@pikoloo/codex-proxy 1.0.6

package/src/routes/accounts-route.js

@@ -0,0 +1,332 @@
+/**
+ * Accounts Route
+ * Handles all /accounts/* endpoints:
+ *   GET    /accounts
+ *   GET    /accounts/status
+ *   GET    /accounts/quota
+ *   GET    /accounts/quota/all
+ *   POST   /accounts/add
+ *   POST   /accounts/add/manual
+ *   POST   /accounts/switch
+ *   POST   /accounts/import
+ *   POST   /accounts/refresh
+ *   POST   /accounts/refresh/all
+ *   POST   /accounts/:email/refresh
+ *   POST   /accounts/oauth/cleanup
+ *   DELETE /accounts/:email
+ */
+
+import {
+  getActiveAccount,
+  setActiveAccount,
+  removeAccount,
+  listAccounts,
+  refreshActiveAccount,
+  refreshAccountToken,
+  refreshAllAccounts,
+  importFromCodex,
+  getStatus,
+  loadAccounts,
+  saveAccounts,
+  updateAccountAuth,
+  updateAccountQuota,
+  getAccountQuota
+} from '../account-manager.js';
+
+import {
+  getAuthorizationUrl,
+  generatePKCE,
+  generateState,
+  startCallbackServer,
+  exchangeCodeForTokens,
+  OAUTH_CONFIG,
+  extractCodeFromInput,
+  extractAccountInfo,
+  getPKCEData
+} from '../oauth.js';
+
+import {
+  getAccountQuota as fetchAccountQuota
+} from '../model-api.js';
+
+import { logger } from '../utils/logger.js';
+
+// Tracks active OAuth callback servers keyed by port
+const activeCallbackServers = new Map();
+
+// ─── Route Handlers ──────────────────────────────────────────────────────────
+
+export function handleListAccounts(req, res) {
+  res.json(listAccounts());
+}
+
+export function handleAccountStatus(req, res) {
+  res.json(getStatus());
+}
+
+export function handleOAuthCleanup(req, res) {
+  for (const [, callback] of activeCallbackServers) {
+    try { callback.abort(); } catch { /* ignore */ }
+  }
+  activeCallbackServers.clear();
+  res.json({ success: true, message: 'OAuth servers cleaned up' });
+}
+
+export async function handleAddAccount(req, res) {
+  const { port } = req.body || {};
+  const callbackPort = port || OAUTH_CONFIG.callbackPort;
+
+  const { verifier } = generatePKCE();
+  const state = generateState();
+
+  // Close any existing server on this port
+  if (activeCallbackServers.has(callbackPort)) {
+    const existing = activeCallbackServers.get(callbackPort);
+    if (existing.abort) existing.abort();
+    activeCallbackServers.delete(callbackPort);
+  }
+
+  let serverResult;
+  let actualPort;
+  try {
+    serverResult = startCallbackServer(state, 120000, { port: callbackPort });
+    actualPort = await serverResult.ready;
+  } catch (err) {
+    return res.status(500).json({
+      error: 'Failed to start OAuth callback server',
+      message: err.message,
+      status: 'error'
+    });
+  }
+
+  const oauthUrl = getAuthorizationUrl(verifier, state, actualPort);
+
+  activeCallbackServers.set(actualPort, serverResult);
+
+  serverResult.promise
+    .then(result => {
+      activeCallbackServers.delete(actualPort);
+      if (result?.code) {
+        return exchangeCodeForTokens(result.code, verifier, actualPort)
+          .then(async tokens => {
+            const accountInfo = _buildAccountInfo(tokens);
+            await _upsertAccount(accountInfo);
+            logger.info(`Added account: ${accountInfo.email}`);
+          });
+      }
+    })
+    .catch(err => {
+      activeCallbackServers.delete(actualPort);
+      logger.error(`OAuth token exchange failed: ${err.message}`);
+    });
+
+  res.json({
+    status: 'oauth_url',
+    oauth_url: oauthUrl,
+    callback_port: actualPort
+  });
+}
+
+export async function handleAddAccountManual(req, res) {
+  const { code, verifier, port } = req.body || {};
+
+  if (!code) {
+    return res.status(400).json({ success: false, error: 'Code is required' });
+  }
+
+  try {
+    const { code: extractedCode, state, port: callbackUrlPort } = extractCodeFromInput(code);
+    const pkceData = state ? getPKCEData(state) : null;
+    const codeVerifier = verifier || pkceData?.verifier;
+    const callbackPort = port || callbackUrlPort || pkceData?.port || OAUTH_CONFIG.callbackPort;
+
+    if (!codeVerifier) {
+      return res.status(400).json({
+        success: false,
+        error: 'Verifier is required unless a callback URL with a valid state is provided'
+      });
+    }
+
+    const tokens = await exchangeCodeForTokens(extractedCode, codeVerifier, callbackPort);
+    const accountInfo = _buildAccountInfo(tokens);
+
+    await _upsertAccount(accountInfo);
+    const callback = activeCallbackServers.get(callbackPort);
+    if (callback?.abort) callback.abort();
+    activeCallbackServers.delete(callbackPort);
+    logger.info(`Added account via manual OAuth: ${accountInfo.email}`);
+    res.json({ success: true, message: `Account ${accountInfo.email} added successfully` });
+  } catch (err) {
+    logger.error(`Manual OAuth failed: ${err.message}`);
+    res.status(400).json({ success: false, error: err.message });
+  }
+}
+
+export function handleSwitchAccount(req, res) {
+  const { email } = req.body || {};
+  if (!email) {
+    return res.status(400).json({ success: false, message: 'Email is required' });
+  }
+  const result = setActiveAccount(email);
+  if (result.success) {
+    logger.info(`Switched to account: ${email}`);
+  }
+  res.json(result);
+}
+
+export async function handleRefreshAccount(req, res) {
+  const email = decodeURIComponent(req.params.email);
+  const result = await refreshAccountToken(email);
+  if (result.success) {
+    logger.info(`Refreshed token for: ${email}`);
+  }
+  res.json(result);
+}
+
+export async function handleRefreshAllAccounts(req, res) {
+  const result = await refreshAllAccounts();
+  res.json(result);
+}
+
+export async function handleRefreshActiveAccount(req, res) {
+  const result = await refreshActiveAccount();
+  res.json(result);
+}
+
+export function handleRemoveAccount(req, res) {
+  const email = decodeURIComponent(req.params.email);
+  const result = removeAccount(email);
+  if (result.success) {
+    logger.info(`Removed account: ${email}`);
+  }
+  res.json(result);
+}
+
+export function handleImportAccount(req, res) {
+  const result = importFromCodex();
+  res.json(result);
+}
+
+export async function handleGetQuota(req, res) {
+  const { email, refresh } = req.query;
+  const account = email
+    ? loadAccounts().accounts.find(a => a.email === email)
+    : getActiveAccount();
+
+  if (!account) {
+    return res.status(404).json({
+      success: false,
+      error: email ? `Account not found: ${email}` : 'No active account'
+    });
+  }
+
+  const cachedQuota = getAccountQuota(account.email);
+  const isStale = !cachedQuota ||
+    (Date.now() - new Date(cachedQuota.lastChecked).getTime() > 5 * 60 * 1000);
+
+  if (refresh === 'true' || isStale) {
+    try {
+      const quotaData = await fetchAccountQuota(account.accessToken, account.accountId);
+      updateAccountQuota(account.email, quotaData);
+      res.json({ success: true, email: account.email, quota: quotaData, cached: false });
+    } catch (error) {
+      logger.error(`Failed to fetch quota: ${error.message}`);
+      if (cachedQuota) {
+        res.json({
+          success: true,
+          email: account.email,
+          quota: cachedQuota,
+          cached: true,
+          warning: 'Using cached data due to fetch error'
+        });
+      } else {
+        res.status(500).json({ success: false, error: error.message });
+      }
+    }
+  } else {
+    res.json({ success: true, email: account.email, quota: cachedQuota, cached: true });
+  }
+}
+
+export async function handleGetAllQuotas(req, res) {
+  const { accounts: accountList } = listAccounts();
+  const results = [];
+
+  for (const account of accountList) {
+    try {
+      const quota = await getAccountQuota(account.email);
+      results.push({ email: account.email, quota: quota || null });
+    } catch {
+      results.push({ email: account.email, quota: null });
+    }
+  }
+
+  res.json({ accounts: results });
+}
+
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+
+/**
+ * Inserts or updates an account in the persisted accounts store,
+ * and sets it as the active account.
+ * @param {object} accountInfo
+ */
+async function _upsertAccount(accountInfo) {
+  if (!accountInfo?.email) {
+    throw new Error('OAuth response did not include account email');
+  }
+
+  const data = loadAccounts();
+  const existingIndex = data.accounts.findIndex(a => a.email === accountInfo.email);
+
+  if (existingIndex >= 0) {
+    data.accounts[existingIndex] = { ...data.accounts[existingIndex], ...accountInfo };
+  } else {
+    data.accounts.push(accountInfo);
+  }
+
+  data.activeAccount = accountInfo.email;
+  saveAccounts(data);
+  updateAccountAuth(accountInfo);
+  
+  // Fetch initial quota immediately
+  try {
+    const quotaData = await fetchAccountQuota(accountInfo.accessToken, accountInfo.accountId);
+    updateAccountQuota(accountInfo.email, quotaData);
+    logger.info(`Initial quota fetched for: ${accountInfo.email}`);
+  } catch (err) {
+    logger.warn(`Failed to fetch initial quota for ${accountInfo.email}: ${err.message}`);
+  }
+}
+
+function _buildAccountInfo(tokens) {
+  const tokenInfo = extractAccountInfo(tokens.accessToken);
+  return {
+    email: tokenInfo?.email || 'unknown',
+    accountId: tokenInfo?.accountId,
+    planType: tokenInfo?.planType || 'free',
+    userId: tokenInfo?.userId,
+    accessToken: tokens.accessToken,
+    refreshToken: tokens.refreshToken,
+    idToken: tokens.idToken,
+    expiresAt: tokenInfo?.expiresAt || (Date.now() + tokens.expiresIn * 1000),
+    addedAt: new Date().toISOString(),
+    lastUsed: null
+  };
+}
+
+export default {
+  handleListAccounts,
+  handleAccountStatus,
+  handleOAuthCleanup,
+  handleAddAccount,
+  handleAddAccountManual,
+  handleSwitchAccount,
+  handleRefreshAccount,
+  handleRefreshAllAccounts,
+  handleRefreshActiveAccount,
+  handleRemoveAccount,
+  handleImportAccount,
+  handleGetQuota,
+  handleGetAllQuotas
+};

package/src/routes/api-routes.js

@@ -0,0 +1,98 @@
+/**
+ * API Routes
+ * Thin registration layer — wires all route modules to the Express app.
+ * Business logic lives in the individual route files under src/routes/.
+ */
+
+import express from 'express';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
+import { createRequire } from 'module';
+
+import { getStatus, ACCOUNTS_FILE } from '../account-manager.js';
+
+// Route handlers
+import { handleMessages } from './messages-route.js';
+import { handleChatCompletion, handleCountTokens } from './chat-route.js';
+import { handleListModels, handleAccountModels, handleAccountUsage } from './models-route.js';
+import { handleGetHaikuModel, handleSetHaikuModel, handleGetKiloModels, handleGetAccountStrategy, handleSetAccountStrategy } from './settings-route.js';
+import { handleGetLogs, handleStreamLogs } from './logs-route.js';
+import { handleGetClaudeConfig, handleSetProxyMode, handleSetDirectMode, handleSetClaudeApiEndpoint } from './claude-config-route.js';
+import {
+  handleListAccounts,
+  handleAccountStatus,
+  handleOAuthCleanup,
+  handleAddAccount,
+  handleAddAccountManual,
+  handleSwitchAccount,
+  handleRefreshAccount,
+  handleRefreshAllAccounts,
+  handleRefreshActiveAccount,
+  handleRemoveAccount,
+  handleImportAccount,
+  handleGetQuota,
+  handleGetAllQuotas
+} from './accounts-route.js';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const require = createRequire(import.meta.url);
+const alpineDistDir = dirname(require.resolve('alpinejs/dist/cdn.min.js'));
+
+export function registerApiRoutes(app, { port }) {
+  // ─── Static Web UI ─────────────────────────────────────────────────────────
+  app.use('/vendor/alpine', express.static(alpineDistDir));
+  app.use(express.static(join(__dirname, '..', '..', 'public')));
+
+  // ─── Health ────────────────────────────────────────────────────────────────
+  app.get('/health', (req, res) => {
+    res.json({ status: 'ok', ...getStatus(), configPath: ACCOUNTS_FILE });
+  });
+
+  // ─── Anthropic Messages API ────────────────────────────────────────────────
+  app.post('/v1/messages', handleMessages);
+  app.post('/v1/messages/count_tokens', handleCountTokens);
+
+  // ─── OpenAI Chat Completions API ───────────────────────────────────────────
+  app.post('/v1/chat/completions', handleChatCompletion);
+
+  // ─── Models ────────────────────────────────────────────────────────────────
+  app.get('/v1/models', handleListModels);
+  app.get('/accounts/models', handleAccountModels);
+  app.get('/accounts/usage', handleAccountUsage);
+
+  // ─── Settings ──────────────────────────────────────────────────────────────
+  app.get('/settings/haiku-model', handleGetHaikuModel);
+  app.post('/settings/haiku-model', handleSetHaikuModel);
+  app.get('/settings/kilo-models', handleGetKiloModels);
+  app.get('/settings/account-strategy', handleGetAccountStrategy);
+  app.post('/settings/account-strategy', handleSetAccountStrategy);
+
+  // ─── Account Management ───────────────────────────────────────────────────
+  app.get('/accounts', handleListAccounts);
+  app.get('/accounts/status', handleAccountStatus);
+  app.get('/accounts/quota', handleGetQuota);
+  app.get('/accounts/quota/all', handleGetAllQuotas);
+
+  app.post('/accounts/add', handleAddAccount);
+  app.post('/accounts/add/manual', handleAddAccountManual);
+  app.post('/accounts/switch', handleSwitchAccount);
+  app.post('/accounts/import', handleImportAccount);
+  app.post('/accounts/refresh', handleRefreshActiveAccount);
+  app.post('/accounts/refresh/all', handleRefreshAllAccounts);
+  app.post('/accounts/oauth/cleanup', handleOAuthCleanup);
+  app.post('/accounts/:email/refresh', handleRefreshAccount);
+
+  app.delete('/accounts/:email', handleRemoveAccount);
+
+  // ─── Claude CLI Configuration ──────────────────────────────────────────────
+  app.get('/claude/config', handleGetClaudeConfig);
+  app.post('/claude/config/proxy', (req, res) => handleSetProxyMode(req, res, { port }));
+  app.post('/claude/config/direct', handleSetDirectMode);
+  app.post('/claude/config/set', handleSetClaudeApiEndpoint);
+
+  // ─── Logs ──────────────────────────────────────────────────────────────────
+  app.get('/api/logs', handleGetLogs);
+  app.get('/api/logs/stream', handleStreamLogs);
+}
+
+export default { registerApiRoutes };

package/src/routes/chat-route.js

@@ -0,0 +1,229 @@
+/**
+ * Chat Completions Route
+ * Handles POST /v1/chat/completions (OpenAI Chat Completions API compatibility)
+ * and POST /v1/messages/count_tokens (approximate token counting).
+ */
+
+import { sendMessage } from '../direct-api.js';
+import { sendKiloMessage } from '../kilo-api.js';
+import { DEFAULT_OPENAI_MODEL, isKiloEnabled, resolveModelRouting } from '../model-mapper.js';
+import { getCredentialsOrError, sendAuthError } from '../middleware/credentials.js';
+import { handleStreamError } from '../middleware/sse.js';
+import { logger } from '../utils/logger.js';
+
+/**
+ * POST /v1/chat/completions
+ * Converts OpenAI Chat format to Anthropic internally, then routes to Codex or Kilo.
+ * Always returns a non-streaming OpenAI-compatible response.
+ */
+export async function handleChatCompletion(req, res) {
+  const startTime = Date.now();
+  const body = req.body;
+  const requestedModel = body.model || DEFAULT_OPENAI_MODEL;
+
+  const { isKilo, kiloTarget, upstreamModel } = resolveModelRouting(requestedModel);
+
+  if (isKilo && !isKiloEnabled()) {
+    return res.status(403).json({
+      error: {
+        message: 'Kilo routing is disabled. Set CODEX_CLAUDE_PROXY_ENABLE_KILO=true to enable third-party Kilo model routing.',
+        type: 'invalid_request_error',
+        code: 'kilo_disabled'
+      }
+    });
+  }
+
+  let creds = null;
+  if (!isKilo) {
+    creds = await getCredentialsOrError();
+    if (!creds) {
+      logger.response(401, { error: 'No active account' });
+      return sendAuthError(res, 'No active account. Add an account via /accounts/add');
+    }
+  }
+
+  const anthropicRequest = _buildAnthropicRequest(body, upstreamModel);
+
+  logger.request('POST', '/v1/chat/completions', {
+    model: upstreamModel,
+    account: isKilo ? 'kilo' : creds.email,
+    messages: body.messages?.length || 0,
+    tools: body.tools?.length || 0
+  });
+
+  try {
+    const response = isKilo
+      ? await sendKiloMessage(anthropicRequest, kiloTarget)
+      : await sendMessage(anthropicRequest, creds.accessToken, creds.accountId);
+
+    const duration = Date.now() - startTime;
+    logger.response(200, { model: upstreamModel, tokens: response.usage?.output_tokens || 0, duration });
+
+    res.json(_buildOpenAIResponse(response, requestedModel));
+  } catch (error) {
+    handleStreamError(res, error, upstreamModel, startTime);
+  }
+}
+
+/**
+ * POST /v1/messages/count_tokens
+ * Returns an approximate token count for the given request body.
+ */
+export function handleCountTokens(req, res) {
+  const body = req.body;
+  let text = '';
+
+  if (body.system) {
+    if (typeof body.system === 'string') {
+      text += body.system + ' ';
+    } else if (Array.isArray(body.system)) {
+      for (const block of body.system) {
+        if (block.type === 'text') text += block.text + ' ';
+      }
+    }
+  }
+
+  if (body.tools) {
+    for (const tool of body.tools) {
+      text += JSON.stringify(tool) + ' ';
+    }
+  }
+
+  if (Array.isArray(body.messages)) {
+    for (const msg of body.messages) {
+      if (typeof msg.content === 'string') {
+        text += msg.content + ' ';
+      } else if (Array.isArray(msg.content)) {
+        for (const block of msg.content) {
+          if (block.type === 'text') {
+            text += block.text + ' ';
+          } else if (block.type === 'tool_use' || block.type === 'tool_result') {
+            text += JSON.stringify(block) + ' ';
+          }
+        }
+      }
+    }
+  }
+
+  const approxTokens = Math.ceil(text.length / 4);
+  res.json({ input_tokens: approxTokens });
+}
+
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+
+/**
+ * Converts an OpenAI Chat Completions request body into an Anthropic-style request.
+ * @param {object} body
+ * @param {string} upstreamModel
+ * @returns {object}
+ */
+function _buildAnthropicRequest(body, upstreamModel) {
+  const anthropicRequest = {
+    model: upstreamModel,
+    messages: [],
+    system: null,
+    stream: false
+  };
+
+  if (body.messages) {
+    const systemMsg = body.messages.find(m => m.role === 'system');
+    if (systemMsg) {
+      anthropicRequest.system = systemMsg.content;
+    }
+
+    anthropicRequest.messages = body.messages
+      .filter(m => m.role !== 'system')
+      .map(m => {
+        if (m.role === 'tool') {
+          return {
+            role: 'user',
+            content: [{
+              type: 'tool_result',
+              tool_use_id: m.tool_call_id,
+              content: m.content
+            }]
+          };
+        }
+
+        if (m.role === 'assistant' && m.tool_calls) {
+          const content = [{ type: 'text', text: m.content || '' }];
+          for (const call of m.tool_calls) {
+            let input = {};
+            try {
+              input = typeof call.function.arguments === 'string'
+                ? JSON.parse(call.function.arguments)
+                : call.function.arguments || {};
+            } catch {
+              input = {};
+            }
+            content.push({
+              type: 'tool_use',
+              id: call.id,
+              name: call.function.name,
+              input
+            });
+          }
+          return { role: 'assistant', content };
+        }
+
+        return m;
+      });
+  }
+
+  if (body.tools) {
+    anthropicRequest.tools = body.tools.map(t => ({
+      name: t.function.name,
+      description: t.function.description,
+      input_schema: t.function.parameters
+    }));
+  }
+
+  return anthropicRequest;
+}
+
+/**
+ * Converts an Anthropic-style response into an OpenAI Chat Completions response.
+ * @param {object} response
+ * @param {string} responseModel
+ * @returns {object}
+ */
+function _buildOpenAIResponse(response, responseModel) {
+  const content = response.content || [];
+  const textContent = content.find(c => c.type === 'text');
+  const toolUses = content.filter(c => c.type === 'tool_use');
+
+  const message = {
+    role: 'assistant',
+    content: textContent?.text || ''
+  };
+
+  if (toolUses.length > 0) {
+    message.tool_calls = toolUses.map(t => ({
+      id: t.id,
+      type: 'function',
+      function: {
+        name: t.name,
+        arguments: JSON.stringify(t.input)
+      }
+    }));
+  }
+
+  return {
+    id: response.id,
+    object: 'chat.completion',
+    created: Math.floor(Date.now() / 1000),
+    model: responseModel,
+    choices: [{
+      index: 0,
+      message,
+      finish_reason: toolUses.length > 0 ? 'tool_calls' : 'stop'
+    }],
+    usage: {
+      prompt_tokens: response.usage?.input_tokens || 0,
+      completion_tokens: response.usage?.output_tokens || 0,
+      total_tokens: (response.usage?.input_tokens || 0) + (response.usage?.output_tokens || 0)
+    }
+  };
+}
+
+export default { handleChatCompletion, handleCountTokens };