@openai-oauth/core 2.0.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md ADDED
@@ -0,0 +1,58 @@
1
+ # @openai-oauth/core
2
+
3
+ [Docs](https://github.com/EvanZhouDev/openai-oauth#sdk-overview) | [GitHub](https://github.com/EvanZhouDev/openai-oauth) | [npm](https://www.npmjs.com/package/@openai-oauth/core)
4
+
5
+ Lowest-level OpenAI OAuth and OpenAI-compatible transport primitives.
6
+
7
+ ```bash
8
+ npm i @openai-oauth/core
9
+ ```
10
+
11
+ Most apps should use `openai-oauth`, `@openai-oauth/local`, `@openai-oauth/react`, `@openai-oauth/ai-sdk`, or `@openai-oauth/openai-client` instead.
12
+
13
+ ## Package Notes
14
+
15
+ `@openai-oauth/core` is for advanced integrations and adapter authors.
16
+
17
+ Create an OpenAI-compatible transport from an explicit auth source:
18
+
19
+ ```ts
20
+ import { createOpenAIOAuthTransport } from "@openai-oauth/core";
21
+
22
+ const transport = createOpenAIOAuthTransport({
23
+ auth: async () => session,
24
+ });
25
+
26
+ const baseURL = transport.baseURL;
27
+ const fetch = transport.fetch;
28
+ ```
29
+
30
+ Create an OAuth request:
31
+
32
+ ```ts
33
+ import { createOpenAIOAuthRequest } from "@openai-oauth/core";
34
+
35
+ const request = await createOpenAIOAuthRequest({
36
+ redirectUri: "https://app.example.com/auth/callback",
37
+ });
38
+ ```
39
+
40
+ Node auth-file helpers are also exported for the CLI and `@openai-oauth/local`.
41
+
42
+ Core exports include:
43
+
44
+ - `createOpenAIOAuthTransport`
45
+ - `createOpenAIOAuthRequest`
46
+ - `createCodexOAuthClient`
47
+ - `exchangeOpenAIOAuthCode`
48
+ - `refreshOpenAIOAuthTokens`
49
+ - `loadAuthTokens`
50
+ - `saveAuthTokens`
51
+ - `resolveCodexAuthFilePath`
52
+ - `OpenAIOAuth`
53
+ - `OpenAIOAuthSession`
54
+ - `SessionStore`
55
+
56
+ ## More
57
+
58
+ [Learn more in the openai-oauth README.](https://github.com/EvanZhouDev/openai-oauth#sdk-overview)
package/dist/auth.d.ts ADDED
@@ -0,0 +1,33 @@
1
+ import { type FetchFunction, type OpenAIOAuthTokenResponse } from "./runtime.js";
2
+ export type EffectiveAuth = {
3
+ accessToken: string;
4
+ accountId: string;
5
+ idToken?: string;
6
+ refreshToken?: string;
7
+ sourcePath?: string;
8
+ lastRefresh?: string;
9
+ };
10
+ export type AuthLoaderOptions = {
11
+ clientId?: string;
12
+ issuer?: string;
13
+ tokenUrl?: string;
14
+ authFilePath?: string;
15
+ fetch: FetchFunction;
16
+ ensureFresh?: boolean;
17
+ now?: () => Date;
18
+ };
19
+ export type SaveAuthTokensOptions = {
20
+ token: OpenAIOAuthTokenResponse;
21
+ authFilePath?: string;
22
+ now?: () => Date;
23
+ };
24
+ export type SavedAuthTokens = {
25
+ path: string;
26
+ auth: EffectiveAuth;
27
+ };
28
+ export declare const shouldRefreshAuthTokens: (auth: Pick<EffectiveAuth, "accessToken" | "lastRefresh">, now?: Date) => boolean;
29
+ export declare const resolveAuthFileCandidates: (authFilePath?: string) => string[];
30
+ export declare const resolveCodexAuthFilePath: (authFilePath?: string) => string;
31
+ export declare const saveAuthTokens: (options: SaveAuthTokensOptions) => Promise<SavedAuthTokens>;
32
+ export declare const loadAuthTokens: (options: AuthLoaderOptions) => Promise<EffectiveAuth>;
33
+ //# sourceMappingURL=auth.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAGA,OAAO,EAIN,KAAK,aAAa,EAClB,KAAK,wBAAwB,EAG7B,MAAM,cAAc,CAAA;AAuBrB,MAAM,MAAM,aAAa,GAAG;IAC3B,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,KAAK,EAAE,aAAa,CAAA;IACpB,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,GAAG,CAAC,EAAE,MAAM,IAAI,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IACnC,KAAK,EAAE,wBAAwB,CAAA;IAC/B,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,GAAG,CAAC,EAAE,MAAM,IAAI,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,aAAa,CAAA;CACnB,CAAA;AAkDD,eAAO,MAAM,uBAAuB,GACnC,MAAM,IAAI,CAAC,aAAa,EAAE,aAAa,GAAG,aAAa,CAAC,EACxD,MAAK,IAAiB,KACpB,OAA4E,CAAA;AAgB/E,eAAO,MAAM,yBAAyB,GAAI,eAAe,MAAM,KAAG,MAAM,EAmBvE,CAAA;AAgFD,eAAO,MAAM,wBAAwB,GAAI,eAAe,MAAM,KAAG,MAUhE,CAAA;AAED,eAAO,MAAM,cAAc,GAC1B,SAAS,qBAAqB,KAC5B,OAAO,CAAC,eAAe,CAsCzB,CAAA;AAyCD,eAAO,MAAM,cAAc,GAC1B,SAAS,iBAAiB,KACxB,OAAO,CAAC,aAAa,CAkFvB,CAAA"}
package/dist/auth.js ADDED
@@ -0,0 +1,242 @@
1
+ import { promises as fs } from "node:fs";
2
+ import os from "node:os";
3
+ import path from "node:path";
4
+ import { DEFAULT_OPENAI_OAUTH_CLIENT_ID, DEFAULT_OPENAI_OAUTH_ISSUER, deriveAccountId, parseJwtClaims, refreshOpenAIOAuthTokens, } from "./runtime.js";
5
+ const DEFAULT_AUTH_CLIENT_ID = process.env.CHATGPT_LOCAL_CLIENT_ID ?? DEFAULT_OPENAI_OAUTH_CLIENT_ID;
6
+ const DEFAULT_AUTH_ISSUER = process.env.CHATGPT_LOCAL_ISSUER ?? DEFAULT_OPENAI_OAUTH_ISSUER;
7
+ const AUTH_FILENAME = "auth.json";
8
+ const REFRESH_EXPIRY_MARGIN_MS = 5 * 60 * 1000;
9
+ const REFRESH_INTERVAL_MS = 55 * 60 * 1000;
10
+ const isRecord = (value) => typeof value === "object" && value !== null && !Array.isArray(value);
11
+ const parseIsoDate = (value) => {
12
+ if (typeof value !== "string" || !value) {
13
+ return undefined;
14
+ }
15
+ const date = new Date(value);
16
+ return Number.isNaN(date.getTime()) ? undefined : date;
17
+ };
18
+ const shouldRefreshAccessToken = (accessToken, lastRefresh, now) => {
19
+ if (typeof accessToken !== "string" || accessToken.length === 0) {
20
+ return true;
21
+ }
22
+ const claims = parseJwtClaims(accessToken);
23
+ const exp = claims && typeof claims.exp === "number" ? claims.exp : undefined;
24
+ if (typeof exp === "number") {
25
+ const expiryMs = exp * 1000;
26
+ if (expiryMs <= now.getTime() + REFRESH_EXPIRY_MARGIN_MS) {
27
+ return true;
28
+ }
29
+ }
30
+ const refreshedAt = parseIsoDate(lastRefresh);
31
+ if (refreshedAt) {
32
+ return refreshedAt.getTime() <= now.getTime() - REFRESH_INTERVAL_MS;
33
+ }
34
+ return false;
35
+ };
36
+ export const shouldRefreshAuthTokens = (auth, now = new Date()) => shouldRefreshAccessToken(auth.accessToken, auth.lastRefresh, now);
37
+ const uniquePaths = (paths) => {
38
+ const seen = new Set();
39
+ const result = [];
40
+ for (const candidate of paths) {
41
+ if (!seen.has(candidate)) {
42
+ seen.add(candidate);
43
+ result.push(candidate);
44
+ }
45
+ }
46
+ return result;
47
+ };
48
+ export const resolveAuthFileCandidates = (authFilePath) => {
49
+ if (typeof authFilePath === "string" && authFilePath.length > 0) {
50
+ return [authFilePath];
51
+ }
52
+ const envHome = process.env.CHATGPT_LOCAL_HOME;
53
+ const codexHome = process.env.CODEX_HOME;
54
+ return uniquePaths([
55
+ authFilePath,
56
+ envHome ? path.join(envHome, AUTH_FILENAME) : undefined,
57
+ codexHome ? path.join(codexHome, AUTH_FILENAME) : undefined,
58
+ path.join(os.homedir(), ".chatgpt-local", AUTH_FILENAME),
59
+ path.join(os.homedir(), ".codex", AUTH_FILENAME),
60
+ ].filter((value) => typeof value === "string" && value.length > 0));
61
+ };
62
+ const resolveWritePath = (preferred) => {
63
+ if (preferred) {
64
+ return preferred;
65
+ }
66
+ const envHome = process.env.CHATGPT_LOCAL_HOME ?? process.env.CODEX_HOME;
67
+ if (envHome) {
68
+ return path.join(envHome, AUTH_FILENAME);
69
+ }
70
+ return path.join(os.homedir(), ".chatgpt-local", AUTH_FILENAME);
71
+ };
72
+ const toAuthFile = (input) => {
73
+ const auth = {};
74
+ const tokensValue = input.tokens;
75
+ if (typeof input.OPENAI_API_KEY === "string" && input.OPENAI_API_KEY) {
76
+ auth.OPENAI_API_KEY = input.OPENAI_API_KEY;
77
+ }
78
+ if (isRecord(tokensValue) && Object.keys(tokensValue).length > 0) {
79
+ auth.tokens = {
80
+ id_token: typeof tokensValue.id_token === "string"
81
+ ? tokensValue.id_token
82
+ : undefined,
83
+ access_token: typeof tokensValue.access_token === "string"
84
+ ? tokensValue.access_token
85
+ : undefined,
86
+ refresh_token: typeof tokensValue.refresh_token === "string"
87
+ ? tokensValue.refresh_token
88
+ : undefined,
89
+ account_id: typeof tokensValue.account_id === "string"
90
+ ? tokensValue.account_id
91
+ : undefined,
92
+ };
93
+ }
94
+ if (typeof input.last_refresh === "string" && input.last_refresh) {
95
+ auth.last_refresh = input.last_refresh;
96
+ }
97
+ return auth;
98
+ };
99
+ const readAuthFile = async (candidates) => {
100
+ for (const candidate of candidates) {
101
+ try {
102
+ const content = await fs.readFile(candidate, "utf-8");
103
+ const parsed = JSON.parse(content);
104
+ if (isRecord(parsed)) {
105
+ return { path: candidate, data: toAuthFile(parsed) };
106
+ }
107
+ }
108
+ catch { }
109
+ }
110
+ return {};
111
+ };
112
+ const ensureDirectory = async (filePath) => {
113
+ await fs.mkdir(path.dirname(filePath), { recursive: true });
114
+ };
115
+ const writeAuthFile = async (filePath, data) => {
116
+ await ensureDirectory(filePath);
117
+ await fs.writeFile(filePath, JSON.stringify(data, null, 2), {
118
+ encoding: "utf-8",
119
+ mode: 0o600,
120
+ });
121
+ };
122
+ export const resolveCodexAuthFilePath = (authFilePath) => {
123
+ if (authFilePath) {
124
+ return authFilePath;
125
+ }
126
+ const codexHome = process.env.CODEX_HOME;
127
+ return path.join(codexHome ?? path.join(os.homedir(), ".codex"), AUTH_FILENAME);
128
+ };
129
+ export const saveAuthTokens = async (options) => {
130
+ const filePath = resolveCodexAuthFilePath(options.authFilePath);
131
+ const existing = (await readAuthFile([filePath])).data ?? {};
132
+ const now = options.now ?? (() => new Date());
133
+ const savedAt = now().toISOString();
134
+ const accountId = options.token.accountId ??
135
+ deriveAccountId(options.token.idToken) ??
136
+ deriveAccountId(options.token.accessToken);
137
+ if (!accountId) {
138
+ throw new Error("ChatGPT account id not found in OpenAI OAuth token response.");
139
+ }
140
+ await writeAuthFile(filePath, {
141
+ ...existing,
142
+ tokens: {
143
+ id_token: options.token.idToken,
144
+ access_token: options.token.accessToken,
145
+ refresh_token: options.token.refreshToken,
146
+ account_id: accountId,
147
+ },
148
+ last_refresh: savedAt,
149
+ });
150
+ return {
151
+ path: filePath,
152
+ auth: {
153
+ accessToken: options.token.accessToken,
154
+ accountId,
155
+ idToken: options.token.idToken,
156
+ refreshToken: options.token.refreshToken,
157
+ sourcePath: filePath,
158
+ lastRefresh: savedAt,
159
+ },
160
+ };
161
+ };
162
+ const refreshChatGptTokens = async (refreshToken, clientId, issuer, tokenUrl, fetchFn) => {
163
+ try {
164
+ const refreshed = await refreshOpenAIOAuthTokens({
165
+ refreshToken,
166
+ clientId,
167
+ issuer,
168
+ tokenUrl,
169
+ fetch: fetchFn,
170
+ });
171
+ return {
172
+ accessToken: refreshed.accessToken,
173
+ idToken: refreshed.idToken,
174
+ refreshToken: refreshed.refreshToken ?? refreshToken,
175
+ accountId: refreshed.accountId,
176
+ };
177
+ }
178
+ catch {
179
+ return undefined;
180
+ }
181
+ };
182
+ const normalizeTokens = (tokens) => {
183
+ const maybeString = (value) => typeof value === "string" && value.length > 0 ? value : undefined;
184
+ return {
185
+ id_token: maybeString(tokens?.id_token),
186
+ access_token: maybeString(tokens?.access_token),
187
+ refresh_token: maybeString(tokens?.refresh_token),
188
+ account_id: maybeString(tokens?.account_id),
189
+ };
190
+ };
191
+ export const loadAuthTokens = async (options) => {
192
+ const { clientId = DEFAULT_AUTH_CLIENT_ID, issuer = DEFAULT_AUTH_ISSUER, tokenUrl, authFilePath, fetch, ensureFresh = true, now = () => new Date(), } = options;
193
+ if (typeof fetch !== "function") {
194
+ throw new Error("A fetch implementation is required to refresh ChatGPT tokens.");
195
+ }
196
+ const readResult = await readAuthFile(resolveAuthFileCandidates(authFilePath));
197
+ const authData = readResult.data ?? {};
198
+ const tokens = normalizeTokens(authData.tokens);
199
+ let accessToken = tokens.access_token;
200
+ let idToken = tokens.id_token;
201
+ let refreshToken = tokens.refresh_token;
202
+ let accountId = tokens.account_id ?? deriveAccountId(idToken);
203
+ let lastRefresh = authData.last_refresh;
204
+ const needsRefresh = ensureFresh &&
205
+ typeof refreshToken === "string" &&
206
+ shouldRefreshAccessToken(accessToken, lastRefresh, now());
207
+ if (needsRefresh && typeof refreshToken === "string") {
208
+ const refreshed = await refreshChatGptTokens(refreshToken, clientId, issuer, tokenUrl, fetch);
209
+ if (refreshed) {
210
+ accessToken = refreshed.accessToken;
211
+ idToken = refreshed.idToken ?? idToken;
212
+ refreshToken = refreshed.refreshToken ?? refreshToken;
213
+ accountId = refreshed.accountId ?? accountId;
214
+ lastRefresh = now().toISOString();
215
+ const writePath = resolveWritePath(readResult.path ?? authFilePath);
216
+ await writeAuthFile(writePath, {
217
+ ...authData,
218
+ tokens: {
219
+ id_token: idToken,
220
+ access_token: accessToken,
221
+ refresh_token: refreshToken,
222
+ account_id: accountId,
223
+ },
224
+ last_refresh: lastRefresh,
225
+ });
226
+ }
227
+ }
228
+ if (typeof accessToken !== "string" || accessToken.length === 0) {
229
+ throw new Error("ChatGPT access token not found. Run `codex login` to create auth.json.");
230
+ }
231
+ if (typeof accountId !== "string" || accountId.length === 0) {
232
+ throw new Error("ChatGPT account id not found in auth.json. Run `codex login` to create auth.json.");
233
+ }
234
+ return {
235
+ accessToken,
236
+ accountId,
237
+ idToken,
238
+ refreshToken,
239
+ sourcePath: readResult.path ?? resolveWritePath(authFilePath),
240
+ lastRefresh,
241
+ };
242
+ };
@@ -0,0 +1,4 @@
1
+ export type { AuthLoaderOptions, EffectiveAuth, SaveAuthTokensOptions, SavedAuthTokens, } from "./auth.js";
2
+ export { loadAuthTokens, resolveAuthFileCandidates, resolveCodexAuthFilePath, saveAuthTokens, shouldRefreshAuthTokens, } from "./auth.js";
3
+ export { type CodexOAuthClient, type CodexOAuthRuntimeSettings, CodexResponsesState, type CodexResponsesStateOptions, type CodexResponsesStateSnapshot, collectCompletedResponseFromSse, createCodexOAuthClient, createCodexOAuthFetch, createOpenAIOAuthRequest, createOpenAIOAuthTransport, DEFAULT_CODEX_BASE_URL, DEFAULT_OPENAI_COMPATIBLE_BASE_URL, DEFAULT_OPENAI_OAUTH_CLIENT_ID, DEFAULT_OPENAI_OAUTH_ISSUER, DEFAULT_OPENAI_OAUTH_SCOPE, deriveAccountId, exchangeOpenAIOAuthCode, type FetchFunction, getDefaultCodexInstructions, iterateServerSentEvents, type NormalizeCodexResponsesBodyOptions, normalizeCodexResponsesBody, type OpenAIOAuth, type OpenAIOAuthRequest, type OpenAIOAuthRequestOptions, type OpenAIOAuthSession, type OpenAIOAuthTokenResponse, type OpenAIOAuthTransport, type OpenAIOAuthTransportOptions, parseJwtClaims, refreshOpenAIOAuthTokens, type SessionStore, usesServerReplayState, } from "./runtime.js";
4
+ //# sourceMappingURL=index.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACX,iBAAiB,EACjB,aAAa,EACb,qBAAqB,EACrB,eAAe,GACf,MAAM,WAAW,CAAA;AAClB,OAAO,EACN,cAAc,EACd,yBAAyB,EACzB,wBAAwB,EACxB,cAAc,EACd,uBAAuB,GACvB,MAAM,WAAW,CAAA;AAClB,OAAO,EACN,KAAK,gBAAgB,EACrB,KAAK,yBAAyB,EAC9B,mBAAmB,EACnB,KAAK,0BAA0B,EAC/B,KAAK,2BAA2B,EAChC,+BAA+B,EAC/B,sBAAsB,EACtB,qBAAqB,EACrB,wBAAwB,EACxB,0BAA0B,EAC1B,sBAAsB,EACtB,kCAAkC,EAClC,8BAA8B,EAC9B,2BAA2B,EAC3B,0BAA0B,EAC1B,eAAe,EACf,uBAAuB,EACvB,KAAK,aAAa,EAClB,2BAA2B,EAC3B,uBAAuB,EACvB,KAAK,kCAAkC,EACvC,2BAA2B,EAC3B,KAAK,WAAW,EAChB,KAAK,kBAAkB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,kBAAkB,EACvB,KAAK,wBAAwB,EAC7B,KAAK,oBAAoB,EACzB,KAAK,2BAA2B,EAChC,cAAc,EACd,wBAAwB,EACxB,KAAK,YAAY,EACjB,qBAAqB,GACrB,MAAM,cAAc,CAAA"}
package/dist/index.js ADDED
@@ -0,0 +1,2 @@
1
+ export { loadAuthTokens, resolveAuthFileCandidates, resolveCodexAuthFilePath, saveAuthTokens, shouldRefreshAuthTokens, } from "./auth.js";
2
+ export { CodexResponsesState, collectCompletedResponseFromSse, createCodexOAuthClient, createCodexOAuthFetch, createOpenAIOAuthRequest, createOpenAIOAuthTransport, DEFAULT_CODEX_BASE_URL, DEFAULT_OPENAI_COMPATIBLE_BASE_URL, DEFAULT_OPENAI_OAUTH_CLIENT_ID, DEFAULT_OPENAI_OAUTH_ISSUER, DEFAULT_OPENAI_OAUTH_SCOPE, deriveAccountId, exchangeOpenAIOAuthCode, getDefaultCodexInstructions, iterateServerSentEvents, normalizeCodexResponsesBody, parseJwtClaims, refreshOpenAIOAuthTokens, usesServerReplayState, } from "./runtime.js";
@@ -0,0 +1,125 @@
1
+ import { CodexResponsesState } from "./state.js";
2
+ export { collectCompletedResponseFromSse, iterateServerSentEvents, type ServerSentEvent, } from "./sse.js";
3
+ export { CodexResponsesState, type CodexResponsesStateOptions, type CodexResponsesStateSnapshot, } from "./state.js";
4
+ export declare const DEFAULT_CODEX_BASE_URL = "https://chatgpt.com/backend-api/codex";
5
+ export declare const DEFAULT_OPENAI_COMPATIBLE_BASE_URL = "https://openai-oauth.local/v1";
6
+ export declare const DEFAULT_OPENAI_OAUTH_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
7
+ export declare const DEFAULT_OPENAI_OAUTH_ISSUER = "https://auth.openai.com";
8
+ export declare const DEFAULT_OPENAI_OAUTH_SCOPE = "openid profile email offline_access";
9
+ export type FetchFunction = typeof fetch;
10
+ export type OpenAIOAuthSession = {
11
+ accessToken: string;
12
+ accountId: string;
13
+ idToken?: string;
14
+ refreshToken?: string;
15
+ expiresAt?: string;
16
+ lastRefresh?: string;
17
+ };
18
+ export type OpenAIOAuthSessionInput = OpenAIOAuthSession | (() => Promise<OpenAIOAuthSession | null | undefined>);
19
+ export type OpenAIOAuth = {
20
+ kind: "openai-oauth";
21
+ getSession(): Promise<OpenAIOAuthSession | null>;
22
+ refreshSession(): Promise<OpenAIOAuthSession | null>;
23
+ baseURL?: string;
24
+ fetch?: FetchFunction;
25
+ headers?: Record<string, string>;
26
+ instructions?: string;
27
+ openAIBaseURL?: string;
28
+ storeResponses?: boolean;
29
+ };
30
+ export type SessionStore = {
31
+ get(): Promise<OpenAIOAuthSession | null>;
32
+ set(session: OpenAIOAuthSession): Promise<void>;
33
+ clear(): Promise<void>;
34
+ };
35
+ export type OpenAIOAuthRequestOptions = {
36
+ clientId?: string;
37
+ issuer?: string;
38
+ redirectUri: string;
39
+ scope?: string;
40
+ state?: string;
41
+ codeVerifier?: string;
42
+ simplifiedFlow?: boolean;
43
+ idTokenAddOrganizations?: boolean;
44
+ extraParams?: Record<string, string | number | boolean | undefined>;
45
+ };
46
+ export type OpenAIOAuthRequest = {
47
+ authorizationUrl: string;
48
+ state: string;
49
+ codeVerifier: string;
50
+ codeChallenge: string;
51
+ redirectUri: string;
52
+ };
53
+ export type OpenAIOAuthTokenResponse = {
54
+ accessToken: string;
55
+ refreshToken?: string;
56
+ idToken?: string;
57
+ expiresIn?: number;
58
+ accountId?: string;
59
+ raw: unknown;
60
+ };
61
+ export type ExchangeOpenAIOAuthCodeOptions = {
62
+ code: string;
63
+ codeVerifier: string;
64
+ redirectUri: string;
65
+ clientId?: string;
66
+ issuer?: string;
67
+ tokenUrl?: string;
68
+ fetch?: FetchFunction;
69
+ signal?: AbortSignal;
70
+ };
71
+ export type RefreshOpenAIOAuthTokensOptions = {
72
+ refreshToken: string;
73
+ clientId?: string;
74
+ issuer?: string;
75
+ tokenUrl?: string;
76
+ fetch?: FetchFunction;
77
+ signal?: AbortSignal;
78
+ };
79
+ export type CodexOAuthRuntimeSettings = {
80
+ auth: OpenAIOAuthSessionInput;
81
+ baseURL?: string;
82
+ fetch?: FetchFunction;
83
+ headers?: Record<string, string>;
84
+ instructions?: string;
85
+ storeResponses?: boolean;
86
+ responsesState?: CodexResponsesState | false;
87
+ };
88
+ export type OpenAIOAuthTransportOptions = CodexOAuthRuntimeSettings & {
89
+ openAIBaseURL?: string;
90
+ };
91
+ export type OpenAIOAuthTransport = {
92
+ kind: "openai-compatible";
93
+ provider: "chatgpt-codex";
94
+ baseURL: string;
95
+ fetch: FetchFunction;
96
+ request: (path: string, init?: RequestInit) => Promise<Response>;
97
+ capabilities: {
98
+ responses: true;
99
+ chatCompletions: true;
100
+ models: true;
101
+ streaming: true;
102
+ };
103
+ };
104
+ export type CodexOAuthClient = {
105
+ baseURL: string;
106
+ fetch: FetchFunction;
107
+ request: (path: string, init?: RequestInit) => Promise<Response>;
108
+ };
109
+ export type NormalizeCodexResponsesBodyOptions = {
110
+ instructions?: string;
111
+ forceStream?: boolean;
112
+ storeResponses?: boolean;
113
+ };
114
+ export declare const usesServerReplayState: (value: Record<string, unknown>) => boolean;
115
+ export declare const parseJwtClaims: (token: string | undefined) => Record<string, unknown> | undefined;
116
+ export declare const deriveAccountId: (idToken: string | undefined) => string | undefined;
117
+ export declare const createOpenAIOAuthRequest: (options: OpenAIOAuthRequestOptions) => Promise<OpenAIOAuthRequest>;
118
+ export declare const exchangeOpenAIOAuthCode: (options: ExchangeOpenAIOAuthCodeOptions) => Promise<OpenAIOAuthTokenResponse>;
119
+ export declare const refreshOpenAIOAuthTokens: (options: RefreshOpenAIOAuthTokensOptions) => Promise<OpenAIOAuthTokenResponse>;
120
+ export declare const getDefaultCodexInstructions: () => string;
121
+ export declare const normalizeCodexResponsesBody: (body: Record<string, unknown>, options?: NormalizeCodexResponsesBodyOptions) => Record<string, unknown>;
122
+ export declare const createCodexOAuthFetch: (settings: CodexOAuthRuntimeSettings) => FetchFunction;
123
+ export declare const createCodexOAuthClient: (settings: CodexOAuthRuntimeSettings) => CodexOAuthClient;
124
+ export declare const createOpenAIOAuthTransport: (settings: OpenAIOAuthTransportOptions) => OpenAIOAuthTransport;
125
+ //# sourceMappingURL=runtime.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"runtime.d.ts","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAA;AAEhD,OAAO,EACN,+BAA+B,EAC/B,uBAAuB,EACvB,KAAK,eAAe,GACpB,MAAM,UAAU,CAAA;AACjB,OAAO,EACN,mBAAmB,EACnB,KAAK,0BAA0B,EAC/B,KAAK,2BAA2B,GAChC,MAAM,YAAY,CAAA;AAInB,eAAO,MAAM,sBAAsB,0CAA0C,CAAA;AAC7E,eAAO,MAAM,kCAAkC,kCACf,CAAA;AAChC,eAAO,MAAM,8BAA8B,iCAAiC,CAAA;AAC5E,eAAO,MAAM,2BAA2B,4BAA4B,CAAA;AACpE,eAAO,MAAM,0BAA0B,wCAAwC,CAAA;AAG/E,MAAM,MAAM,aAAa,GAAG,OAAO,KAAK,CAAA;AAExC,MAAM,MAAM,kBAAkB,GAAG;IAChC,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,uBAAuB,GAChC,kBAAkB,GAClB,CAAC,MAAM,OAAO,CAAC,kBAAkB,GAAG,IAAI,GAAG,SAAS,CAAC,CAAC,CAAA;AAEzD,MAAM,MAAM,WAAW,GAAG;IACzB,IAAI,EAAE,cAAc,CAAA;IACpB,UAAU,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAA;IAChD,cAAc,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAA;IACpD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,KAAK,CAAC,EAAE,aAAa,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAChC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IAC1B,GAAG,IAAI,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAA;IACzC,GAAG,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC/C,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,uBAAuB,CAAC,EAAE,OAAO,CAAA;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC,CAAA;CACnE,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAChC,gBAAgB,EAAE,MAAM,CAAA;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,MAAM,MAAM,wBAAwB,GAAG;IACtC,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,GAAG,EAAE,OAAO,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,8BAA8B,GAAG;IAC5C,IAAI,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;IACpB,WAAW,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,aAAa,CAAA;IACrB,MAAM,CAAC,EAAE,WAAW,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,+BAA+B,GAAG;IAC7C,YAAY,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,aAAa,CAAA;IACrB,MAAM,CAAC,EAAE,WAAW,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG;IACvC,IAAI,EAAE,uBAAuB,CAAA;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,KAAK,CAAC,EAAE,aAAa,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAChC,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,cAAc,CAAC,EAAE,mBAAmB,GAAG,KAAK,CAAA;CAC5C,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG,yBAAyB,GAAG;IACrE,aAAa,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG;IAClC,IAAI,EAAE,mBAAmB,CAAA;IACzB,QAAQ,EAAE,eAAe,CAAA;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,aAAa,CAAA;IACpB,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAA;IAChE,YAAY,EAAE;QACb,SAAS,EAAE,IAAI,CAAA;QACf,eAAe,EAAE,IAAI,CAAA;QACrB,MAAM,EAAE,IAAI,CAAA;QACZ,SAAS,EAAE,IAAI,CAAA;KACf,CAAA;CACD,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,aAAa,CAAA;IACpB,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAA;CAChE,CAAA;AAUD,MAAM,MAAM,kCAAkC,GAAG;IAChD,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,cAAc,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAkCD,eAAO,MAAM,qBAAqB,GACjC,OAAO,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,OAeF,CAAA;AAaD,eAAO,MAAM,cAAc,GAC1B,OAAO,MAAM,GAAG,SAAS,KACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAkB5B,CAAA;AAED,eAAO,MAAM,eAAe,GAC3B,SAAS,MAAM,GAAG,SAAS,KACzB,MAAM,GAAG,SA+BX,CAAA;AAmED,eAAO,MAAM,wBAAwB,GACpC,SAAS,yBAAyB,KAChC,OAAO,CAAC,kBAAkB,CA4C5B,CAAA;AAED,eAAO,MAAM,uBAAuB,GACnC,SAAS,8BAA8B,KACrC,OAAO,CAAC,wBAAwB,CAahC,CAAA;AAEH,eAAO,MAAM,wBAAwB,GACpC,SAAS,+BAA+B,KACtC,OAAO,CAAC,wBAAwB,CAYhC,CAAA;AAsGH,eAAO,MAAM,2BAA2B,QAAO,MACpB,CAAA;AAE3B,eAAO,MAAM,2BAA2B,GACvC,MAAM,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,UAAS,kCAAuC,KAC9C,MAAM,CAAC,MAAM,EAAE,OAAO,CAmBxB,CAAA;AA8FD,eAAO,MAAM,qBAAqB,GACjC,UAAU,yBAAyB,KACjC,aA8CF,CAAA;AAcD,eAAO,MAAM,sBAAsB,GAClC,UAAU,yBAAyB,KACjC,gBAUF,CAAA;AAED,eAAO,MAAM,0BAA0B,GACtC,UAAU,2BAA2B,KACnC,oBAkBF,CAAA"}