@ottocode/server 0.1.244 → 0.1.246

package/src/routes/config/utils.ts

@@ -1,5 +1,9 @@
 import {
-	catalog,
+	getConfiguredProviderApiKey,
+	getConfiguredProviderIds,
+	getConfiguredProviderModels,
+	getProviderDefinition,
+	getProviderSettings,
 	type ProviderId,
 	isProviderAuthorized,
 	getGlobalAgentsDir,
@@ -11,6 +15,23 @@ import type { EmbeddedAppConfig } from '../../index.ts';
 import type { OttoConfig } from '@ottocode/sdk';
 import { loadAgentsConfig } from '../../runtime/agent/registry.ts';
 
+export type ProviderDetail = {
+	id: string;
+	label: string;
+	source: 'built-in' | 'custom';
+	enabled: boolean;
+	authorized: boolean;
+	custom: boolean;
+	compatibility?: string;
+	family?: string;
+	baseURL?: string;
+	apiKeyEnv?: string;
+	hasApiKey: boolean;
+	allowAnyModel: boolean;
+	modelCount: number;
+	authType?: 'api' | 'oauth' | 'wallet';
+};
+
 export async function isProviderAuthorizedHybrid(
 	embeddedConfig: EmbeddedAppConfig | undefined,
 	fileConfig: OttoConfig,
@@ -31,7 +52,7 @@ export async function getAuthorizedProviders(
 	embeddedConfig: EmbeddedAppConfig | undefined,
 	fileConfig: OttoConfig,
 ): Promise<ProviderId[]> {
-	const allProviders = Object.keys(catalog) as ProviderId[];
+	const allProviders = getConfiguredProviderIds(fileConfig);
 	const authorizedProviders: ProviderId[] = [];
 
 	for (const provider of allProviders) {
@@ -48,6 +69,55 @@ export async function getAuthorizedProviders(
 	return authorizedProviders;
 }
 
+export async function getProviderDetails(
+	embeddedConfig: EmbeddedAppConfig | undefined,
+	fileConfig: OttoConfig,
+): Promise<ProviderDetail[]> {
+	const providers = Array.from(
+		new Set<ProviderId>([
+			...getConfiguredProviderIds(fileConfig, { includeDisabled: true }),
+			...(embeddedConfig?.provider ? [embeddedConfig.provider] : []),
+			...((embeddedConfig?.auth
+				? (Object.keys(embeddedConfig.auth) as ProviderId[])
+				: []) as ProviderId[]),
+		]),
+	);
+	const details = await Promise.all(
+		providers.map(async (provider) => {
+			const definition = getProviderDefinition(fileConfig, provider);
+			if (!definition) return null;
+			const settings = getProviderSettings(fileConfig, provider);
+			const authorized = await isProviderAuthorizedHybrid(
+				embeddedConfig,
+				fileConfig,
+				provider,
+			);
+			const authType = await getAuthTypeForProvider(
+				embeddedConfig,
+				provider,
+				fileConfig.projectRoot,
+			);
+			return {
+				id: provider,
+				label: definition.label,
+				source: definition.source,
+				enabled: settings?.enabled !== false,
+				authorized,
+				custom: definition.source === 'custom',
+				compatibility: definition.compatibility,
+				family: definition.family,
+				baseURL: definition.baseURL,
+				apiKeyEnv: definition.apiKeyEnv,
+				hasApiKey: Boolean(getConfiguredProviderApiKey(fileConfig, provider)),
+				allowAnyModel: definition.allowAnyModel,
+				modelCount: getConfiguredProviderModels(fileConfig, provider).length,
+				authType,
+			} satisfies ProviderDetail;
+		}),
+	);
+	return details.filter((detail): detail is ProviderDetail => Boolean(detail));
+}
+
 export function getDefault<T>(
 	embeddedValue: T | undefined,
 	embeddedDefaultValue: T | undefined,

package/src/routes/doctor.ts

@@ -2,7 +2,10 @@ import type { Hono } from 'hono';
 import { readdir } from 'node:fs/promises';
 import {
 	readConfig,
-	isAuthorized,
+	isProviderAuthorized,
+	getConfiguredProviderApiKey,
+	getConfiguredProviderEnvVar,
+	getConfiguredProviderIds,
 	buildFsTools,
 	buildGitTools,
 	getSecureAuthPath,
@@ -11,27 +14,8 @@ import {
 	getGlobalCommandsDir,
 	logger,
 } from '@ottocode/sdk';
-import type { ProviderId } from '@ottocode/sdk';
 import { serializeError } from '../runtime/errors/api-error.ts';
 
-const PROVIDERS: ProviderId[] = [
-	'openai',
-	'anthropic',
-	'google',
-	'openrouter',
-	'opencode',
-	'setu',
-];
-
-function providerEnvVar(p: ProviderId): string | null {
-	if (p === 'openai') return 'OPENAI_API_KEY';
-	if (p === 'anthropic') return 'ANTHROPIC_API_KEY';
-	if (p === 'google') return 'GOOGLE_GENERATIVE_AI_API_KEY';
-	if (p === 'opencode') return 'OPENCODE_API_KEY';
-	if (p === 'setu') return 'SETU_PRIVATE_KEY';
-	return null;
-}
-
 async function fileExists(path: string | null): Promise<boolean> {
 	if (!path) return false;
 	try {
@@ -66,11 +50,14 @@ export function registerDoctorRoutes(app: Hono) {
 		try {
 			const projectRoot = c.req.query('project') || process.cwd();
 			const { cfg, auth } = await readConfig(projectRoot);
+			const configuredProviders = getConfiguredProviderIds(cfg, {
+				includeDisabled: true,
+			});
 
 			const providers = await Promise.all(
-				PROVIDERS.map(async (id) => {
-					const ok = await isAuthorized(id, projectRoot);
-					const envVar = providerEnvVar(id);
+				configuredProviders.map(async (id) => {
+					const ok = await isProviderAuthorized(cfg, id);
+					const envVar = getConfiguredProviderEnvVar(cfg, id) ?? null;
 					const envConfigured = envVar ? !!process.env[envVar] : false;
 
 					const globalAuthPath = getSecureAuthPath();
@@ -104,7 +91,8 @@ export function registerDoctorRoutes(app: Hono) {
 						envConfigured ||
 						hasGlobalAuth ||
 						cfg.defaults.provider === id ||
-						hasStoredSecret;
+						hasStoredSecret ||
+						Boolean(getConfiguredProviderApiKey(cfg, id));
 
 					return { id, ok, configured, sources };
 				}),
@@ -114,9 +102,9 @@ export function registerDoctorRoutes(app: Hono) {
 				agent: cfg.defaults.agent,
 				provider: cfg.defaults.provider,
 				model: cfg.defaults.model,
-				providerAuthorized: await isAuthorized(
-					cfg.defaults.provider as ProviderId,
-					projectRoot,
+				providerAuthorized: await isProviderAuthorized(
+					cfg,
+					cfg.defaults.provider,
 				),
 			};
 

package/src/routes/git/commit.ts

@@ -4,7 +4,12 @@ import { promisify } from 'node:util';
 import { generateText, streamText } from 'ai';
 import { eq } from 'drizzle-orm';
 import type { ProviderId } from '@ottocode/sdk';
-import { loadConfig, getAuth, getFastModelForAuth } from '@ottocode/sdk';
+import {
+	loadConfig,
+	getAuth,
+	getFastModelForAuth,
+	getProviderDefinition,
+} from '@ottocode/sdk';
 import { getDb } from '@ottocode/database';
 import { sessions } from '@ottocode/database/schema';
 import { gitCommitSchema, gitGenerateCommitMessageSchema } from './schemas.ts';
@@ -108,25 +113,31 @@ export function registerCommitRoutes(app: Hono) {
 			const config = await loadConfig();
 
 			let provider = (config.defaults?.provider || 'anthropic') as ProviderId;
+			let currentModel = config.defaults?.model ?? 'claude-3-5-sonnet-20241022';
 
 			if (sessionId) {
 				const db = await getDb();
 				const [session] = await db
-					.select({ provider: sessions.provider })
+					.select({ provider: sessions.provider, model: sessions.model })
 					.from(sessions)
 					.where(eq(sessions.id, sessionId));
 				if (session?.provider) {
 					provider = session.provider as ProviderId;
 				}
+				if (session?.model) {
+					currentModel = session.model;
+				}
 			}
 
 			const auth = await getAuth(provider, config.projectRoot);
 			const oauth = detectOAuth(provider, auth);
+			const providerDefinition = getProviderDefinition(config, provider);
 
 			const modelId =
-				getFastModelForAuth(provider, auth?.type) ??
-				config.defaults?.model ??
-				'claude-3-5-sonnet-20241022';
+				providerDefinition?.source === 'custom' ||
+				providerDefinition?.compatibility === 'ollama'
+					? currentModel
+					: (getFastModelForAuth(provider, auth?.type) ?? currentModel);
 			const model = await resolveModel(provider, modelId, config);
 
 			const userPrompt = `Generate a commit message for these git changes.

package/src/routes/{setu.ts → ottorouter.ts}

@@ -1,6 +1,6 @@
 import type { Hono } from 'hono';
 import {
-	fetchSetuBalance,
+	fetchOttoRouterBalance,
 	getPublicKeyFromPrivate,
 	getAuth,
 	loadConfig,
@@ -18,23 +18,23 @@ import {
 	type TopupMethod,
 } from '../runtime/topup/manager.ts';
 
-const SETU_BASE_URL =
-	process.env.SETU_BASE_URL || 'https://api.setu.ottocode.io';
+const OTTOROUTER_BASE_URL =
+	process.env.OTTOROUTER_BASE_URL || 'https://api.ottorouter.org';
 
-function getSetuBaseUrl(): string {
-	return SETU_BASE_URL.endsWith('/')
-		? SETU_BASE_URL.slice(0, -1)
-		: SETU_BASE_URL;
+function getOttoRouterBaseUrl(): string {
+	return OTTOROUTER_BASE_URL.endsWith('/')
+		? OTTOROUTER_BASE_URL.slice(0, -1)
+		: OTTOROUTER_BASE_URL;
 }
 
-async function getSetuPrivateKey(): Promise<string | null> {
-	if (process.env.SETU_PRIVATE_KEY) {
-		return process.env.SETU_PRIVATE_KEY;
+async function getOttoRouterPrivateKey(): Promise<string | null> {
+	if (process.env.OTTOROUTER_PRIVATE_KEY) {
+		return process.env.OTTOROUTER_PRIVATE_KEY;
 	}
 
 	try {
 		const cfg = await loadConfig(process.cwd());
-		const auth = await getAuth('setu', cfg.projectRoot);
+		const auth = await getAuth('ottorouter', cfg.projectRoot);
 		if (auth?.type === 'wallet' && auth.secret) {
 			return auth.secret;
 		}
@@ -62,33 +62,36 @@ function buildWalletHeaders(privateKey: string): Record<string, string> {
 	};
 }
 
-export function registerSetuRoutes(app: Hono) {
-	app.get('/v1/setu/balance', async (c) => {
+export function registerOttoRouterRoutes(app: Hono) {
+	app.get('/v1/ottorouter/balance', async (c) => {
 		try {
-			const privateKey = await getSetuPrivateKey();
+			const privateKey = await getOttoRouterPrivateKey();
 			if (!privateKey) {
-				return c.json({ error: 'Setu wallet not configured' }, 401);
+				return c.json({ error: 'OttoRouter wallet not configured' }, 401);
 			}
 
-			const balance = await fetchSetuBalance({ privateKey });
+			const balance = await fetchOttoRouterBalance({ privateKey });
 			if (!balance) {
-				return c.json({ error: 'Failed to fetch balance from Setu' }, 502);
+				return c.json(
+					{ error: 'Failed to fetch balance from OttoRouter' },
+					502,
+				);
 			}
 
 			return c.json(balance);
 		} catch (error) {
-			logger.error('Failed to fetch Setu balance', error);
+			logger.error('Failed to fetch OttoRouter balance', error);
 			const errorResponse = serializeError(error);
 			return c.json(errorResponse, errorResponse.error.status || 500);
 		}
 	});
 
-	app.get('/v1/setu/wallet', async (c) => {
+	app.get('/v1/ottorouter/wallet', async (c) => {
 		try {
-			const privateKey = await getSetuPrivateKey();
+			const privateKey = await getOttoRouterPrivateKey();
 			if (!privateKey) {
 				return c.json(
-					{ error: 'Setu wallet not configured', configured: false },
+					{ error: 'OttoRouter wallet not configured', configured: false },
 					200,
 				);
 			}
@@ -103,17 +106,17 @@ export function registerSetuRoutes(app: Hono) {
 				publicKey,
 			});
 		} catch (error) {
-			logger.error('Failed to get Setu wallet info', error);
+			logger.error('Failed to get OttoRouter wallet info', error);
 			const errorResponse = serializeError(error);
 			return c.json(errorResponse, errorResponse.error.status || 500);
 		}
 	});
 
-	app.get('/v1/setu/usdc-balance', async (c) => {
+	app.get('/v1/ottorouter/usdc-balance', async (c) => {
 		try {
-			const privateKey = await getSetuPrivateKey();
+			const privateKey = await getOttoRouterPrivateKey();
 			if (!privateKey) {
-				return c.json({ error: 'Setu wallet not configured' }, 401);
+				return c.json({ error: 'OttoRouter wallet not configured' }, 401);
 			}
 
 			const publicKey = getPublicKeyFromPrivate(privateKey);
@@ -121,7 +124,7 @@ export function registerSetuRoutes(app: Hono) {
 				return c.json({ error: 'Invalid private key' }, 400);
 			}
 
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 			const response = await fetch(
 				`${baseUrl}/v1/wallet/${publicKey}/balances?limit=100&showNative=false&showNfts=false&showZeroBalance=false`,
 				{
@@ -161,14 +164,14 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.get('/v1/setu/topup/polar/estimate', async (c) => {
+	app.get('/v1/ottorouter/topup/polar/estimate', async (c) => {
 		try {
 			const amount = c.req.query('amount');
 			if (!amount) {
 				return c.json({ error: 'Missing amount parameter' }, 400);
 			}
 
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 			const response = await fetch(
 				`${baseUrl}/v1/topup/polar/estimate?amount=${amount}`,
 				{
@@ -190,11 +193,11 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.post('/v1/setu/topup/polar', async (c) => {
+	app.post('/v1/ottorouter/topup/polar', async (c) => {
 		try {
-			const privateKey = await getSetuPrivateKey();
+			const privateKey = await getOttoRouterPrivateKey();
 			if (!privateKey) {
-				return c.json({ error: 'Setu wallet not configured' }, 401);
+				return c.json({ error: 'OttoRouter wallet not configured' }, 401);
 			}
 
 			const body = await c.req.json();
@@ -212,7 +215,7 @@ export function registerSetuRoutes(app: Hono) {
 			}
 
 			const walletHeaders = buildWalletHeaders(privateKey);
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 
 			const response = await fetch(`${baseUrl}/v1/topup/polar`, {
 				method: 'POST',
@@ -236,7 +239,7 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.post('/v1/setu/topup/select', async (c) => {
+	app.post('/v1/ottorouter/topup/select', async (c) => {
 		try {
 			const body = await c.req.json();
 			const { sessionId, method } = body as {
@@ -264,7 +267,7 @@ export function registerSetuRoutes(app: Hono) {
 			}
 
 			publish({
-				type: 'setu.topup.method_selected',
+				type: 'ottorouter.topup.method_selected',
 				sessionId,
 				payload: { method },
 			});
@@ -277,7 +280,7 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.post('/v1/setu/topup/cancel', async (c) => {
+	app.post('/v1/ottorouter/topup/cancel', async (c) => {
 		try {
 			const body = await c.req.json();
 			const { sessionId, reason } = body as {
@@ -301,7 +304,7 @@ export function registerSetuRoutes(app: Hono) {
 			}
 
 			publish({
-				type: 'setu.topup.cancelled',
+				type: 'ottorouter.topup.cancelled',
 				sessionId,
 				payload: { reason: reason ?? 'User cancelled' },
 			});
@@ -314,7 +317,7 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.get('/v1/setu/topup/pending', async (c) => {
+	app.get('/v1/ottorouter/topup/pending', async (c) => {
 		try {
 			const sessionId = c.req.query('sessionId');
 			if (!sessionId) {
@@ -341,14 +344,14 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.get('/v1/setu/topup/polar/status', async (c) => {
+	app.get('/v1/ottorouter/topup/polar/status', async (c) => {
 		try {
 			const checkoutId = c.req.query('checkoutId');
 			if (!checkoutId) {
 				return c.json({ error: 'Missing checkoutId parameter' }, 400);
 			}
 
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 			const response = await fetch(
 				`${baseUrl}/v1/topup/polar/status?checkoutId=${checkoutId}`,
 				{
@@ -370,14 +373,14 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.get('/v1/setu/topup/razorpay/estimate', async (c) => {
+	app.get('/v1/ottorouter/topup/razorpay/estimate', async (c) => {
 		try {
 			const amount = c.req.query('amount');
 			if (!amount) {
 				return c.json({ error: 'Missing amount parameter' }, 400);
 			}
 
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 			const response = await fetch(
 				`${baseUrl}/v1/topup/razorpay/estimate?amount=${amount}`,
 				{
@@ -399,11 +402,11 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.post('/v1/setu/topup/razorpay', async (c) => {
+	app.post('/v1/ottorouter/topup/razorpay', async (c) => {
 		try {
-			const privateKey = await getSetuPrivateKey();
+			const privateKey = await getOttoRouterPrivateKey();
 			if (!privateKey) {
-				return c.json({ error: 'Setu wallet not configured' }, 401);
+				return c.json({ error: 'OttoRouter wallet not configured' }, 401);
 			}
 
 			const body = await c.req.json();
@@ -414,7 +417,7 @@ export function registerSetuRoutes(app: Hono) {
 			}
 
 			const walletHeaders = buildWalletHeaders(privateKey);
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 
 			const response = await fetch(`${baseUrl}/v1/topup/razorpay`, {
 				method: 'POST',
@@ -438,11 +441,11 @@ export function registerSetuRoutes(app: Hono) {
 		}
 	});
 
-	app.post('/v1/setu/topup/razorpay/verify', async (c) => {
+	app.post('/v1/ottorouter/topup/razorpay/verify', async (c) => {
 		try {
-			const privateKey = await getSetuPrivateKey();
+			const privateKey = await getOttoRouterPrivateKey();
 			if (!privateKey) {
-				return c.json({ error: 'Setu wallet not configured' }, 401);
+				return c.json({ error: 'OttoRouter wallet not configured' }, 401);
 			}
 
 			const body = await c.req.json();
@@ -458,7 +461,7 @@ export function registerSetuRoutes(app: Hono) {
 			}
 
 			const walletHeaders = buildWalletHeaders(privateKey);
-			const baseUrl = getSetuBaseUrl();
+			const baseUrl = getOttoRouterBaseUrl();
 
 			const response = await fetch(`${baseUrl}/v1/topup/razorpay/verify`, {
 				method: 'POST',

package/src/routes/research.ts

@@ -4,7 +4,7 @@ import { getDb } from '@ottocode/database';
 import { sessions, messages, messageParts } from '@ottocode/database/schema';
 import { desc, eq, and, asc, count } from 'drizzle-orm';
 import type { ProviderId } from '@ottocode/sdk';
-import { isProviderId } from '@ottocode/sdk';
+import { hasConfiguredProvider } from '@ottocode/sdk';
 import { serializeError } from '../runtime/errors/api-error.ts';
 import { logger } from '@ottocode/sdk';
 import { publish } from '../events/bus.ts';
@@ -89,7 +89,7 @@ export function registerResearchRoutes(app: Hono) {
 		const providerCandidate =
 			typeof body.provider === 'string' ? body.provider : undefined;
 		const provider: ProviderId = (() => {
-			if (providerCandidate && isProviderId(providerCandidate))
+			if (providerCandidate && hasConfiguredProvider(cfg, providerCandidate))
 				return providerCandidate;
 			return parent.provider as ProviderId;
 		})();
@@ -278,7 +278,7 @@ export function registerResearchRoutes(app: Hono) {
 		const providerCandidate =
 			typeof body.provider === 'string' ? body.provider : undefined;
 		const provider: ProviderId = (() => {
-			if (providerCandidate && isProviderId(providerCandidate))
+			if (providerCandidate && hasConfiguredProvider(cfg, providerCandidate))
 				return providerCandidate;
 			return cfg.defaults.provider;
 		})();

package/src/routes/session-messages.ts

@@ -1,13 +1,15 @@
 import type { Hono } from 'hono';
-import { loadConfig, type ReasoningLevel } from '@ottocode/sdk';
-import { getDb } from '@ottocode/database';
-import { messages, messageParts, sessions } from '@ottocode/database/schema';
-import { eq, inArray } from 'drizzle-orm';
 import {
-	validateProviderModel,
-	isProviderAuthorized,
 	ensureProviderEnv,
+	getProviderDefinition,
+	isProviderAuthorized,
+	loadConfig,
+	type ReasoningLevel,
+	validateProviderModel,
 } from '@ottocode/sdk';
+import { getDb } from '@ottocode/database';
+import { messages, messageParts, sessions } from '@ottocode/database/schema';
+import { eq, inArray } from 'drizzle-orm';
 import { dispatchAssistantMessage } from '../runtime/message/service.ts';
 import { logger } from '@ottocode/sdk';
 import { serializeError } from '../runtime/errors/api-error.ts';
@@ -132,7 +134,7 @@ export function registerSessionMessagesRoutes(app: Hono) {
 			// Validate model capabilities if tools are allowed for this agent
 			const wantsToolCalls = true; // agent toolset may be non-empty
 			try {
-				validateProviderModel(provider, modelName, { wantsToolCalls });
+				validateProviderModel(provider, modelName, cfg, { wantsToolCalls });
 			} catch (err) {
 				logger.error('Model validation failed', err, { provider, modelName });
 				const message = err instanceof Error ? err.message : String(err);
@@ -150,6 +152,7 @@ export function registerSessionMessagesRoutes(app: Hono) {
 				);
 			}
 			await ensureProviderEnv(cfg, provider);
+			const providerDefinition = getProviderDefinition(cfg, provider);
 
 			const { assistantMessageId } = await dispatchAssistantMessage({
 				cfg,
@@ -161,7 +164,10 @@ export function registerSessionMessagesRoutes(app: Hono) {
 				content,
 				oneShot: Boolean(body?.oneShot),
 				userContext,
-				reasoningText: reasoning,
+				reasoningText:
+					providerDefinition?.compatibility === 'ollama'
+						? (body?.reasoningText ?? false)
+						: reasoning,
 				reasoningLevel,
 				images,
 				files,

package/src/routes/sessions.ts

@@ -10,7 +10,7 @@ import {
 } from '@ottocode/database/schema';
 import { desc, eq, and, ne, inArray, or } from 'drizzle-orm';
 import type { ProviderId } from '@ottocode/sdk';
-import { isProviderId, catalog } from '@ottocode/sdk';
+import { hasConfiguredProvider, validateProviderModel } from '@ottocode/sdk';
 import { resolveAgentConfig } from '../runtime/agent/registry.ts';
 import { createSession as createSessionRow } from '../runtime/session/manager.ts';
 import { serializeError } from '../runtime/errors/api-error.ts';
@@ -79,9 +79,9 @@ export function registerSessionsRoutes(app: Hono) {
 		const providerCandidate =
 			typeof body.provider === 'string' ? body.provider : undefined;
 		const provider: ProviderId = (() => {
-			if (providerCandidate && isProviderId(providerCandidate))
+			if (providerCandidate && hasConfiguredProvider(cfg, providerCandidate))
 				return providerCandidate;
-			if (agentCfg.provider && isProviderId(agentCfg.provider))
+			if (hasConfiguredProvider(cfg, agentCfg.provider))
 				return agentCfg.provider;
 			return cfg.defaults.provider;
 		})();
@@ -208,7 +208,7 @@ export function registerSessionsRoutes(app: Hono) {
 			// Validate provider if provided
 			if (typeof body.provider === 'string') {
 				const providerName = body.provider.trim();
-				if (providerName && isProviderId(providerName)) {
+				if (providerName && hasConfiguredProvider(cfg, providerName)) {
 					updates.provider = providerName;
 				} else if (providerName) {
 					return c.json({ error: `Invalid provider: ${providerName}` }, 400);
@@ -221,21 +221,15 @@ export function registerSessionsRoutes(app: Hono) {
 				if (modelName) {
 					const targetProvider = (updates.provider ||
 						existingSession.provider) as ProviderId;
-
-					// Check if model exists for the provider
-					const providerCatalog = catalog[targetProvider];
-					if (providerCatalog) {
-						const modelExists = providerCatalog.models.some(
-							(m) => m.id === modelName,
+					try {
+						validateProviderModel(targetProvider, modelName, cfg);
+					} catch {
+						return c.json(
+							{
+								error: `Model "${modelName}" not found for provider "${targetProvider}"`,
+							},
+							400,
 						);
-						if (!modelExists) {
-							return c.json(
-								{
-									error: `Model "${modelName}" not found for provider "${targetProvider}"`,
-								},
-								400,
-							);
-						}
 					}
 
 					updates.model = modelName;