@melodyoftears/opencode-qwen-auth 1.3.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 melodyoftears
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,194 @@
+# 🤖 Qwen Code OAuth Plugin for OpenCode
+
+![npm version](https://img.shields.io/npm/v/%40melodyoftears%2Fopencode-qwen-auth)
+![License](https://img.shields.io/github/license/1579364808/opencode-qwen-auth)
+![GitHub stars](https://img.shields.io/github/stars/1579364808/opencode-qwen-auth)
+
+<p align="center">
+  <img src="assets/screenshot.png" alt="OpenCode with Qwen Code" width="800">
+</p>
+
+**Authenticate OpenCode CLI with your qwen.ai account.** This plugin enables you to use Qwen OAuth models (`coder-model` and `vision-model`) with **2,000 free requests per day** - no API key or credit card required!
+
+[🇨🇳 中文文档](./README.zh-CN.md)
+
+## ✨ Features
+
+- 🔐 **OAuth Device Flow** - Secure browser-based authentication (RFC 8628)
+- ⚡ **Automatic Polling** - No need to press Enter after authorizing
+- 🆓 **2,000 req/day free** - Generous free tier with no credit card
+- 🧠 **1M context window** - Models with 1 million token context
+- 🔄 **Auto-refresh** - Tokens renewed automatically before expiration
+- 🔗 **qwen-code compatible** - Reuses credentials from `~/.qwen/oauth_creds.json`
+
+## 📋 Prerequisites
+
+- [OpenCode CLI](https://opencode.ai) installed
+- A [qwen.ai](https://chat.qwen.ai) account (free to create)
+
+## 🚀 Installation
+
+### 1. Install the plugin
+
+```bash
+cd ~/.opencode && npm install @melodyoftears/opencode-qwen-auth
+```
+
+### 2. Enable the plugin
+
+Edit `~/.opencode/opencode.jsonc`:
+
+```json
+{
+  "plugin": ["@melodyoftears/opencode-qwen-auth"]
+}
+```
+
+## 🔑 Usage
+
+### 1. Login
+
+```bash
+opencode auth login
+```
+
+### 2. Select Provider
+
+Choose **"Other"** and type `qwen-code`
+
+### 3. Authenticate
+
+Select **"Qwen Code (qwen.ai OAuth)"**
+
+- A browser window will open for you to authorize
+- The plugin automatically detects when you complete authorization
+- No need to copy/paste codes or press Enter!
+
+> [!TIP]
+> In the OpenCode TUI (graphical interface), the **Qwen Code** provider appears automatically in the provider list.
+
+## 🎯 Available Models
+
+| Model | ID | Input | Output | Context | Max Output | Cost |
+|-------|----|-------|--------|---------|------------|------|
+| Qwen Coder (Qwen 3.5 Plus) | `coder-model` | text | text | 1M tokens | 65,536 tokens | Free |
+| Qwen VL Plus (Vision) | `vision-model` | text, image | text | 128K tokens | 8,192 tokens | Free |
+
+### Using a specific model
+
+```bash
+opencode --provider qwen-code --model coder-model
+opencode --provider qwen-code --model vision-model
+```
+
+## ⚙️ How It Works
+
+```
+┌─────────────────┐     ┌──────────────────┐     ┌─────────────────┐
+│   OpenCode CLI  │────▶│  qwen.ai OAuth   │────▶│  Qwen Models    │
+│                 │◀────│  (Device Flow)   │◀────│  API            │
+└─────────────────┘     └──────────────────┘     └─────────────────┘
+```
+
+1. **Device Flow (RFC 8628)**: Opens your browser to `chat.qwen.ai` for authentication
+2. **Automatic Polling**: Detects authorization completion automatically
+3. **Token Storage**: Saves credentials to `~/.qwen/oauth_creds.json`
+4. **Auto-refresh**: Renews tokens 30 seconds before expiration
+
+## 📊 Usage Limits
+
+| Plan | Rate Limit | Daily Limit |
+|------|------------|-------------|
+| Free (OAuth) | 60 req/min | 2,000 req/day |
+
+> [!NOTE]
+> Limits reset at midnight UTC. For higher limits, consider using an API key from [DashScope](https://dashscope.aliyun.com).
+
+## 🔧 Troubleshooting
+
+### Token expired
+
+The plugin automatically renews tokens. If issues persist:
+
+```bash
+# Remove old credentials
+rm ~/.qwen/oauth_creds.json
+
+# Re-authenticate
+opencode auth login
+```
+
+### Provider not showing in `auth login`
+
+The `qwen-code` provider is added via plugin. In the `opencode auth login` command:
+
+1. Select **"Other"**
+2. Type `qwen-code`
+
+### Rate limit exceeded (429 errors)
+
+- Wait until midnight UTC for quota reset
+- Switch to another Qwen account and login again if quota is exhausted
+- Consider [DashScope API](https://dashscope.aliyun.com) for higher limits
+
+## 🛠️ Development
+
+```bash
+# Clone the repository
+git clone https://github.com/1579364808/opencode-qwen-auth.git
+cd opencode-qwencode-auth
+
+# Install dependencies
+bun install
+
+# Type check
+bun run typecheck
+```
+
+### Local testing
+
+Edit `~/.opencode/package.json`:
+
+```json
+{
+  "dependencies": {
+    "@melodyoftears/opencode-qwen-auth": "file:///absolute/path/to/opencode-qwencode-auth"
+  }
+}
+```
+
+Then reinstall:
+
+```bash
+cd ~/.opencode && npm install
+```
+
+## 📁 Project Structure
+
+```
+src/
+├── constants.ts        # OAuth endpoints, models config
+├── types.ts            # TypeScript interfaces
+├── index.ts            # Main plugin entry point
+├── qwen/
+│   └── oauth.ts        # OAuth Device Flow + PKCE
+└── plugin/
+    ├── auth.ts         # Credentials management
+    └── utils.ts        # Helper utilities
+```
+
+## 🔗 Related Projects
+
+- [qwen-code](https://github.com/QwenLM/qwen-code) - Official Qwen coding CLI
+- [OpenCode](https://opencode.ai) - AI-powered CLI for development
+- [opencode-gemini-auth](https://github.com/jenslys/opencode-gemini-auth) - Similar plugin for Google Gemini
+
+## 📄 License
+
+MIT
+
+---
+
+<p align="center">
+  Made with ❤️ for the OpenCode community
+</p>

package/README.zh-CN.md

@@ -0,0 +1,165 @@
+# 🤖 OpenCode 的 Qwen OAuth 插件
+
+![npm version](https://img.shields.io/npm/v/%40melodyoftears%2Fopencode-qwen-auth)
+![License](https://img.shields.io/github/license/1579364808/opencode-qwen-auth)
+![GitHub stars](https://img.shields.io/github/stars/1579364808/opencode-qwen-auth)
+
+<p align="center">
+  <img src="assets/screenshot.png" alt="OpenCode with Qwen Code" width="800">
+</p>
+
+**使用你的 qwen.ai 账号为 OpenCode CLI 登录。** 该插件可让你使用 Qwen OAuth 模型（`coder-model` 与 `vision-model`），享受 **每天 2,000 次免费请求**，无需 API Key 或信用卡。
+
+[🇺🇸 English](./README.md)
+
+## ✨ 功能
+
+- 🔐 **OAuth Device Flow**：基于浏览器的安全登录（RFC 8628）
+- ⚡ **自动轮询**：授权完成后自动检测，无需手动回车
+- 🆓 **免费额度**：每天 2,000 次请求
+- 🧠 **超长上下文**：支持最高 1M 上下文模型
+- 🔄 **自动续期**：Token 过期前自动刷新
+- 🔗 **兼容 qwen-code**：复用 `~/.qwen/oauth_creds.json` 凭据
+
+## 📋 前置条件
+
+- 已安装 [OpenCode CLI](https://opencode.ai)
+- 一个 [qwen.ai](https://chat.qwen.ai) 账号（可免费注册）
+
+## 🚀 安装
+
+### 1) 安装插件
+
+```bash
+cd ~/.opencode && npm install @melodyoftears/opencode-qwen-auth
+```
+
+### 2) 启用插件
+
+编辑 `~/.opencode/opencode.jsonc`：
+
+```json
+{
+  "plugin": ["@melodyoftears/opencode-qwen-auth"]
+}
+```
+
+## 🔑 使用
+
+### 1) 登录
+
+```bash
+opencode auth login
+```
+
+### 2) 选择 Provider
+
+选择 **"Other"**，输入 `qwen-code`
+
+### 3) 完成授权
+
+选择 **"Qwen Code (qwen.ai OAuth)"**
+
+- 浏览器会自动打开授权页
+- 授权完成后插件会自动检测并保存
+
+> [!TIP]
+> 在 OpenCode TUI 中，**Qwen Code** provider 会自动出现在 provider 列表。
+
+## 🎯 可用模型
+
+| 模型 | ID | 输入 | 输出 | 上下文 | 最大输出 | 费用 |
+|------|----|------|------|--------|----------|------|
+| Qwen Coder (Qwen 3.5 Plus) | `coder-model` | text | text | 1M tokens | 65,536 tokens | Free |
+| Qwen VL Plus (Vision) | `vision-model` | text, image | text | 128K tokens | 8,192 tokens | Free |
+
+### 指定模型运行
+
+```bash
+opencode --provider qwen-code --model coder-model
+opencode --provider qwen-code --model vision-model
+```
+
+## ⚙️ 工作原理
+
+```
+┌─────────────────┐     ┌──────────────────┐     ┌─────────────────┐
+│   OpenCode CLI  │────▶│  qwen.ai OAuth   │────▶│  Qwen Models    │
+│                 │◀────│  (Device Flow)   │◀────│  API            │
+└─────────────────┘     └──────────────────┘     └─────────────────┘
+```
+
+1. Device Flow 打开 `chat.qwen.ai` 授权页面
+2. 插件自动轮询授权结果
+3. 凭据保存到 `~/.qwen/oauth_creds.json`
+4. Access Token 在到期前自动刷新
+
+## 📊 使用限制
+
+| 计划 | 频率限制 | 每日限制 |
+|------|----------|----------|
+| 免费（OAuth） | 60 req/min | 2,000 req/day |
+
+> [!NOTE]
+> 配额通常按 UTC 零点重置。若需更高额度，可考虑使用 [DashScope](https://dashscope.aliyun.com) API Key。
+
+## 🔧 故障排查
+
+### Token 过期或异常
+
+```bash
+# 删除旧凭据
+rm ~/.qwen/oauth_creds.json
+
+# 重新登录
+opencode auth login
+```
+
+### `auth login` 中看不到 provider
+
+`qwen-code` 是插件注入的 provider。请在 `opencode auth login` 中：
+
+1. 选择 **"Other"**
+2. 输入 `qwen-code`
+
+### 遇到 429 限流
+
+- 等待 UTC 零点重置
+- 配额耗尽时切换账号并重新登录
+- 需要更高额度可使用 DashScope API
+
+## 🛠️ 开发
+
+```bash
+# 克隆仓库
+git clone https://github.com/1579364808/opencode-qwen-auth.git
+cd opencode-qwencode-auth
+
+# 安装依赖
+bun install
+
+# 类型检查
+bun run typecheck
+```
+
+### 本地联调
+
+编辑 `~/.opencode/package.json`：
+
+```json
+{
+  "dependencies": {
+    "@melodyoftears/opencode-qwen-auth": "file:///absolute/path/to/opencode-qwencode-auth"
+  }
+}
+```
+
+然后重新安装：
+
+```bash
+cd ~/.opencode && npm install
+```
+
+## 📄 License
+
+MIT

package/dist/cli.js

@@ -0,0 +1,83 @@
+#!/usr/bin/env node
+
+// src/cli.ts
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { createInterface } from "node:readline";
+var CREDS_PATH = join(homedir(), ".qwen", "oauth_creds.json");
+var rl = createInterface({
+  input: process.stdin,
+  output: process.stdout
+});
+function question(prompt) {
+  return new Promise((resolve) => {
+    rl.question(prompt, resolve);
+  });
+}
+async function main() {
+  console.log(`
+Qwen Auth CLI Helper
+`);
+  console.log(`This tool helps you set up Qwen authentication manually.
+`);
+  if (existsSync(CREDS_PATH)) {
+    const data = JSON.parse(readFileSync(CREDS_PATH, "utf-8"));
+    console.log("Existing credentials found at:", CREDS_PATH);
+    if (data.access_token) {
+      console.log("Access token: Present");
+      console.log("Email:", data.email || "Not set");
+      console.log("Updated at:", data.updated_at ? new Date(data.updated_at).toISOString() : "Unknown");
+      const overwrite = await question(`
+Overwrite existing credentials? (y/N): `);
+      if (overwrite.toLowerCase() !== "y") {
+        console.log(`
+Keeping existing credentials. Exiting.`);
+        rl.close();
+        return;
+      }
+    }
+  }
+  console.log(`
+Instructions:`);
+  console.log("1. Open https://chat.qwen.ai in your browser");
+  console.log("2. Sign in with your account");
+  console.log("3. Open Developer Tools (F12) -> Network tab");
+  console.log("4. Make any chat request");
+  console.log("5. Find a request to chat.qwen.ai");
+  console.log('6. Copy the "Authorization" header value (starts with "Bearer ...")');
+  console.log("");
+  const token = await question('Paste your Bearer token (or just the token without "Bearer "): ');
+  if (!token.trim()) {
+    console.log("No token provided. Exiting.");
+    rl.close();
+    return;
+  }
+  let accessToken = token.trim();
+  if (accessToken.toLowerCase().startsWith("bearer ")) {
+    accessToken = accessToken.slice(7);
+  }
+  const email = await question("Email (optional, press Enter to skip): ");
+  const dir = join(homedir(), ".qwen");
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  const credentials = {
+    access_token: accessToken,
+    email: email.trim() || undefined,
+    updated_at: Date.now()
+  };
+  writeFileSync(CREDS_PATH, JSON.stringify(credentials, null, 2));
+  console.log(`
+Credentials saved to:`, CREDS_PATH);
+  console.log(`
+You can now use OpenCode with Qwen models:`);
+  console.log("  opencode --provider qwen-code --model coder-model");
+  console.log("  opencode --provider qwen-code --model vision-model");
+  rl.close();
+}
+main().catch((error) => {
+  console.error("Error:", error);
+  rl.close();
+  process.exit(1);
+});

package/dist/index.js

@@ -0,0 +1,394 @@
+// src/index.ts
+import { spawn } from "node:child_process";
+
+// src/constants.ts
+var QWEN_PROVIDER_ID = "qwen-code";
+var QWEN_OAUTH_CONFIG = {
+  baseUrl: "https://chat.qwen.ai",
+  deviceCodeEndpoint: "https://chat.qwen.ai/api/v1/oauth2/device/code",
+  tokenEndpoint: "https://chat.qwen.ai/api/v1/oauth2/token",
+  clientId: "f0304373b74a44d2b584a3fb70ca9e56",
+  scope: "openid profile email model.completion",
+  grantType: "urn:ietf:params:oauth:grant-type:device_code"
+};
+var QWEN_API_CONFIG = {
+  defaultBaseUrl: "https://dashscope.aliyuncs.com/compatible-mode/v1",
+  portalBaseUrl: "https://portal.qwen.ai/v1",
+  chatEndpoint: "/chat/completions",
+  modelsEndpoint: "/models",
+  baseUrl: "https://portal.qwen.ai/v1"
+};
+var QWEN_MODELS = {
+  "coder-model": {
+    id: "coder-model",
+    name: "Qwen Coder (Qwen 3.5 Plus)",
+    contextWindow: 1048576,
+    maxOutput: 65536,
+    description: "Text-to-text coding model with 1M context and 65,536 max output",
+    reasoning: true,
+    cost: { input: 0, output: 0 }
+  },
+  "vision-model": {
+    id: "vision-model",
+    name: "Qwen VL Plus (Vision)",
+    contextWindow: 131072,
+    maxOutput: 8192,
+    description: "Text and image input model with 128K context and 8,192 max output",
+    reasoning: false,
+    cost: { input: 0, output: 0 }
+  }
+};
+
+// src/plugin/auth.ts
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { existsSync, writeFileSync, mkdirSync, readFileSync } from "node:fs";
+function getCredentialsPath() {
+  const homeDir = homedir();
+  return join(homeDir, ".qwen", "oauth_creds.json");
+}
+function saveCredentials(credentials) {
+  const credPath = getCredentialsPath();
+  const dir = join(homedir(), ".qwen");
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  const data = {
+    access_token: credentials.accessToken,
+    token_type: credentials.tokenType || "Bearer",
+    refresh_token: credentials.refreshToken,
+    resource_url: credentials.resourceUrl,
+    expiry_date: credentials.expiryDate,
+    scope: credentials.scope
+  };
+  writeFileSync(credPath, JSON.stringify(data, null, 2));
+}
+function loadCredentials() {
+  const credPath = getCredentialsPath();
+  if (!existsSync(credPath)) {
+    return null;
+  }
+  try {
+    const raw = JSON.parse(readFileSync(credPath, "utf-8"));
+    const accessToken = raw.access_token || raw.accessToken;
+    if (!accessToken || typeof accessToken !== "string") {
+      return null;
+    }
+    return {
+      accessToken,
+      tokenType: raw.token_type || raw.tokenType || "Bearer",
+      refreshToken: raw.refresh_token || raw.refreshToken,
+      resourceUrl: raw.resource_url || raw.resourceUrl,
+      expiryDate: raw.expiry_date || raw.expiryDate,
+      scope: raw.scope
+    };
+  } catch {
+    return null;
+  }
+}
+
+// src/qwen/oauth.ts
+import { randomBytes, createHash, randomUUID } from "node:crypto";
+
+// src/errors.ts
+var REAUTH_HINT = 'Execute "opencode auth login" e selecione "Qwen Code (qwen.ai OAuth)" para autenticar.';
+var AUTH_MESSAGES = {
+  token_expired: `[Qwen] Token expirado. ${REAUTH_HINT}`,
+  refresh_failed: `[Qwen] Falha ao renovar token. ${REAUTH_HINT}`,
+  auth_required: `[Qwen] Autenticacao necessaria. ${REAUTH_HINT}`
+};
+
+class QwenAuthError extends Error {
+  kind;
+  technicalDetail;
+  constructor(kind, technicalDetail) {
+    super(AUTH_MESSAGES[kind]);
+    this.name = "QwenAuthError";
+    this.kind = kind;
+    this.technicalDetail = technicalDetail;
+  }
+}
+function logTechnicalDetail(detail) {
+  if (process.env.OPENCODE_QWEN_DEBUG === "1") {
+    console.debug("[Qwen Debug]", detail);
+  }
+}
+
+// src/qwen/oauth.ts
+class SlowDownError extends Error {
+  constructor() {
+    super("slow_down: server requested increased polling interval");
+    this.name = "SlowDownError";
+  }
+}
+function generatePKCE() {
+  const verifier = randomBytes(32).toString("base64url");
+  const challenge = createHash("sha256").update(verifier).digest("base64url");
+  return { verifier, challenge };
+}
+function objectToUrlEncoded(data) {
+  return Object.keys(data).map((key) => `${encodeURIComponent(key)}=${encodeURIComponent(data[key])}`).join("&");
+}
+async function requestDeviceAuthorization(codeChallenge) {
+  const bodyData = {
+    client_id: QWEN_OAUTH_CONFIG.clientId,
+    scope: QWEN_OAUTH_CONFIG.scope,
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256"
+  };
+  const response = await fetch(QWEN_OAUTH_CONFIG.deviceCodeEndpoint, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+      "x-request-id": randomUUID()
+    },
+    body: objectToUrlEncoded(bodyData)
+  });
+  if (!response.ok) {
+    const errorData = await response.text();
+    logTechnicalDetail(`Device auth HTTP ${response.status}: ${errorData}`);
+    throw new QwenAuthError("auth_required", `HTTP ${response.status}: ${errorData}`);
+  }
+  const result = await response.json();
+  if (!result.device_code || !result.user_code) {
+    throw new Error("Invalid device authorization response");
+  }
+  return result;
+}
+async function pollDeviceToken(deviceCode, codeVerifier) {
+  const bodyData = {
+    grant_type: QWEN_OAUTH_CONFIG.grantType,
+    client_id: QWEN_OAUTH_CONFIG.clientId,
+    device_code: deviceCode,
+    code_verifier: codeVerifier
+  };
+  const response = await fetch(QWEN_OAUTH_CONFIG.tokenEndpoint, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json"
+    },
+    body: objectToUrlEncoded(bodyData)
+  });
+  if (!response.ok) {
+    const responseText = await response.text();
+    try {
+      const errorData = JSON.parse(responseText);
+      if (response.status === 400 && errorData.error === "authorization_pending") {
+        return null;
+      }
+      if (response.status === 429 && errorData.error === "slow_down") {
+        throw new SlowDownError;
+      }
+      throw new Error(`Token poll failed: ${errorData.error || "Unknown error"} - ${errorData.error_description || responseText}`);
+    } catch (parseError) {
+      if (parseError instanceof SyntaxError) {
+        throw new Error(`Token poll failed: ${response.status} ${response.statusText}. Response: ${responseText}`);
+      }
+      throw parseError;
+    }
+  }
+  return await response.json();
+}
+function tokenResponseToCredentials(tokenResponse) {
+  return {
+    accessToken: tokenResponse.access_token,
+    tokenType: tokenResponse.token_type || "Bearer",
+    refreshToken: tokenResponse.refresh_token,
+    resourceUrl: tokenResponse.resource_url,
+    expiryDate: Date.now() + tokenResponse.expires_in * 1000,
+    scope: tokenResponse.scope
+  };
+}
+async function refreshAccessToken(refreshToken) {
+  const bodyData = {
+    grant_type: "refresh_token",
+    refresh_token: refreshToken,
+    client_id: QWEN_OAUTH_CONFIG.clientId
+  };
+  const response = await fetch(QWEN_OAUTH_CONFIG.tokenEndpoint, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json"
+    },
+    body: objectToUrlEncoded(bodyData)
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    logTechnicalDetail(`Token refresh HTTP ${response.status}: ${errorText}`);
+    throw new QwenAuthError("refresh_failed", `HTTP ${response.status}: ${errorText}`);
+  }
+  const data = await response.json();
+  return {
+    accessToken: data.access_token,
+    tokenType: data.token_type || "Bearer",
+    refreshToken: data.refresh_token || refreshToken,
+    resourceUrl: data.resource_url,
+    expiryDate: Date.now() + data.expires_in * 1000,
+    scope: data.scope
+  };
+}
+
+// src/index.ts
+function openBrowser(url) {
+  try {
+    const platform = process.platform;
+    const command = platform === "darwin" ? "open" : platform === "win32" ? "rundll32" : "xdg-open";
+    const args = platform === "win32" ? ["url.dll,FileProtocolHandler", url] : [url];
+    const child = spawn(command, args, { stdio: "ignore", detached: true });
+    child.unref?.();
+  } catch {}
+}
+function normalizeVerificationUrl(candidate) {
+  if (typeof candidate === "string" && candidate.trim().length > 0) {
+    try {
+      const parsed = new URL(candidate);
+      if (parsed.protocol === "http:" || parsed.protocol === "https:") {
+        return parsed.toString();
+      }
+    } catch {}
+  }
+  return "https://chat.qwen.ai";
+}
+async function getValidAccessToken(getAuth) {
+  const now = Date.now();
+  const localCreds = loadCredentials();
+  if (localCreds?.accessToken) {
+    const isExpired = typeof localCreds.expiryDate === "number" && now > localCreds.expiryDate - 60000;
+    if (!isExpired) {
+      return localCreds.accessToken;
+    }
+    if (localCreds.refreshToken) {
+      try {
+        const refreshed = await refreshAccessToken(localCreds.refreshToken);
+        saveCredentials(refreshed);
+        return refreshed.accessToken;
+      } catch {}
+    }
+  }
+  const auth = await getAuth();
+  if (!auth || auth.type !== "oauth") {
+    return null;
+  }
+  let accessToken = auth.access;
+  if (accessToken && auth.expires && now > auth.expires - 60000 && auth.refresh) {
+    try {
+      const refreshed = await refreshAccessToken(auth.refresh);
+      accessToken = refreshed.accessToken;
+      saveCredentials(refreshed);
+    } catch (e) {
+      const detail = e instanceof Error ? e.message : String(e);
+      logTechnicalDetail(`Token refresh falhou: ${detail}`);
+      accessToken = undefined;
+    }
+  }
+  return accessToken ?? null;
+}
+var QwenAuthPlugin = async (_input) => {
+  return {
+    auth: {
+      provider: QWEN_PROVIDER_ID,
+      loader: async (getAuth, provider) => {
+        if (provider?.models) {
+          for (const model of Object.values(provider.models)) {
+            if (model)
+              model.cost = { input: 0, output: 0 };
+          }
+        }
+        const accessToken = await getValidAccessToken(getAuth);
+        if (!accessToken)
+          return null;
+        return {
+          apiKey: accessToken,
+          baseURL: QWEN_API_CONFIG.baseUrl
+        };
+      },
+      methods: [
+        {
+          type: "oauth",
+          label: "Qwen Code (qwen.ai OAuth)",
+          authorize: async () => {
+            const { verifier, challenge } = generatePKCE();
+            try {
+              const deviceAuth = await requestDeviceAuthorization(challenge);
+              const verificationUrl = normalizeVerificationUrl(deviceAuth.verification_uri_complete || deviceAuth.verification_uri);
+              openBrowser(verificationUrl);
+              const POLLING_MARGIN_MS = 3000;
+              return {
+                url: verificationUrl,
+                instructions: `Codigo: ${deviceAuth.user_code}`,
+                method: "auto",
+                callback: async () => {
+                  const startTime = Date.now();
+                  const timeoutMs = deviceAuth.expires_in * 1000;
+                  let interval = 5000;
+                  while (Date.now() - startTime < timeoutMs) {
+                    await new Promise((resolve) => setTimeout(resolve, interval + POLLING_MARGIN_MS));
+                    try {
+                      const tokenResponse = await pollDeviceToken(deviceAuth.device_code, verifier);
+                      if (tokenResponse) {
+                        const credentials = tokenResponseToCredentials(tokenResponse);
+                        saveCredentials(credentials);
+                        return {
+                          type: "success",
+                          access: credentials.accessToken,
+                          refresh: credentials.refreshToken ?? "",
+                          expires: credentials.expiryDate || Date.now() + 3600000
+                        };
+                      }
+                    } catch (e) {
+                      if (e instanceof SlowDownError) {
+                        interval = Math.min(interval + 5000, 15000);
+                      } else if (!(e instanceof Error) || !e.message.includes("authorization_pending")) {
+                        return { type: "failed" };
+                      }
+                    }
+                  }
+                  return { type: "failed" };
+                }
+              };
+            } catch (e) {
+              const msg = e instanceof Error ? e.message : "Erro desconhecido";
+              return {
+                url: "https://chat.qwen.ai",
+                instructions: `Erro: ${msg}`,
+                method: "auto",
+                callback: async () => ({ type: "failed" })
+              };
+            }
+          }
+        }
+      ]
+    },
+    config: async (config) => {
+      const providers = config.provider || {};
+      providers[QWEN_PROVIDER_ID] = {
+        npm: "@ai-sdk/openai-compatible",
+        name: "Qwen Code",
+        options: { baseURL: QWEN_API_CONFIG.baseUrl },
+        models: Object.fromEntries(Object.entries(QWEN_MODELS).map(([id, m]) => [
+          id,
+          {
+            id: m.id,
+            name: m.name,
+            reasoning: m.reasoning,
+            limit: { context: m.contextWindow, output: m.maxOutput },
+            cost: m.cost,
+            modalities: {
+              input: id === "vision-model" ? ["text", "image"] : ["text"],
+              output: ["text"]
+            }
+          }
+        ]))
+      };
+      config.provider = providers;
+    }
+  };
+};
+var src_default = QwenAuthPlugin;
+export {
+  src_default as default,
+  QwenAuthPlugin
+};

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@melodyoftears/opencode-qwen-auth",
+  "version": "1.3.1",
+  "description": "Qwen OAuth authentication plugin for OpenCode - Access Qwen AI models (Coder, Vision) with your qwen.ai account",
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "type": "module",
+  "scripts": {
+    "build": "bun build ./src/index.ts --outdir ./dist --target node --format esm && bun build ./src/cli.ts --outdir ./dist --target node --format esm",
+    "dev": "bun run --watch src/index.ts",
+    "typecheck": "tsc --noEmit"
+  },
+  "keywords": [
+    "opencode",
+    "qwen",
+    "qwen-code",
+    "coder-model",
+    "vision-model",
+    "oauth",
+    "authentication",
+    "ai",
+    "llm",
+    "opencode-plugins"
+  ],
+  "author": "melodyoftears",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/1579364808/opencode-qwen-auth.git"
+  },
+  "homepage": "https://github.com/1579364808/opencode-qwen-auth#readme",
+  "bugs": {
+    "url": "https://github.com/1579364808/opencode-qwen-auth/issues"
+  },
+  "devDependencies": {
+    "@opencode-ai/plugin": "^1.1.48",
+    "@types/node": "^22.0.0",
+    "bun-types": "^1.1.0",
+    "typescript": "^5.6.0"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "README.zh-CN.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=20.0.0"
+  }
+}