@oevortex/opencode-qwen-auth 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,220 @@
+# OpenCode Qwen Auth Plugin
+
+Authenticate the OpenCode CLI with your Qwen Code account so you can use Qwen models with your existing quota.
+
+## Features
+
+- **OAuth Authentication** - Authenticate with Qwen using the same flow as Qwen Code CLI
+- **Automatic Token Refresh** - Handles token refresh transparently with no manual intervention
+- **Thinking Block Support** - Parses `<think>...</think>` blocks from Qwen models that support reasoning
+- **Rate Limit Handling** - Automatic retry with exponential backoff for rate limits
+- **API Key Fallback** - Option to use DashScope API key directly
+
+## Setup
+
+1. Add the plugin to your OpenCode config:
+
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "plugin": ["@oevortex/opencode-qwen-auth"]
+}
+
+```
+
+2. Run `opencode auth login`.
+
+3. Choose the Qwen provider and select **OAuth with Qwen (Alibaba Cloud)**.
+
+4. Authenticate with your Qwen account in the browser.
+
+The plugin spins up a local callback listener on `http://localhost:36743/oauth-callback`, so after approving in the browser you'll land on an "Authentication complete" page with no URL copy/paste required. If that port is already taken or you're in a headless environment, the CLI automatically falls back to the copy/paste flow.
+
+## Supported Models
+
+This plugin works with Qwen Code models accessible through the OAuth flow:
+
+| Model ID | Alias | Context Window | Max Output |
+|----------|-------|----------------|------------|
+| `qwen3-coder-plus` | `qwen-coder-plus` | 1,000,000 | 65,536 |
+| `qwen3-coder-flash` | `qwen-coder-flash` | 1,000,000 | 65,536 |
+
+All models are **free** when using OAuth authentication.
+
+## Example OpenCode Config
+
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "plugin": ["@oevortex/opencode-qwen-auth"],
+
+  "provider": {
+    "qwencode": {
+      "npm": "@ai-sdk/openai-compatible",
+      "options": {
+        "baseURL": "https://portal.qwen.ai/v1"
+      },
+      "models": {
+        "qwen3-coder-plus": {
+          "id": "qwen3-coder-plus",
+          "name": "Qwen3 Coder Plus",
+          "limit": { "context": 1000000, "output": 65536 },
+          "cost": { "input": 0, "output": 0 }
+        },
+        "qwen3-coder-flash": {
+          "id": "qwen3-coder-flash",
+          "name": "Qwen3 Coder Flash",
+          "limit": { "context": 1000000, "output": 65536 },
+          "cost": { "input": 0, "output": 0 }
+        },
+        "qwen-coder-plus": {
+          "id": "qwen3-coder-plus",
+          "name": "Qwen Coder Plus (Alias)",
+          "limit": { "context": 1000000, "output": 65536 },
+          "cost": { "input": 0, "output": 0 }
+        },
+        "qwen-coder-flash": {
+          "id": "qwen3-coder-flash",
+          "name": "Qwen Coder Flash (Alias)",
+          "limit": { "context": 1000000, "output": 65536 },
+          "cost": { "input": 0, "output": 0 }
+        }
+      }
+    }
+  }
+}
+```
+
+## Prerequisites
+
+Before using this plugin, you need to have authenticated with the Qwen Code CLI at least once. This creates the OAuth credentials that the plugin uses.
+
+```bash
+# Install Qwen Code CLI if not already installed
+npm install -g @qwen-code/qwen-code@latest
+
+# Authenticate with Qwen
+qwen
+```
+
+The plugin reads credentials from `~/.qwen/oauth_creds.json`.
+
+## Alternative: API Key Authentication
+
+If you prefer to use an API key directly instead of OAuth:
+
+1. Get an API key from [DashScope Console](https://dashscope.console.aliyun.com/)
+
+2. During `opencode auth login`, select **Manually enter API Key**
+
+3. Enter your DashScope API key
+
+## Local Development
+
+```bash
+git clone https://github.com/OEvortex/opencode-qwen-auth.git
+cd opencode-qwen-auth
+bun install
+```
+
+To load a local checkout in OpenCode:
+
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "plugin": ["file:///absolute/path/to/opencode-qwen-auth"]
+}
+```
+
+## Thinking Block Support
+
+Qwen models support thinking/reasoning through `<think>...</think>` blocks. The plugin automatically parses these and separates reasoning content from regular output.
+
+Example model response:
+```
+<think>
+Let me analyze this code...
+The function appears to have a bug in the loop condition.
+</think>
+
+I found an issue in your code. The loop condition should be...
+```
+
+The plugin exposes utilities for working with thinking blocks:
+
+```typescript
+import { parseThinkingBlocks, stripThinkingBlocks } from "@oevortex/opencode-qwen-auth";
+
+
+const result = parseThinkingBlocks(text);
+console.log(result.regularContent);   // Main response
+console.log(result.reasoningContent); // Thinking content
+```
+
+## Debugging
+
+Enable debug logging by setting the environment variable:
+
+```bash
+OPENCODE_QWEN_CONSOLE_LOG=1 opencode
+```
+
+Or use OpenCode's built-in logging:
+
+```bash
+opencode --log-level DEBUG --print-logs
+```
+
+## Troubleshooting
+
+### "Qwen OAuth credentials not found"
+
+Make sure you've authenticated with the Qwen Code CLI first:
+
+```bash
+qwen-code auth login
+```
+
+### Token refresh failures
+
+If token refresh keeps failing, try re-authenticating:
+
+```bash
+opencode auth login
+```
+
+And select the Qwen OAuth option again.
+
+### Rate limiting
+
+The plugin handles rate limits automatically with exponential backoff. If you're hitting limits frequently, consider:
+
+- Using `qwen3-coder-flash` for faster responses
+- Waiting between requests
+- Upgrading your Qwen account
+
+## How It Works
+
+1. **Initial Auth**: When you run `opencode auth login`, the plugin starts a local HTTP server and opens your browser to the Qwen OAuth page.
+
+2. **Token Storage**: After successful auth, tokens are stored in OpenCode's auth system and in `~/.qwen/oauth_creds.json`.
+
+3. **Request Handling**: All API requests go through a custom fetch wrapper that:
+   - Adds authorization headers
+   - Refreshes expired tokens automatically
+   - Handles rate limits with retry logic
+   - Transforms requests for Qwen API compatibility
+
+4. **Token Refresh**: Access tokens are refreshed automatically before they expire (with a 60-second buffer).
+
+## Credits
+
+This plugin is based on:
+
+- [revibe](https://github.com/OEvortex/revibe) - Original Python implementation of Qwen OAuth
+- [Roo-Code](https://github.com/RooCodeInc/Roo-Code) - Reference implementation for Qwen Code API
+- [opencode-google-antigravity-auth](https://github.com/shekohex/opencode-google-antigravity-auth) - OpenCode plugin architecture reference
+
+## License
+
+MIT

package/index.ts

@@ -0,0 +1,82 @@
+/**
+ * OpenCode Qwen Auth Plugin
+ *
+ * Provides OAuth authentication for Qwen/Alibaba Cloud DashScope API
+ * allowing OpenCode to use Qwen models with your existing credentials.
+ *
+ * @module opencode-qwen-auth
+ */
+
+// Main plugin export
+export { QwenOAuthPlugin, QwenOAuthPlugin as default } from "./src/plugin";
+
+// OAuth utilities
+export {
+  QwenOAuthManager,
+  getQwenCachedCredentialPath,
+  hasQwenCredentials,
+} from "./src/qwen/oauth";
+
+// Thinking block parser
+export {
+  ThinkingBlockParser,
+  parseThinkingBlocks,
+  stripThinkingBlocks,
+  extractThinkingContent,
+  hasThinkingBlocks,
+} from "./src/qwen/thinking-parser";
+
+// Auth utilities
+export {
+  isOAuthAuth,
+  accessTokenExpired,
+  parseRefreshParts,
+  formatRefreshParts,
+  createAuthDetails,
+} from "./src/plugin/auth";
+
+// Token utilities
+export {
+  refreshAccessToken,
+  ensureValidToken,
+  needsTokenRefresh,
+} from "./src/plugin/token";
+
+// Models configuration
+export {
+  QWEN_CODE_MODELS,
+  MODEL_ALIASES,
+  DEFAULT_MODEL,
+  getModelInfo,
+  resolveModelId,
+  getAllModelIds,
+  isValidModel,
+  generateProviderConfig,
+} from "./src/models";
+
+// Types
+export type {
+  QwenOAuthCredentials,
+  QwenTokenResponse,
+  QwenModelInfo,
+  ChatMessage,
+  ChatCompletionRequest,
+  ChatCompletionResponse,
+  Tool,
+  ToolCall,
+  ToolChoice,
+  AuthDetails,
+  OAuthAuthDetails,
+  PluginContext,
+  PluginResult,
+  TokenExchangeResult,
+} from "./src/types";
+
+// Constants
+export {
+  QWEN_PROVIDER_ID,
+  QWEN_OAUTH_BASE_URL,
+  QWEN_DEFAULT_BASE_URL,
+  QWEN_INTL_BASE_URL,
+  QWEN_PORTAL_BASE_URL,
+} from "./src/constants";

package/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "@oevortex/opencode-qwen-auth",
+  "module": "index.ts",
+  "version": "0.1.0",
+  "scripts": {
+    "test": "bun test",
+    "test:unit": "bun test src/**/*.test.ts"
+  },
+  "description": "Opencode plugin providing Qwen Code OAuth authentication for Qwen/Alibaba Cloud models",
+  "author": "",
+  "keywords": [
+    "opencode",
+    "qwen",
+    "alibaba",
+    "dashscope",
+    "oauth",
+    "authentication",
+    "ai",
+    "plugin"
+  ],
+  "repository": "",
+  "files": [
+    "index.ts",
+    "src"
+  ],
+  "license": "MIT",
+  "type": "module",
+  "devDependencies": {
+    "@opencode-ai/sdk": "^1.0.182",
+    "@types/bun": "latest",
+    "@types/node": "^22.0.0"
+  },
+  "peerDependencies": {
+    "typescript": "^5.9.3"
+  },
+  "dependencies": {
+    "@opencode-ai/plugin": "^1.0.182",
+    "open": "^11.0.0"
+  }
+}

package/src/constants.ts

@@ -0,0 +1,43 @@
+// Qwen OAuth Configuration
+export const QWEN_OAUTH_BASE_URL = "https://chat.qwen.ai";
+export const QWEN_OAUTH_TOKEN_ENDPOINT = `${QWEN_OAUTH_BASE_URL}/api/v1/oauth2/token`;
+export const QWEN_OAUTH_CLIENT_ID = "f0304373b74a44d2b584a3fb70ca9e56";
+
+// Credential storage
+export const QWEN_DIR = ".qwen";
+export const QWEN_CREDENTIAL_FILENAME = "oauth_creds.json";
+
+// Default API Base URLs
+export const QWEN_DEFAULT_BASE_URL =
+  "https://dashscope.aliyuncs.com/compatible-mode/v1";
+export const QWEN_INTL_BASE_URL =
+  "https://dashscope-intl.aliyuncs.com/compatible-mode/v1";
+export const QWEN_PORTAL_BASE_URL = "https://portal.qwen.ai/v1";
+
+// Token refresh buffer (30 seconds in milliseconds)
+export const TOKEN_REFRESH_BUFFER_MS = 30 * 1000;
+
+// HTTP Status codes
+export const HTTP_OK = 200;
+export const HTTP_UNAUTHORIZED = 401;
+
+// Provider ID for OpenCode
+export const QWEN_PROVIDER_ID = "qwencode";
+
+// OAuth callback configuration
+export const QWEN_CALLBACK_PORT = 36743;
+export const QWEN_REDIRECT_URI = `http://localhost:${QWEN_CALLBACK_PORT}/oauth-callback`;
+
+// User Agent
+export const QWEN_USER_AGENT = "qwen-code/1.0.0";
+
+// Rate limit configuration
+export const RATE_LIMIT_BACKOFF_BASE_MS = 1000;
+export const RATE_LIMIT_BACKOFF_MAX_MS = 60 * 60 * 1000;
+export const RATE_LIMIT_MAX_RETRIES = 5;
+
+// Request timeout (in milliseconds)
+export const REQUEST_TIMEOUT_MS = 720 * 1000;
+
+// Console log environment variable
+export const ENV_CONSOLE_LOG = "OPENCODE_QWEN_CONSOLE_LOG";

package/src/global.d.ts

@@ -0,0 +1,257 @@
+/**
+ * Global type declarations for Node.js modules
+ * These help TypeScript resolve Node.js built-in modules
+ */
+
+/// <reference types="node" />
+
+declare module "readline" {
+  import { EventEmitter } from "events";
+
+  interface ReadLineOptions {
+    input: NodeJS.ReadableStream;
+    output?: NodeJS.WritableStream;
+    terminal?: boolean;
+    historySize?: number;
+    prompt?: string;
+    crlfDelay?: number;
+    removeHistoryDuplicates?: boolean;
+    escapeCodeTimeout?: number;
+  }
+
+  interface Interface extends EventEmitter {
+    question(query: string, callback: (answer: string) => void): void;
+    close(): void;
+    pause(): this;
+    resume(): this;
+    setPrompt(prompt: string): void;
+    prompt(preserveCursor?: boolean): void;
+    write(
+      data: string | Buffer,
+      key?: { ctrl?: boolean; meta?: boolean; shift?: boolean; name: string },
+    ): void;
+  }
+
+  function createInterface(options: ReadLineOptions): Interface;
+}
+
+declare module "node:readline" {
+  export * from "readline";
+}
+
+declare module "node:process" {
+  export const stdin: NodeJS.ReadableStream;
+  export const stdout: NodeJS.WritableStream;
+  export const stderr: NodeJS.WritableStream;
+  export const env: NodeJS.ProcessEnv;
+  export const platform: NodeJS.Platform;
+  export function cwd(): string;
+  export function exit(code?: number): never;
+}
+
+declare module "node:os" {
+  export function homedir(): string;
+  export function tmpdir(): string;
+  export function hostname(): string;
+  export function platform(): NodeJS.Platform;
+  export function type(): string;
+  export function release(): string;
+  export function arch(): string;
+  export function cpus(): Array<{
+    model: string;
+    speed: number;
+    times: object;
+  }>;
+  export function totalmem(): number;
+  export function freemem(): number;
+  export function networkInterfaces(): NodeJS.Dict<
+    Array<{
+      address: string;
+      netmask: string;
+      family: string;
+      mac: string;
+      internal: boolean;
+    }>
+  >;
+}
+
+declare module "node:path" {
+  export function join(...paths: string[]): string;
+  export function resolve(...paths: string[]): string;
+  export function dirname(path: string): string;
+  export function basename(path: string, ext?: string): string;
+  export function extname(path: string): string;
+  export function normalize(path: string): string;
+  export function isAbsolute(path: string): boolean;
+  export function relative(from: string, to: string): string;
+  export function parse(path: string): {
+    root: string;
+    dir: string;
+    base: string;
+    ext: string;
+    name: string;
+  };
+  export const sep: string;
+  export const delimiter: string;
+}
+
+declare module "node:fs" {
+  export function readFileSync(path: string, encoding: BufferEncoding): string;
+  export function readFileSync(path: string): Buffer;
+  export function writeFileSync(
+    path: string,
+    data: string | Buffer,
+    options?:
+      | { encoding?: BufferEncoding; mode?: number; flag?: string }
+      | BufferEncoding,
+  ): void;
+  export function existsSync(path: string): boolean;
+  export function mkdirSync(
+    path: string,
+    options?: { recursive?: boolean; mode?: number },
+  ): string | undefined;
+  export function readdirSync(path: string): string[];
+  export function statSync(path: string): {
+    isFile(): boolean;
+    isDirectory(): boolean;
+    size: number;
+    mtime: Date;
+  };
+  export function unlinkSync(path: string): void;
+  export function rmdirSync(
+    path: string,
+    options?: { recursive?: boolean },
+  ): void;
+  export function copyFileSync(src: string, dest: string): void;
+  export function renameSync(oldPath: string, newPath: string): void;
+}
+
+declare module "node:http" {
+  import { EventEmitter } from "events";
+  import { Duplex } from "stream";
+
+  export interface IncomingMessage extends Duplex {
+    url?: string;
+    method?: string;
+    headers: { [key: string]: string | string[] | undefined };
+    httpVersion: string;
+    statusCode?: number;
+    statusMessage?: string;
+  }
+
+  export interface ServerResponse extends Duplex {
+    statusCode: number;
+    statusMessage: string;
+    writeHead(
+      statusCode: number,
+      headers?: { [key: string]: string | string[] },
+    ): this;
+    setHeader(name: string, value: string | string[]): this;
+    getHeader(name: string): string | string[] | undefined;
+    removeHeader(name: string): void;
+    write(chunk: any, encoding?: BufferEncoding): boolean;
+    end(data?: any, encoding?: BufferEncoding): this;
+  }
+
+  export interface Server extends EventEmitter {
+    listen(port: number, hostname?: string, callback?: () => void): this;
+    listen(port: number, callback?: () => void): this;
+    close(callback?: (err?: Error) => void): this;
+    address():
+      | { address: string; family: string; port: number }
+      | string
+      | null;
+    on(event: string, listener: (...args: any[]) => void): this;
+    on(event: "error", listener: (err: Error) => void): this;
+    on(event: "listening", listener: () => void): this;
+    on(event: "close", listener: () => void): this;
+  }
+
+  export function createServer(
+    requestListener?: (req: IncomingMessage, res: ServerResponse) => void,
+  ): Server;
+}
+
+declare module "open" {
+  interface Options {
+    wait?: boolean;
+    background?: boolean;
+    newInstance?: boolean;
+    allowNonzeroExitCode?: boolean;
+    app?: { name: string; arguments?: string[] } | string;
+  }
+
+  function open(
+    target: string,
+    options?: Options,
+  ): Promise<import("child_process").ChildProcess>;
+  export default open;
+}
+
+declare var process: NodeJS.Process;
+
+declare namespace NodeJS {
+  interface Dict<T> {
+    [key: string]: T | undefined;
+  }
+
+  interface ProcessEnv {
+    [key: string]: string | undefined;
+  }
+
+  interface Process {
+    stdin: ReadableStream;
+    stdout: WritableStream;
+    stderr: WritableStream;
+    env: ProcessEnv;
+    platform: Platform;
+    cwd(): string;
+    exit(code?: number): never;
+  }
+
+  interface ReadableStream {
+    read(size?: number): string | Buffer | null;
+    on(event: string, listener: (...args: any[]) => void): this;
+    pipe<T extends WritableStream>(destination: T): T;
+  }
+
+  interface WritableStream {
+    write(chunk: any): boolean;
+    end(): void;
+    on(event: string, listener: (...args: any[]) => void): this;
+  }
+
+  interface ErrnoException extends Error {
+    errno?: number;
+    code?: string;
+    path?: string;
+    syscall?: string;
+    stack?: string;
+  }
+
+  type Platform =
+    | "aix"
+    | "android"
+    | "darwin"
+    | "freebsd"
+    | "haiku"
+    | "linux"
+    | "openbsd"
+    | "sunos"
+    | "win32"
+    | "cygwin"
+    | "netbsd";
+}
+
+type BufferEncoding =
+  | "ascii"
+  | "utf8"
+  | "utf-8"
+  | "utf16le"
+  | "ucs2"
+  | "ucs-2"
+  | "base64"
+  | "base64url"
+  | "latin1"
+  | "binary"
+  | "hex";