npm - @ottocode/sdk - Versions diffs - 0.1.311 → 0.1.313 - Mend

@ottocode/sdk 0.1.311 → 0.1.313

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/package.json +2 -2
package/src/auth/src/index.ts +9 -0
package/src/auth/src/kimi-oauth.ts +196 -0
package/src/config/src/index.ts +27 -3
package/src/config/src/manager.ts +13 -1
package/src/core/src/providers/resolver.ts +5 -3
package/src/index.ts +19 -2
package/src/providers/src/catalog-manual.ts +19 -0
package/src/providers/src/catalog.ts +257 -144
package/src/providers/src/env.ts +15 -2
package/src/providers/src/index.ts +9 -2
package/src/providers/src/model-merge.ts +27 -0
package/src/providers/src/moonshot-client.ts +116 -8
package/src/providers/src/registry.ts +54 -15
package/src/providers/src/utils.ts +23 -10
package/src/providers/src/validate.ts +10 -6

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@ottocode/sdk",
-	"version": "0.1.311",
+	"version": "0.1.313",
 	"description": "AI agent SDK for building intelligent assistants - tree-shakable and comprehensive",
 	"author": "nitishxyz",
 	"license": "MIT",
@@ -109,7 +109,7 @@
 		"@modelcontextprotocol/sdk": "1.27.1",
 		"@openauthjs/openauth": "0.4.3",
 		"@openrouter/ai-sdk-provider": "1.5.4",
-		"@ottorouter/ai-sdk": "0.2.6",
+		"@ottorouter/ai-sdk": "0.2.7",
 		"@solana/web3.js": "1.98.4",
 		"ai": "6.0.199",
 		"ai-sdk-ollama": "3.8.3",

package/src/auth/src/index.ts CHANGED Viewed

@@ -97,6 +97,15 @@ export {
 	type XaiOAuthTokens,
 } from './xai-oauth.ts';
+export {
+	refreshKimiToken,
+	requestKimiDeviceCode,
+	pollKimiDeviceCodeOnce,
+	type KimiOAuthTokens,
+	type KimiDeviceCodeResponse,
+	type KimiDevicePollResult,
+} from './kimi-oauth.ts';
 export {
 	generateWallet,
 	importWallet,

package/src/auth/src/kimi-oauth.ts ADDED Viewed

@@ -0,0 +1,196 @@
+const KIMI_CODE_OAUTH_CLIENT_ID = '17e5f671-d194-4dfb-9706-5516cb48c098';
+function kimiOAuthHost(): string {
+	return (
+		process.env.KIMI_CODE_OAUTH_HOST ??
+		process.env.KIMI_OAUTH_HOST ??
+		'https://auth.kimi.com'
+	);
+}
+/** Kimi Code OAuth tokens normalized to otto's OAuth shape (expires in epoch ms). */
+export type KimiOAuthTokens = {
+	access: string;
+	refresh: string;
+	expires: number;
+	scopes?: string;
+};
+/** Response from a Kimi Code OAuth device authorization request. */
+export type KimiDeviceCodeResponse = {
+	userCode: string;
+	deviceCode: string;
+	verificationUri: string;
+	interval: number;
+	expiresIn: number | null;
+};
+/** Result of a single Kimi device-code token poll attempt. */
+export type KimiDevicePollResult =
+	| { status: 'complete'; tokens: KimiOAuthTokens }
+	| { status: 'pending' }
+	| { status: 'error'; error: string };
+/**
+ * Request a Kimi Code OAuth device authorization code.
+ *
+ * Mirrors the kimi-cli device flow: form-encoded POST to
+ * `https://auth.kimi.com/api/oauth/device_authorization` with `client_id`.
+ */
+export async function requestKimiDeviceCode(): Promise<KimiDeviceCodeResponse> {
+	const response = await fetch(
+		`${kimiOAuthHost().replace(/\/$/, '')}/api/oauth/device_authorization`,
+		{
+			method: 'POST',
+			headers: {
+				'Content-Type': 'application/x-www-form-urlencoded',
+				Accept: 'application/json',
+			},
+			body: new URLSearchParams({
+				client_id: KIMI_CODE_OAUTH_CLIENT_ID,
+			}).toString(),
+		},
+	);
+	const data = (await response.json().catch(() => ({}))) as Record<
+		string,
+		unknown
+	>;
+	if (!response.ok) {
+		throw new Error(
+			`Kimi OAuth device authorization failed (${response.status})`,
+		);
+	}
+	const userCode = data.user_code;
+	const deviceCode = data.device_code;
+	const verificationUriComplete = data.verification_uri_complete;
+	if (
+		typeof userCode !== 'string' ||
+		typeof deviceCode !== 'string' ||
+		typeof verificationUriComplete !== 'string'
+	) {
+		throw new Error('Kimi OAuth device authorization response was incomplete.');
+	}
+	return {
+		userCode,
+		deviceCode,
+		verificationUri: verificationUriComplete,
+		interval: Number(data.interval ?? 5),
+		expiresIn:
+			data.expires_in === undefined || data.expires_in === null
+				? null
+				: Number(data.expires_in),
+	};
+}
+/**
+ * Poll the Kimi Code OAuth token endpoint once for a device-code grant.
+ *
+ * Returns `pending` while authorization is outstanding (including
+ * `slow_down`), `complete` with normalized tokens on success, and `error`
+ * for terminal failures such as `expired_token` or `access_denied`.
+ */
+export async function pollKimiDeviceCodeOnce(
+	deviceCode: string,
+): Promise<KimiDevicePollResult> {
+	const response = await fetch(
+		`${kimiOAuthHost().replace(/\/$/, '')}/api/oauth/token`,
+		{
+			method: 'POST',
+			headers: {
+				'Content-Type': 'application/x-www-form-urlencoded',
+				Accept: 'application/json',
+			},
+			body: new URLSearchParams({
+				client_id: KIMI_CODE_OAUTH_CLIENT_ID,
+				device_code: deviceCode,
+				grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
+			}).toString(),
+		},
+	);
+	const data = (await response.json().catch(() => ({}))) as Record<
+		string,
+		unknown
+	>;
+	if (response.ok && typeof data.access_token === 'string') {
+		const expiresIn = Number(data.expires_in ?? 0);
+		return {
+			status: 'complete',
+			tokens: {
+				access: data.access_token,
+				refresh:
+					typeof data.refresh_token === 'string' ? data.refresh_token : '',
+				expires: Date.now() + expiresIn * 1000,
+				scopes: typeof data.scope === 'string' ? data.scope : undefined,
+			},
+		};
+	}
+	const errorCode =
+		typeof data.error === 'string' ? data.error : 'unknown_error';
+	if (errorCode === 'authorization_pending' || errorCode === 'slow_down') {
+		return { status: 'pending' };
+	}
+	if (errorCode === 'expired_token') {
+		return { status: 'error', error: 'Kimi OAuth code expired.' };
+	}
+	if (errorCode === 'access_denied') {
+		return { status: 'error', error: 'Kimi OAuth access denied.' };
+	}
+	return {
+		status: 'error',
+		error: `Kimi OAuth token polling failed: ${errorCode}`,
+	};
+}
+/**
+ * Refresh a Kimi Code OAuth access token using the refresh_token grant.
+ *
+ * Mirrors the official kimi-cli flow: form-encoded POST to
+ * `https://auth.kimi.com/api/oauth/token` with `client_id`,
+ * `grant_type=refresh_token`, and `refresh_token`. Kimi rotates refresh
+ * tokens on every refresh, so callers must persist the returned tokens.
+ */
+export async function refreshKimiToken(
+	refreshToken: string,
+): Promise<KimiOAuthTokens> {
+	const response = await fetch(
+		`${kimiOAuthHost().replace(/\/$/, '')}/api/oauth/token`,
+		{
+			method: 'POST',
+			headers: {
+				'Content-Type': 'application/x-www-form-urlencoded',
+				Accept: 'application/json',
+			},
+			body: new URLSearchParams({
+				client_id: KIMI_CODE_OAUTH_CLIENT_ID,
+				grant_type: 'refresh_token',
+				refresh_token: refreshToken,
+			}).toString(),
+		},
+	);
+	const data = (await response.json().catch(() => ({}))) as Record<
+		string,
+		unknown
+	>;
+	if (!response.ok || typeof data.access_token !== 'string') {
+		const description =
+			typeof data.error_description === 'string'
+				? data.error_description
+				: `HTTP ${response.status}`;
+		if (response.status === 401 || response.status === 403) {
+			throw new Error(
+				`Kimi OAuth refresh token rejected (${description}). Run \`otto auth login kimi\` again.`,
+			);
+		}
+		throw new Error(`Kimi OAuth token refresh failed: ${description}`);
+	}
+	const expiresIn = Number(data.expires_in ?? 0);
+	return {
+		access: data.access_token,
+		refresh:
+			typeof data.refresh_token === 'string' && data.refresh_token
+				? data.refresh_token
+				: refreshToken,
+		expires: Date.now() + expiresIn * 1000,
+		scopes: typeof data.scope === 'string' ? data.scope : undefined,
+	};
+}

package/src/config/src/index.ts CHANGED Viewed

@@ -51,6 +51,12 @@ const DEFAULTS: {
 	providers: DEFAULT_PROVIDER_SETTINGS,
 };
+const LOCAL_DEFAULT_OVERRIDE_KEYS = [
+	'agent',
+	'provider',
+	'model',
+] satisfies Array<keyof OttoConfig['defaults']>;
 export async function loadConfig(
 	projectRootInput?: string,
 ): Promise<OttoConfig> {
@@ -72,7 +78,7 @@ export async function loadConfig(
 		DEFAULTS,
 		globalCfg,
 		globalSkillsCfg ? { skills: globalSkillsCfg } : undefined,
-		omitGlobalOnlySettings(projectCfg),
+		filterProjectConfig(projectCfg),
 	);
 	await ensureDir(dataDir);
@@ -97,14 +103,32 @@ export async function loadConfig(
 type JsonObject = Record<string, unknown>;
-function omitGlobalOnlySettings(
+function filterProjectConfig(
 	config: JsonObject | undefined,
 ): JsonObject | undefined {
 	if (!config) return undefined;
-	const { providers: _providers, skills: _skills, ...rest } = config;
+	const { providers: _providers, skills: _skills, defaults, ...rest } = config;
+	const localDefaults = pickLocalDefaults(defaults);
+	if (localDefaults) {
+		return { ...rest, defaults: localDefaults };
+	}
 	return rest;
 }
+function pickLocalDefaults(defaults: unknown): JsonObject | undefined {
+	if (!defaults || typeof defaults !== 'object' || Array.isArray(defaults)) {
+		return undefined;
+	}
+	const source = defaults as JsonObject;
+	const picked: JsonObject = {};
+	for (const key of LOCAL_DEFAULT_OVERRIDE_KEYS) {
+		if (Object.hasOwn(source, key)) {
+			picked[key] = source[key];
+		}
+	}
+	return Object.keys(picked).length > 0 ? picked : undefined;
+}
 async function readJsonOptional(file: string): Promise<JsonObject | undefined> {
 	const f = Bun.file(file);
 	if (!(await f.exists())) return undefined;

package/src/config/src/manager.ts CHANGED Viewed

@@ -28,6 +28,8 @@ import {
 export type Scope = 'global' | 'local';
+const LOCAL_DEFAULT_UPDATE_KEYS = new Set(['agent', 'provider', 'model']);
 export type DebugConfig = {
 	enabled: boolean;
 	scopes: string[];
@@ -95,6 +97,16 @@ export async function writeDefaults(
 	}>,
 	projectRoot?: string,
 ) {
+	const scopedUpdates =
+		scope === 'local'
+			? (Object.fromEntries(
+					Object.entries(updates).filter(([key]) =>
+						LOCAL_DEFAULT_UPDATE_KEYS.has(key),
+					),
+				) as typeof updates)
+			: updates;
+	if (Object.keys(scopedUpdates).length === 0) return;
 	const filePath = getConfigFilePath(scope, projectRoot);
 	const existing = await readJsonFile(filePath);
 	const prevDefaults =
@@ -103,7 +115,7 @@ export async function writeDefaults(
 			: {};
 	const next = {
 		...existing,
-		defaults: { ...prevDefaults, ...updates },
+		defaults: { ...prevDefaults, ...scopedUpdates },
 	};
 	await writeConfigFile(filePath, next);
 }

package/src/core/src/providers/resolver.ts CHANGED Viewed

@@ -7,7 +7,7 @@ import { createOpenAICompatible } from '@ai-sdk/openai-compatible';
 import {
 	catalog,
 	createMinimaxModel,
-	createMoonshotModel,
+	createKimiModel,
 	createOttoRouterModel,
 	createOpenAIOAuthModel,
 	createXaiModel,
@@ -34,6 +34,7 @@ export type ProviderName =
 	| 'zai'
 	| 'zai-coding'
 	| 'moonshot'
+	| 'kimi'
 	| 'minimax';
 export type ModelConfig = {
@@ -221,10 +222,11 @@ export async function resolveModel(
 		});
 	}
-	if (provider === 'moonshot') {
-		return createMoonshotModel(model, {
+	if (provider === 'moonshot' || provider === 'kimi') {
+		return createKimiModel(model, {
 			apiKey: config.apiKey,
 			baseURL: config.baseURL,
+			oauth: config.oauth,
 		});
 	}

package/src/index.ts CHANGED Viewed

@@ -160,8 +160,15 @@ export {
 export type { OpenRouterProviderConfig } from './providers/src/index.ts';
 export { createOpencodeModel } from './providers/src/index.ts';
 export type { OpencodeProviderConfig } from './providers/src/index.ts';
-export { createMoonshotModel } from './providers/src/index.ts';
-export type { MoonshotProviderConfig } from './providers/src/index.ts';
+export {
+	createKimiModel,
+	createMoonshotModel,
+	readKimiApiKeyFromEnv,
+} from './providers/src/index.ts';
+export type {
+	KimiProviderConfig,
+	MoonshotProviderConfig,
+} from './providers/src/index.ts';
 export { createMinimaxModel } from './providers/src/index.ts';
 export type { MinimaxProviderConfig } from './providers/src/index.ts';
 export {
@@ -211,6 +218,16 @@ export {
 	readGrokCliAuth,
 } from './auth/src/index.ts';
 export type { XaiOAuthResult, XaiOAuthTokens } from './auth/src/index.ts';
+export {
+	refreshKimiToken,
+	requestKimiDeviceCode,
+	pollKimiDeviceCodeOnce,
+} from './auth/src/index.ts';
+export type {
+	KimiOAuthTokens,
+	KimiDeviceCodeResponse,
+	KimiDevicePollResult,
+} from './auth/src/index.ts';
 export {
 	generateWallet,
 	importWallet,

package/src/providers/src/catalog-manual.ts CHANGED Viewed

@@ -154,6 +154,21 @@ export function appendXaiGrokCliModels<T extends { models: ModelInfo[] }>(
 	return { ...entry, models: [...mergedModels, ...missingModels] };
 }
+export function applyOfficialKimiCatalogMetadata<
+	T extends ProviderCatalogEntry,
+>(entry: T | undefined): T | undefined {
+	if (!entry) return undefined;
+	const env = Array.from(
+		new Set(['KIMI_API_KEY', 'MOONSHOT_API_KEY', ...(entry.env ?? [])]),
+	);
+	return {
+		...entry,
+		label: entry.label === 'Moonshot AI' ? 'Kimi' : entry.label,
+		env,
+		doc: 'https://platform.kimi.ai/docs/api/overview.md',
+	};
+}
 export function mergeManualCatalog(
 	base: CatalogMap,
 ): Record<BuiltInProviderId, ProviderCatalogEntry> {
@@ -167,6 +182,10 @@ export function mergeManualCatalog(
 	if (xaiEntry) {
 		merged.xai = xaiEntry;
 	}
+	const moonshotEntry = applyOfficialKimiCatalogMetadata(merged.moonshot);
+	if (moonshotEntry) {
+		merged.moonshot = moonshotEntry;
+	}
 	if (manualEntry) {
 		merged[OTTOROUTER_ID] = manualEntry;
 	}