExists(path) {
+    return existsSync(path);
+}
+export function getDefaultLogsDir() {
+    return join(getConfigDir(), 'kiro-logs');
+}

package/dist/plugin/config/schema.d.ts

@@ -0,0 +1,56 @@
+import { z } from 'zod';
+export declare const AccountSelectionStrategySchema: z.ZodEnum<["sticky", "round-robin", "lowest-usage"]>;
+export type AccountSelectionStrategy = z.infer<typeof AccountSelectionStrategySchema>;
+export declare const RegionSchema: z.ZodEnum<["us-east-1", "us-west-2"]>;
+export type Region = z.infer<typeof RegionSchema>;
+export declare const KiroConfigSchema: z.ZodObject<{
+    $schema: z.ZodOptional<z.ZodString>;
+    account_selection_strategy: z.ZodDefault<z.ZodEnum<["sticky", "round-robin", "lowest-usage"]>>;
+    default_region: z.ZodDefault<z.ZodEnum<["us-east-1", "us-west-2"]>>;
+    rate_limit_retry_delay_ms: z.ZodDefault<z.ZodNumber>;
+    rate_limit_max_retries: z.ZodDefault<z.ZodNumber>;
+    max_request_iterations: z.ZodDefault<z.ZodNumber>;
+    request_timeout_ms: z.ZodDefault<z.ZodNumber>;
+    token_expiry_buffer_ms: z.ZodDefault<z.ZodNumber>;
+    usage_sync_max_retries: z.ZodDefault<z.ZodNumber>;
+    auth_server_port_start: z.ZodDefault<z.ZodNumber>;
+    auth_server_port_range: z.ZodDefault<z.ZodNumber>;
+    usage_tracking_enabled: z.ZodDefault<z.ZodBoolean>;
+    auto_sync_kiro_cli: z.ZodDefault<z.ZodBoolean>;
+    auto_sync_aws_sso: z.ZodDefault<z.ZodBoolean>;
+    enable_log_api_request: z.ZodDefault<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    account_selection_strategy: "sticky" | "round-robin" | "lowest-usage";
+    default_region: "us-east-1" | "us-west-2";
+    rate_limit_retry_delay_ms: number;
+    rate_limit_max_retries: number;
+    max_request_iterations: number;
+    request_timeout_ms: number;
+    token_expiry_buffer_ms: number;
+    usage_sync_max_retries: number;
+    auth_server_port_start: number;
+    auth_server_port_range: number;
+    usage_tracking_enabled: boolean;
+    auto_sync_kiro_cli: boolean;
+    auto_sync_aws_sso: boolean;
+    enable_log_api_request: boolean;
+    $schema?: string | undefined;
+}, {
+    $schema?: string | undefined;
+    account_selection_strategy?: "sticky" | "round-robin" | "lowest-usage" | undefined;
+    default_region?: "us-east-1" | "us-west-2" | undefined;
+    rate_limit_retry_delay_ms?: number | undefined;
+    rate_limit_max_retries?: number | undefined;
+    max_request_iterations?: number | undefined;
+    request_timeout_ms?: number | undefined;
+    token_expiry_buffer_ms?: number | undefined;
+    usage_sync_max_retries?: number | undefined;
+    auth_server_port_start?: number | undefined;
+    auth_server_port_range?: number | undefined;
+    usage_tracking_enabled?: boolean | undefined;
+    auto_sync_kiro_cli?: boolean | undefined;
+    auto_sync_aws_sso?: boolean | undefined;
+    enable_log_api_request?: boolean | undefined;
+}>;
+export type KiroConfig = z.infer<typeof KiroConfigSchema>;
+export declare const DEFAULT_CONFIG: KiroConfig;

package/dist/plugin/config/schema.js

@@ -0,0 +1,36 @@
+import { z } from 'zod';
+export const AccountSelectionStrategySchema = z.enum(['sticky', 'round-robin', 'lowest-usage']);
+export const RegionSchema = z.enum(['us-east-1', 'us-west-2']);
+export const KiroConfigSchema = z.object({
+    $schema: z.string().optional(),
+    account_selection_strategy: AccountSelectionStrategySchema.default('lowest-usage'),
+    default_region: RegionSchema.default('us-east-1'),
+    rate_limit_retry_delay_ms: z.number().min(1000).max(60000).default(5000),
+    rate_limit_max_retries: z.number().min(0).max(10).default(3),
+    max_request_iterations: z.number().min(5).max(1000).default(20),
+    request_timeout_ms: z.number().min(30000).max(600000).default(120000),
+    token_expiry_buffer_ms: z.number().min(30000).max(300000).default(120000),
+    usage_sync_max_retries: z.number().min(0).max(5).default(3),
+    auth_server_port_start: z.number().min(1024).max(65535).default(19847),
+    auth_server_port_range: z.number().min(1).max(100).default(10),
+    usage_tracking_enabled: z.boolean().default(true),
+    auto_sync_kiro_cli: z.boolean().default(true),
+    auto_sync_aws_sso: z.boolean().default(true),
+    enable_log_api_request: z.boolean().default(false)
+});
+export const DEFAULT_CONFIG = {
+    account_selection_strategy: 'lowest-usage',
+    default_region: 'us-east-1',
+    rate_limit_retry_delay_ms: 5000,
+    rate_limit_max_retries: 3,
+    max_request_iterations: 20,
+    request_timeout_ms: 120000,
+    token_expiry_buffer_ms: 120000,
+    usage_sync_max_retries: 3,
+    auth_server_port_start: 19847,
+    auth_server_port_range: 10,
+    usage_tracking_enabled: true,
+    auto_sync_kiro_cli: true,
+    auto_sync_aws_sso: true,
+    enable_log_api_request: false
+};

package/dist/plugin/errors.d.ts

@@ -0,0 +1,17 @@
+export declare class KiroTokenRefreshError extends Error {
+    code?: string;
+    originalError?: Error;
+    constructor(message: string, code?: string, originalError?: Error);
+}
+export declare class KiroQuotaExhaustedError extends Error {
+    recoveryTime?: number;
+    constructor(message: string, recoveryTime?: number);
+}
+export declare class KiroRateLimitError extends Error {
+    retryAfter?: number;
+    constructor(message: string, retryAfter?: number);
+}
+export declare class KiroAuthError extends Error {
+    statusCode?: number;
+    constructor(message: string, statusCode?: number);
+}

package/dist/plugin/errors.js

@@ -0,0 +1,34 @@
+export class KiroTokenRefreshError extends Error {
+    code;
+    originalError;
+    constructor(message, code, originalError) {
+        super(message);
+        this.name = 'KiroTokenRefreshError';
+        this.code = code;
+        this.originalError = originalError;
+    }
+}
+export class KiroQuotaExhaustedError extends Error {
+    recoveryTime;
+    constructor(message, recoveryTime) {
+        super(message);
+        this.name = 'KiroQuotaExhaustedError';
+        this.recoveryTime = recoveryTime;
+    }
+}
+export class KiroRateLimitError extends Error {
+    retryAfter;
+    constructor(message, retryAfter) {
+        super(message);
+        this.name = 'KiroRateLimitError';
+        this.retryAfter = retryAfter;
+    }
+}
+export class KiroAuthError extends Error {
+    statusCode;
+    constructor(message, statusCode) {
+        super(message);
+        this.name = 'KiroAuthError';
+        this.statusCode = statusCode;
+    }
+}

package/dist/plugin/health.d.ts

@@ -0,0 +1 @@
+export declare function isPermanentError(reason?: string): boolean;

package/dist/plugin/health.js

@@ -0,0 +1,9 @@
+export function isPermanentError(reason) {
+    if (!reason)
+        return false;
+    return (reason.includes('Invalid refresh token') ||
+        reason.includes('ExpiredTokenException') ||
+        reason.includes('InvalidTokenException') ||
+        reason.includes('HTTP_401') ||
+        reason.includes('HTTP_403'));
+}

package/dist/plugin/image-handler.d.ts

@@ -0,0 +1,14 @@
+interface UnifiedImage {
+    mediaType: string;
+    data: string;
+}
+interface KiroImage {
+    format: string;
+    source: {
+        bytes: string;
+    };
+}
+export declare function extractAllImages(content: any): UnifiedImage[];
+export declare function convertImagesToKiroFormat(images: UnifiedImage[]): KiroImage[];
+export declare function extractTextFromParts(parts: any[]): string;
+export {};

package/dist/plugin/image-handler.js

@@ -0,0 +1,64 @@
+function extractImagesFromAnthropicFormat(content) {
+    const images = [];
+    for (const item of content) {
+        if (item.type === 'image' && item.source?.type === 'base64') {
+            images.push({
+                mediaType: item.source.media_type || 'image/jpeg',
+                data: item.source.data
+            });
+        }
+    }
+    return images;
+}
+function extractImagesFromOpenAI(content) {
+    const images = [];
+    for (const item of content) {
+        if (item.type === 'image_url' && item.image_url?.url) {
+            const url = item.image_url.url;
+            if (url.startsWith('data:')) {
+                try {
+                    const [header, data] = url.split(',', 2);
+                    if (!data)
+                        continue;
+                    const mediaType = header.split(';')[0].replace('data:', '');
+                    images.push({
+                        mediaType: mediaType || 'image/jpeg',
+                        data: data
+                    });
+                }
+                catch (e) {
+                    continue;
+                }
+            }
+        }
+    }
+    return images;
+}
+export function extractAllImages(content) {
+    if (!Array.isArray(content))
+        return [];
+    return [...extractImagesFromAnthropicFormat(content), ...extractImagesFromOpenAI(content)];
+}
+export function convertImagesToKiroFormat(images) {
+    return images.map((img) => {
+        const format = img.mediaType.split('/')[1] || 'png';
+        return {
+            format,
+            source: {
+                bytes: img.data
+            }
+        };
+    });
+}
+export function extractTextFromParts(parts) {
+    const textParts = [];
+    for (const part of parts) {
+        if (part.text && typeof part.text === 'string') {
+            textParts.push(part.text);
+        }
+        else if (part.type === 'text' && part.text) {
+            textParts.push(part.text);
+        }
+    }
+    return textParts.join('');
+}

package/dist/plugin/logger.d.ts

@@ -0,0 +1,8 @@
+export declare function log(message: string, ...args: unknown[]): void;
+export declare function error(message: string, ...args: unknown[]): void;
+export declare function warn(message: string, ...args: unknown[]): void;
+export declare function debug(message: string, ...args: unknown[]): void;
+export declare function logApiRequest(data: any, timestamp: string): void;
+export declare function logApiResponse(data: any, timestamp: string): void;
+export declare function logApiError(requestData: any, responseData: any, timestamp: string): void;
+export declare function getTimestamp(): string;

package/dist/plugin/logger.js

@@ -0,0 +1,63 @@
+import { appendFileSync, mkdirSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+const getLogDir = () => {
+    const platform = process.platform;
+    const base = platform === 'win32'
+        ? join(process.env.APPDATA || join(homedir(), 'AppData', 'Roaming'), 'opencode')
+        : join(process.env.XDG_CONFIG_HOME || join(homedir(), '.config'), 'opencode');
+    return join(base, 'kiro-logs');
+};
+const writeToFile = (level, message, ...args) => {
+    try {
+        const dir = getLogDir();
+        mkdirSync(dir, { recursive: true });
+        const path = join(dir, 'plugin.log');
+        const timestamp = new Date().toISOString();
+        const content = `[${timestamp}] ${level}: ${message} ${args.map((a) => (typeof a === 'object' ? JSON.stringify(a) : String(a))).join(' ')}\n`;
+        appendFileSync(path, content);
+    }
+    catch (e) { }
+};
+const writeApiLog = (type, data, timestamp, isError = false) => {
+    try {
+        const dir = getLogDir();
+        mkdirSync(dir, { recursive: true });
+        const prefix = isError ? 'error_' : '';
+        const filename = `${prefix}${timestamp}_${type}.json`;
+        const path = join(dir, filename);
+        const content = JSON.stringify(data, null, 2);
+        writeFileSync(path, content);
+    }
+    catch (e) { }
+};
+export function log(message, ...args) {
+    writeToFile('INFO', message, ...args);
+}
+export function error(message, ...args) {
+    writeToFile('ERROR', message, ...args);
+}
+export function warn(message, ...args) {
+    writeToFile('WARN', message, ...args);
+}
+export function debug(message, ...args) {
+    if (process.env.DEBUG) {
+        writeToFile('DEBUG', message, ...args);
+    }
+}
+export function logApiRequest(data, timestamp) {
+    writeApiLog('request', data, timestamp);
+}
+export function logApiResponse(data, timestamp) {
+    writeApiLog('response', data, timestamp);
+}
+export function logApiError(requestData, responseData, timestamp) {
+    writeApiLog('request', requestData, timestamp, true);
+    writeApiLog('response', responseData, timestamp, true);
+    const errorType = responseData.status ? `HTTP ${responseData.status}` : 'Network Error';
+    const email = requestData.email || 'unknown';
+    error(`${errorType} on ${email} - See error_${timestamp}_request.json`);
+}
+export function getTimestamp() {
+    return new Date().toISOString().replace(/[:.]/g, '-');
+}

package/dist/plugin/models.d.ts

@@ -0,0 +1 @@
+export declare function resolveKiroModel(model: string): string;

package/dist/plugin/models.js

@@ -0,0 +1,8 @@
+import { MODEL_MAPPING, SUPPORTED_MODELS } from '../constants';
+export function resolveKiroModel(model) {
+    const resolved = MODEL_MAPPING[model];
+    if (!resolved) {
+        throw new Error(`Unsupported model: ${model}. Supported models: ${SUPPORTED_MODELS.join(', ')}`);
+    }
+    return resolved;
+}

package/dist/plugin/request.d.ts

@@ -0,0 +1,2 @@
+import type { KiroAuthDetails, PreparedRequest } from './types';
+export declare function transformToCodeWhisperer(url: string, body: any, model: string, auth: KiroAuthDetails, think?: boolean, budget?: number, reductionFactor?: number): PreparedRequest;