@phren/agent 0.0.1

package/dist/providers/codex-auth.js

@@ -0,0 +1,197 @@
+/**
+ * Codex OAuth PKCE flow — authenticate with your ChatGPT subscription.
+ * Same flow as Codex CLI, no middleman.
+ */
+import * as crypto from "crypto";
+import * as fs from "fs";
+import * as path from "path";
+import * as http from "http";
+import * as os from "os";
+const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+const AUTH_URL = "https://auth.openai.com/oauth/authorize";
+const TOKEN_URL = "https://auth.openai.com/oauth/token";
+const REDIRECT_URI = "http://localhost:1455/auth/callback";
+const CALLBACK_PORT = 1455;
+const SCOPES = "openid profile email offline_access";
+function tokenPath() {
+    const dir = path.join(os.homedir(), ".phren-agent");
+    fs.mkdirSync(dir, { recursive: true });
+    return path.join(dir, "codex-token.json");
+}
+function generatePKCE() {
+    const bytes = crypto.randomBytes(32);
+    const codeVerifier = bytes.toString("base64url");
+    const hash = crypto.createHash("sha256").update(codeVerifier).digest();
+    const codeChallenge = hash.toString("base64url");
+    return { codeVerifier, codeChallenge };
+}
+function buildAuthUrl(codeChallenge, state) {
+    const params = new URLSearchParams({
+        response_type: "code",
+        client_id: CLIENT_ID,
+        redirect_uri: REDIRECT_URI,
+        scope: SCOPES,
+        code_challenge: codeChallenge,
+        code_challenge_method: "S256",
+        state,
+        id_token_add_organizations: "true",
+        codex_cli_simplified_flow: "true",
+    });
+    return `${AUTH_URL}?${params.toString()}`;
+}
+async function exchangeCode(code, codeVerifier) {
+    const res = await fetch(TOKEN_URL, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: new URLSearchParams({
+            grant_type: "authorization_code",
+            code,
+            redirect_uri: REDIRECT_URI,
+            client_id: CLIENT_ID,
+            code_verifier: codeVerifier,
+        }).toString(),
+    });
+    if (!res.ok) {
+        const text = await res.text();
+        throw new Error(`Token exchange failed (${res.status}): ${text}`);
+    }
+    const data = await res.json();
+    const expiresIn = data.expires_in || 3600;
+    // Extract account_id from JWT access token
+    let accountId;
+    try {
+        const payload = JSON.parse(Buffer.from(data.access_token.split(".")[1], "base64url").toString());
+        accountId = payload.sub || payload.account_id;
+    }
+    catch { /* skip */ }
+    return {
+        access_token: data.access_token,
+        refresh_token: data.refresh_token,
+        expires_at: Date.now() + expiresIn * 1000,
+        account_id: accountId,
+    };
+}
+async function refreshToken(refreshTok) {
+    const res = await fetch(TOKEN_URL, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: new URLSearchParams({
+            grant_type: "refresh_token",
+            refresh_token: refreshTok,
+            client_id: CLIENT_ID,
+        }).toString(),
+    });
+    if (!res.ok) {
+        const text = await res.text();
+        throw new Error(`Token refresh failed (${res.status}): ${text}`);
+    }
+    const data = await res.json();
+    const expiresIn = data.expires_in || 3600;
+    return {
+        access_token: data.access_token,
+        refresh_token: data.refresh_token || refreshTok,
+        expires_at: Date.now() + expiresIn * 1000,
+    };
+}
+/** Interactive OAuth login — opens browser, waits for callback. */
+export async function codexLogin() {
+    const { codeVerifier, codeChallenge } = generatePKCE();
+    const state = crypto.randomBytes(16).toString("hex");
+    const authUrl = buildAuthUrl(codeChallenge, state);
+    console.log("Opening browser for Codex login...");
+    console.log(`If it doesn't open, visit:\n${authUrl}\n`);
+    // Open browser
+    const openCmd = process.platform === "darwin" ? "open"
+        : process.platform === "win32" ? "start"
+            : "xdg-open";
+    try {
+        const { execFileSync } = await import("child_process");
+        execFileSync(openCmd, [authUrl], { stdio: "ignore" });
+    }
+    catch {
+        // Browser open failed — user has the URL printed above
+    }
+    // Start local callback server
+    const code = await new Promise((resolve, reject) => {
+        const server = http.createServer((req, res) => {
+            const url = new URL(req.url ?? "/", `http://localhost:${CALLBACK_PORT}`);
+            if (url.pathname !== "/auth/callback") {
+                res.writeHead(404);
+                res.end();
+                return;
+            }
+            const returnedState = url.searchParams.get("state");
+            const returnedCode = url.searchParams.get("code");
+            const error = url.searchParams.get("error");
+            if (error) {
+                res.writeHead(200, { "Content-Type": "text/html" });
+                res.end(`<h2>Login failed: ${error}</h2><p>You can close this tab.</p>`);
+                server.close();
+                reject(new Error(`OAuth error: ${error}`));
+                return;
+            }
+            if (returnedState !== state) {
+                res.writeHead(400, { "Content-Type": "text/html" });
+                res.end("<h2>State mismatch — try again</h2>");
+                // Don't crash — just ignore stale callbacks and keep waiting
+                return;
+            }
+            res.writeHead(200, { "Content-Type": "text/html" });
+            res.end("<h2>Login successful!</h2><p>You can close this tab and return to the terminal.</p>");
+            server.close();
+            resolve(returnedCode);
+        });
+        server.listen(CALLBACK_PORT, () => {
+            console.log(`Waiting for callback on port ${CALLBACK_PORT}...`);
+        });
+        server.on("error", (err) => {
+            reject(new Error(`Callback server failed: ${err.message}. Is port ${CALLBACK_PORT} in use?`));
+        });
+        // Timeout after 2 minutes
+        setTimeout(() => { server.close(); reject(new Error("Login timed out (2 min)")); }, 120_000);
+    });
+    // Exchange code for tokens
+    console.log("Exchanging code for tokens...");
+    const tokens = await exchangeCode(code, codeVerifier);
+    // Save tokens
+    fs.writeFileSync(tokenPath(), JSON.stringify(tokens, null, 2) + "\n", { mode: 0o600 });
+    console.log(`Logged in! Token saved to ${tokenPath()}`);
+}
+// Lock so concurrent callers share a single in-flight refresh
+let refreshPromise = null;
+/** Load stored token, auto-refresh if expiring within 5 minutes. */
+export async function getAccessToken() {
+    const file = tokenPath();
+    if (!fs.existsSync(file)) {
+        throw new Error("Not logged in to Codex. Run: phren-agent auth login");
+    }
+    let tokens = JSON.parse(fs.readFileSync(file, "utf-8"));
+    // Refresh if expiring within 5 minutes
+    if (tokens.expires_at < Date.now() + 5 * 60 * 1000) {
+        if (!tokens.refresh_token) {
+            throw new Error("Token expired and no refresh token. Run: phren-agent auth login");
+        }
+        if (!refreshPromise) {
+            console.error("Refreshing Codex token...");
+            refreshPromise = refreshToken(tokens.refresh_token).finally(() => { refreshPromise = null; });
+        }
+        tokens = await refreshPromise;
+        fs.writeFileSync(file, JSON.stringify(tokens, null, 2) + "\n", { mode: 0o600 });
+    }
+    return { accessToken: tokens.access_token, accountId: tokens.account_id };
+}
+/** Check if user has a stored Codex token. */
+export function hasCodexToken() {
+    return fs.existsSync(tokenPath());
+}
+/** Remove stored token. */
+export function codexLogout() {
+    const file = tokenPath();
+    if (fs.existsSync(file)) {
+        fs.unlinkSync(file);
+        console.log("Logged out of Codex.");
+    }
+    else {
+        console.log("Not logged in.");
+    }
+}

package/dist/providers/codex.js

@@ -0,0 +1,265 @@
+import { getAccessToken } from "./codex-auth.js";
+const CODEX_API = "https://chatgpt.com/backend-api/codex/responses";
+/** Convert our tool defs to Responses API tool format. */
+function toResponsesTools(tools) {
+    return tools.map((t) => ({
+        type: "function",
+        name: t.name,
+        description: t.description,
+        parameters: t.input_schema,
+    }));
+}
+/** Convert our messages to Responses API input format. */
+function toResponsesInput(system, messages) {
+    const input = [];
+    for (const msg of messages) {
+        if (msg.role === "user") {
+            if (typeof msg.content === "string") {
+                input.push({
+                    type: "message",
+                    role: "user",
+                    content: [{ type: "input_text", text: msg.content }],
+                });
+            }
+            else {
+                // tool_result blocks
+                for (const block of msg.content) {
+                    if (block.type === "tool_result") {
+                        input.push({
+                            type: "function_call_output",
+                            call_id: block.tool_use_id,
+                            output: block.content,
+                        });
+                    }
+                    else if (block.type === "text") {
+                        input.push({
+                            type: "message",
+                            role: "user",
+                            content: [{ type: "input_text", text: block.text }],
+                        });
+                    }
+                }
+            }
+        }
+        else if (msg.role === "assistant") {
+            if (typeof msg.content === "string") {
+                input.push({
+                    type: "message",
+                    role: "assistant",
+                    content: [{ type: "output_text", text: msg.content }],
+                });
+            }
+            else {
+                for (const block of msg.content) {
+                    if (block.type === "text") {
+                        input.push({
+                            type: "message",
+                            role: "assistant",
+                            content: [{ type: "output_text", text: block.text }],
+                        });
+                    }
+                    else if (block.type === "tool_use") {
+                        input.push({
+                            type: "function_call",
+                            call_id: block.id,
+                            name: block.name,
+                            arguments: JSON.stringify(block.input),
+                        });
+                    }
+                }
+            }
+        }
+    }
+    return input;
+}
+/** Parse non-streaming Responses API output into our ContentBlock format. */
+function parseResponsesOutput(data) {
+    const output = data.output;
+    const content = [];
+    let hasToolUse = false;
+    if (output) {
+        for (const item of output) {
+            if (item.type === "message") {
+                const msgContent = item.content;
+                if (msgContent) {
+                    for (const c of msgContent) {
+                        if (c.type === "output_text" && c.text) {
+                            content.push({ type: "text", text: c.text });
+                        }
+                    }
+                }
+            }
+            else if (item.type === "function_call") {
+                hasToolUse = true;
+                content.push({
+                    type: "tool_use",
+                    id: item.call_id,
+                    name: item.name,
+                    input: JSON.parse(item.arguments),
+                });
+            }
+        }
+    }
+    const status = data.status;
+    const stop_reason = hasToolUse ? "tool_use"
+        : status === "incomplete" ? "max_tokens"
+            : "end_turn";
+    const usage = data.usage;
+    return {
+        content,
+        stop_reason,
+        usage: usage ? { input_tokens: usage.input_tokens ?? 0, output_tokens: usage.output_tokens ?? 0 } : undefined,
+    };
+}
+export class CodexProvider {
+    name = "codex";
+    contextWindow = 128_000;
+    model;
+    constructor(model) {
+        this.model = model ?? "gpt-5.2-codex";
+    }
+    async chat(system, messages, tools) {
+        const { accessToken } = await getAccessToken();
+        const body = {
+            model: this.model,
+            instructions: system,
+            input: toResponsesInput(system, messages),
+            store: false,
+            stream: true,
+        };
+        if (tools.length > 0) {
+            body.tools = toResponsesTools(tools);
+            body.tool_choice = "auto";
+        }
+        const bodyStr = JSON.stringify(body);
+        const res = await fetch(CODEX_API, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${accessToken}`,
+            },
+            body: bodyStr,
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            throw new Error(`Codex API error ${res.status}: ${text}`);
+        }
+        // Stream is mandatory for Codex backend — consume it and collect the final response
+        if (!res.body)
+            throw new Error("Provider returned empty response body");
+        const reader = res.body.getReader();
+        const decoder = new TextDecoder();
+        let buffer = "";
+        let finalResponse = null;
+        while (true) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split("\n");
+            buffer = lines.pop();
+            for (const line of lines) {
+                if (!line.startsWith("data: "))
+                    continue;
+                const data = line.slice(6).trim();
+                if (data === "[DONE]")
+                    continue;
+                try {
+                    const event = JSON.parse(data);
+                    if (event.type === "response.completed" && event.response) {
+                        finalResponse = event.response;
+                    }
+                }
+                catch { /* skip */ }
+            }
+        }
+        if (finalResponse)
+            return parseResponsesOutput(finalResponse);
+        // No response.completed event received
+        throw new Error("Codex stream ended without response.completed event");
+    }
+    async *chatStream(system, messages, tools) {
+        const { accessToken } = await getAccessToken();
+        const body = {
+            model: this.model,
+            instructions: system,
+            input: toResponsesInput(system, messages),
+            store: false,
+            stream: true,
+            include: ["reasoning.encrypted_content"],
+        };
+        if (tools.length > 0) {
+            body.tools = toResponsesTools(tools);
+            body.tool_choice = "auto";
+        }
+        const res = await fetch(CODEX_API, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${accessToken}`,
+            },
+            body: JSON.stringify(body),
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            throw new Error(`Codex API error ${res.status}: ${text}`);
+        }
+        // Parse SSE stream
+        if (!res.body)
+            throw new Error("Provider returned empty response body");
+        const reader = res.body.getReader();
+        const decoder = new TextDecoder();
+        let buffer = "";
+        let activeToolCallId = "";
+        while (true) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            buffer += decoder.decode(value, { stream: true });
+            const lines = buffer.split("\n");
+            buffer = lines.pop();
+            for (const line of lines) {
+                if (!line.startsWith("data: "))
+                    continue;
+                const data = line.slice(6).trim();
+                if (data === "[DONE]")
+                    return;
+                let event;
+                try {
+                    event = JSON.parse(data);
+                }
+                catch {
+                    continue;
+                }
+                const type = event.type;
+                if (type === "response.output_text.delta") {
+                    yield { type: "text_delta", text: event.delta };
+                }
+                else if (type === "response.output_item.added") {
+                    if (event.item?.type === "function_call") {
+                        const item = event.item;
+                        activeToolCallId = item.call_id;
+                        yield { type: "tool_use_start", id: activeToolCallId, name: item.name };
+                    }
+                }
+                else if (type === "response.function_call_arguments.delta") {
+                    yield { type: "tool_use_delta", id: activeToolCallId, json: event.delta };
+                }
+                else if (type === "response.function_call_arguments.done") {
+                    yield { type: "tool_use_end", id: activeToolCallId };
+                }
+                else if (type === "response.completed") {
+                    const response = event.response;
+                    const usage = response?.usage;
+                    const output = response?.output;
+                    const hasToolCalls = output?.some((o) => o.type === "function_call");
+                    yield {
+                        type: "done",
+                        stop_reason: hasToolCalls ? "tool_use" : "end_turn",
+                        usage: usage ? { input_tokens: usage.input_tokens ?? 0, output_tokens: usage.output_tokens ?? 0 } : undefined,
+                    };
+                }
+            }
+        }
+    }
+}

package/dist/providers/ollama.js

@@ -0,0 +1,142 @@
+/** Convert Anthropic tool defs to OpenAI function format (Ollama uses OpenAI-compat). */
+function toOllamaTools(tools) {
+    return tools.map((t) => ({
+        type: "function",
+        function: { name: t.name, description: t.description, parameters: t.input_schema },
+    }));
+}
+function toOllamaMessages(system, messages) {
+    const out = [{ role: "system", content: system }];
+    for (const msg of messages) {
+        if (typeof msg.content === "string") {
+            out.push({ role: msg.role, content: msg.content });
+        }
+        else {
+            for (const block of msg.content) {
+                if (block.type === "text") {
+                    out.push({ role: msg.role, content: block.text });
+                }
+                else if (block.type === "tool_result") {
+                    out.push({ role: "tool", tool_call_id: block.tool_use_id, content: block.content });
+                }
+                else if (block.type === "tool_use") {
+                    out.push({
+                        role: "assistant",
+                        tool_calls: [{ id: block.id, type: "function", function: { name: block.name, arguments: JSON.stringify(block.input) } }],
+                    });
+                }
+            }
+        }
+    }
+    return out;
+}
+export class OllamaProvider {
+    name = "ollama";
+    contextWindow = 32_000;
+    baseUrl;
+    model;
+    constructor(model, baseUrl) {
+        this.baseUrl = baseUrl ?? "http://localhost:11434";
+        this.model = model ?? "qwen2.5-coder:14b";
+    }
+    async chat(system, messages, tools) {
+        const body = {
+            model: this.model,
+            messages: toOllamaMessages(system, messages),
+            stream: false,
+        };
+        if (tools.length > 0)
+            body.tools = toOllamaTools(tools);
+        const res = await fetch(`${this.baseUrl}/api/chat`, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(body),
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            throw new Error(`Ollama API error ${res.status}: ${text}`);
+        }
+        const data = await res.json();
+        const message = data.message;
+        const content = [];
+        if (message?.content && typeof message.content === "string") {
+            content.push({ type: "text", text: message.content });
+        }
+        const toolCalls = message?.tool_calls;
+        if (toolCalls) {
+            for (const tc of toolCalls) {
+                const fn = tc.function;
+                content.push({
+                    type: "tool_use",
+                    id: `ollama-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+                    name: fn.name,
+                    input: typeof fn.arguments === "string" ? JSON.parse(fn.arguments) : fn.arguments,
+                });
+            }
+        }
+        const stop_reason = toolCalls && toolCalls.length > 0 ? "tool_use" : "end_turn";
+        return { content, stop_reason };
+    }
+    async *chatStream(system, messages, tools) {
+        const body = {
+            model: this.model,
+            messages: toOllamaMessages(system, messages),
+            stream: true,
+        };
+        if (tools.length > 0)
+            body.tools = toOllamaTools(tools);
+        const res = await fetch(`${this.baseUrl}/api/chat`, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(body),
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            throw new Error(`Ollama API error ${res.status}: ${text}`);
+        }
+        if (!res.body)
+            throw new Error("Provider returned empty response body");
+        const reader = res.body.getReader();
+        const decoder = new TextDecoder();
+        let buf = "";
+        let stopReason = "end_turn";
+        for (;;) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            buf += decoder.decode(value, { stream: true });
+            const lines = buf.split("\n");
+            buf = lines.pop();
+            for (const line of lines) {
+                if (!line.trim())
+                    continue;
+                let chunk;
+                try {
+                    chunk = JSON.parse(line);
+                }
+                catch {
+                    continue;
+                }
+                const message = chunk.message;
+                if (message?.content && typeof message.content === "string") {
+                    yield { type: "text_delta", text: message.content };
+                }
+                // Ollama sends tool_calls in the final message (done=true)
+                const tcalls = message?.tool_calls;
+                if (tcalls) {
+                    stopReason = "tool_use";
+                    for (const tc of tcalls) {
+                        const fn = tc.function;
+                        const id = `ollama-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+                        yield { type: "tool_use_start", id, name: fn.name };
+                        yield { type: "tool_use_delta", id, json: JSON.stringify(typeof fn.arguments === "string" ? JSON.parse(fn.arguments) : fn.arguments) };
+                        yield { type: "tool_use_end", id };
+                    }
+                }
+                if (chunk.done === true)
+                    break;
+            }
+        }
+        yield { type: "done", stop_reason: stopReason };
+    }
+}