@pixelbyte-software/pixcode 1.35.2 → 1.35.3

package/server/modules/providers/list/qwen/qwen-auth.provider.ts

@@ -1,145 +1,145 @@
-import { readFile } from 'node:fs/promises';
-import os from 'node:os';
-import path from 'node:path';
-
-import spawn from 'cross-spawn';
-
-import type { IProviderAuth } from '@/shared/interfaces.js';
-import type { ProviderAuthStatus } from '@/shared/types.js';
-import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
-// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-// @ts-ignore — plain-JS module, typed via inference
-import { getProviderCredentials } from '@/services/provider-credentials.js';
-
-type QwenCredentialsStatus = {
-  authenticated: boolean;
-  email: string | null;
-  method: string | null;
-  error?: string;
-};
-
-/**
- * Qwen Code auth checker.
- *
- * Qwen supports three credential surfaces — in priority order:
- *   1. `QWEN_API_KEY` env var (classic API key)
- *   2. `OPENAI_API_KEY` + `OPENAI_BASE_URL` env vars (OpenAI-compatible BYOK
- *      — what the docs recommend for ModelScope, OpenRouter, and self-hosted)
- *   3. Local OAuth tokens at `~/.qwen/oauth_creds.json` (Qwen OAuth /
- *      Alibaba Cloud Coding Plan cached credentials)
- *   4. `~/.qwen/settings.json` with an embedded `auth.method` + API key
- */
-export class QwenProviderAuth implements IProviderAuth {
-  private checkInstalled(): boolean {
-    const cliPath = process.env.QWEN_PATH || 'qwen';
-    try {
-      const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
-      return !result.error && result.status === 0;
-    } catch {
-      return false;
-    }
-  }
-
-  async getStatus(): Promise<ProviderAuthStatus> {
-    const installed = this.checkInstalled();
-
-    if (!installed) {
-      return {
-        installed,
-        provider: 'qwen',
-        authenticated: false,
-        email: null,
-        method: null,
-        error: 'Qwen Code CLI is not installed',
-      };
-    }
-
-    const credentials = await this.checkCredentials();
-
-    return {
-      installed,
-      provider: 'qwen',
-      authenticated: credentials.authenticated,
-      email: credentials.email,
-      method: credentials.method,
-      error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
-    };
-  }
-
-  private async checkCredentials(): Promise<QwenCredentialsStatus> {
-    // Pixcode-managed credentials come first. If the user saved an API key
-    // through our Settings > Agents > API Key form, we trust that no
-    // matter what the environment or ~/.qwen/* files say. Base URL is
-    // optional — some users point at Alibaba's default endpoint.
-    try {
-      const creds = await getProviderCredentials('qwen');
-      if (creds?.apiKey) {
-        const label = creds.baseUrl
-          ? `API Key · ${(() => { try { return new URL(creds.baseUrl).host; } catch { return creds.baseUrl; } })()}`
-          : 'API Key Auth';
-        return { authenticated: true, email: label, method: 'pixcode_store' };
-      }
-    } catch { /* fall through */ }
-
-    if (process.env.QWEN_API_KEY?.trim()) {
-      return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
-    }
-    // Loosened: base URL is optional. Qwen Code also works with the default
-    // Alibaba endpoint baked into the CLI. Previously required both env vars
-    // and silently failed when the user only pasted an API key.
-    if (process.env.OPENAI_API_KEY?.trim()) {
-      return { authenticated: true, email: 'OpenAI-Compatible Auth', method: 'api_key' };
-    }
-
-    // OAuth credentials file — written by `/auth` interactive flow.
-    try {
-      const credsPath = path.join(os.homedir(), '.qwen', 'oauth_creds.json');
-      const content = await readFile(credsPath, 'utf8');
-      const creds = readObjectRecord(JSON.parse(content)) ?? {};
-      const accessToken = readOptionalString(creds.access_token);
-      if (accessToken) {
-        const email = readOptionalString(creds.email)
-          ?? readOptionalString(creds.user_email)
-          ?? 'OAuth Session';
-        return { authenticated: true, email, method: 'credentials_file' };
-      }
-    } catch { /* fall through to settings.json */ }
-
-    // settings.json — the API-key / OpenAI-compat authoring path.
-    try {
-      const settingsPath = path.join(os.homedir(), '.qwen', 'settings.json');
-      const content = await readFile(settingsPath, 'utf8');
-      const settings = readObjectRecord(JSON.parse(content)) ?? {};
-      const auth = readObjectRecord(settings.auth) ?? {};
-      const method = readOptionalString(auth.method) ?? readOptionalString(settings.authMethod);
-      const apiKey = readOptionalString(auth.apiKey) ?? readOptionalString(settings.apiKey);
-
-      if (apiKey) {
-        return {
-          authenticated: true,
-          email: method ? `${method} (settings.json)` : 'API Key Auth',
-          method: 'settings_file',
-        };
-      }
-
-      if (method && method.toLowerCase().includes('oauth')) {
-        // Settings file says OAuth is configured but the creds file isn't
-        // readable — treat as a soft "not authenticated yet" rather than an
-        // install error, because the browser flow may be mid-flight.
-        return {
-          authenticated: false,
-          email: null,
-          method: 'credentials_file',
-          error: 'OAuth not yet complete — run `qwen` and finish `/auth`.',
-        };
-      }
-    } catch { /* no settings yet */ }
-
-    return {
-      authenticated: false,
-      email: null,
-      method: null,
-      error: 'Qwen Code is not configured',
-    };
-  }
-}
+import { readFile } from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+
+import spawn from 'cross-spawn';
+
+import type { IProviderAuth } from '@/shared/interfaces.js';
+import type { ProviderAuthStatus } from '@/shared/types.js';
+import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+// @ts-ignore — plain-JS module, typed via inference
+import { getProviderCredentials } from '@/services/provider-credentials.js';
+
+type QwenCredentialsStatus = {
+  authenticated: boolean;
+  email: string | null;
+  method: string | null;
+  error?: string;
+};
+
+/**
+ * Qwen Code auth checker.
+ *
+ * Qwen supports three credential surfaces — in priority order:
+ *   1. `QWEN_API_KEY` env var (classic API key)
+ *   2. `OPENAI_API_KEY` + `OPENAI_BASE_URL` env vars (OpenAI-compatible BYOK
+ *      — what the docs recommend for ModelScope, OpenRouter, and self-hosted)
+ *   3. Local OAuth tokens at `~/.qwen/oauth_creds.json` (Qwen OAuth /
+ *      Alibaba Cloud Coding Plan cached credentials)
+ *   4. `~/.qwen/settings.json` with an embedded `auth.method` + API key
+ */
+export class QwenProviderAuth implements IProviderAuth {
+  private checkInstalled(): boolean {
+    const cliPath = process.env.QWEN_PATH || 'qwen';
+    try {
+      const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
+      return !result.error && result.status === 0;
+    } catch {
+      return false;
+    }
+  }
+
+  async getStatus(): Promise<ProviderAuthStatus> {
+    const installed = this.checkInstalled();
+
+    if (!installed) {
+      return {
+        installed,
+        provider: 'qwen',
+        authenticated: false,
+        email: null,
+        method: null,
+        error: 'Qwen Code CLI is not installed',
+      };
+    }
+
+    const credentials = await this.checkCredentials();
+
+    return {
+      installed,
+      provider: 'qwen',
+      authenticated: credentials.authenticated,
+      email: credentials.email,
+      method: credentials.method,
+      error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
+    };
+  }
+
+  private async checkCredentials(): Promise<QwenCredentialsStatus> {
+    // Pixcode-managed credentials come first. If the user saved an API key
+    // through our Settings > Agents > API Key form, we trust that no
+    // matter what the environment or ~/.qwen/* files say. Base URL is
+    // optional — some users point at Alibaba's default endpoint.
+    try {
+      const creds = await getProviderCredentials('qwen');
+      if (creds?.apiKey) {
+        const label = creds.baseUrl
+          ? `API Key · ${(() => { try { return new URL(creds.baseUrl).host; } catch { return creds.baseUrl; } })()}`
+          : 'API Key Auth';
+        return { authenticated: true, email: label, method: 'pixcode_store' };
+      }
+    } catch { /* fall through */ }
+
+    if (process.env.QWEN_API_KEY?.trim()) {
+      return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
+    }
+    // Loosened: base URL is optional. Qwen Code also works with the default
+    // Alibaba endpoint baked into the CLI. Previously required both env vars
+    // and silently failed when the user only pasted an API key.
+    if (process.env.OPENAI_API_KEY?.trim()) {
+      return { authenticated: true, email: 'OpenAI-Compatible Auth', method: 'api_key' };
+    }
+
+    // OAuth credentials file — written by `/auth` interactive flow.
+    try {
+      const credsPath = path.join(os.homedir(), '.qwen', 'oauth_creds.json');
+      const content = await readFile(credsPath, 'utf8');
+      const creds = readObjectRecord(JSON.parse(content)) ?? {};
+      const accessToken = readOptionalString(creds.access_token);
+      if (accessToken) {
+        const email = readOptionalString(creds.email)
+          ?? readOptionalString(creds.user_email)
+          ?? 'OAuth Session';
+        return { authenticated: true, email, method: 'credentials_file' };
+      }
+    } catch { /* fall through to settings.json */ }
+
+    // settings.json — the API-key / OpenAI-compat authoring path.
+    try {
+      const settingsPath = path.join(os.homedir(), '.qwen', 'settings.json');
+      const content = await readFile(settingsPath, 'utf8');
+      const settings = readObjectRecord(JSON.parse(content)) ?? {};
+      const auth = readObjectRecord(settings.auth) ?? {};
+      const method = readOptionalString(auth.method) ?? readOptionalString(settings.authMethod);
+      const apiKey = readOptionalString(auth.apiKey) ?? readOptionalString(settings.apiKey);
+
+      if (apiKey) {
+        return {
+          authenticated: true,
+          email: method ? `${method} (settings.json)` : 'API Key Auth',
+          method: 'settings_file',
+        };
+      }
+
+      if (method && method.toLowerCase().includes('oauth')) {
+        // Settings file says OAuth is configured but the creds file isn't
+        // readable — treat as a soft "not authenticated yet" rather than an
+        // install error, because the browser flow may be mid-flight.
+        return {
+          authenticated: false,
+          email: null,
+          method: 'credentials_file',
+          error: 'OAuth not yet complete — run `qwen` and finish `/auth`.',
+        };
+      }
+    } catch { /* no settings yet */ }
+
+    return {
+      authenticated: false,
+      email: null,
+      method: null,
+      error: 'Qwen Code is not configured',
+    };
+  }
+}

package/server/modules/providers/list/qwen/qwen-mcp.provider.ts

@@ -1,114 +1,114 @@
-import os from 'node:os';
-import path from 'node:path';
-
-import { McpProvider } from '@/modules/providers/shared/mcp/mcp.provider.js';
-import type { McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
-import {
-  AppError,
-  readJsonConfig,
-  readObjectRecord,
-  readOptionalString,
-  readStringArray,
-  readStringRecord,
-  writeJsonConfig,
-} from '@/shared/utils.js';
-
-/**
- * Qwen Code MCP provider. Qwen reads MCP servers out of the same
- * `settings.json` shape Gemini uses, just under `~/.qwen/` instead of
- * `~/.gemini/`. Supported transports and scopes match Gemini.
- */
-export class QwenMcpProvider extends McpProvider {
-  constructor() {
-    super('qwen', ['user', 'project'], ['stdio', 'http', 'sse']);
-  }
-
-  protected async readScopedServers(scope: McpScope, workspacePath: string): Promise<Record<string, unknown>> {
-    const filePath = scope === 'user'
-      ? path.join(os.homedir(), '.qwen', 'settings.json')
-      : path.join(workspacePath, '.qwen', 'settings.json');
-    const config = await readJsonConfig(filePath);
-    return readObjectRecord(config.mcpServers) ?? {};
-  }
-
-  protected async writeScopedServers(
-    scope: McpScope,
-    workspacePath: string,
-    servers: Record<string, unknown>,
-  ): Promise<void> {
-    const filePath = scope === 'user'
-      ? path.join(os.homedir(), '.qwen', 'settings.json')
-      : path.join(workspacePath, '.qwen', 'settings.json');
-    const config = await readJsonConfig(filePath);
-    config.mcpServers = servers;
-    await writeJsonConfig(filePath, config);
-  }
-
-  protected buildServerConfig(input: UpsertProviderMcpServerInput): Record<string, unknown> {
-    if (input.transport === 'stdio') {
-      if (!input.command?.trim()) {
-        throw new AppError('command is required for stdio MCP servers.', {
-          code: 'MCP_COMMAND_REQUIRED',
-          statusCode: 400,
-        });
-      }
-      return {
-        command: input.command,
-        args: input.args ?? [],
-        env: input.env ?? {},
-        cwd: input.cwd,
-      };
-    }
-
-    if (!input.url?.trim()) {
-      throw new AppError('url is required for http/sse MCP servers.', {
-        code: 'MCP_URL_REQUIRED',
-        statusCode: 400,
-      });
-    }
-
-    return {
-      type: input.transport,
-      url: input.url,
-      headers: input.headers ?? {},
-    };
-  }
-
-  protected normalizeServerConfig(
-    scope: McpScope,
-    name: string,
-    rawConfig: unknown,
-  ): ProviderMcpServer | null {
-    if (!rawConfig || typeof rawConfig !== 'object') {
-      return null;
-    }
-
-    const config = rawConfig as Record<string, unknown>;
-    if (typeof config.command === 'string') {
-      return {
-        provider: 'qwen',
-        name,
-        scope,
-        transport: 'stdio',
-        command: config.command,
-        args: readStringArray(config.args),
-        env: readStringRecord(config.env),
-        cwd: readOptionalString(config.cwd),
-      };
-    }
-
-    if (typeof config.url === 'string') {
-      const transport = readOptionalString(config.type) === 'sse' ? 'sse' : 'http';
-      return {
-        provider: 'qwen',
-        name,
-        scope,
-        transport,
-        url: config.url,
-        headers: readStringRecord(config.headers),
-      };
-    }
-
-    return null;
-  }
-}
+import os from 'node:os';
+import path from 'node:path';
+
+import { McpProvider } from '@/modules/providers/shared/mcp/mcp.provider.js';
+import type { McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import {
+  AppError,
+  readJsonConfig,
+  readObjectRecord,
+  readOptionalString,
+  readStringArray,
+  readStringRecord,
+  writeJsonConfig,
+} from '@/shared/utils.js';
+
+/**
+ * Qwen Code MCP provider. Qwen reads MCP servers out of the same
+ * `settings.json` shape Gemini uses, just under `~/.qwen/` instead of
+ * `~/.gemini/`. Supported transports and scopes match Gemini.
+ */
+export class QwenMcpProvider extends McpProvider {
+  constructor() {
+    super('qwen', ['user', 'project'], ['stdio', 'http', 'sse']);
+  }
+
+  protected async readScopedServers(scope: McpScope, workspacePath: string): Promise<Record<string, unknown>> {
+    const filePath = scope === 'user'
+      ? path.join(os.homedir(), '.qwen', 'settings.json')
+      : path.join(workspacePath, '.qwen', 'settings.json');
+    const config = await readJsonConfig(filePath);
+    return readObjectRecord(config.mcpServers) ?? {};
+  }
+
+  protected async writeScopedServers(
+    scope: McpScope,
+    workspacePath: string,
+    servers: Record<string, unknown>,
+  ): Promise<void> {
+    const filePath = scope === 'user'
+      ? path.join(os.homedir(), '.qwen', 'settings.json')
+      : path.join(workspacePath, '.qwen', 'settings.json');
+    const config = await readJsonConfig(filePath);
+    config.mcpServers = servers;
+    await writeJsonConfig(filePath, config);
+  }
+
+  protected buildServerConfig(input: UpsertProviderMcpServerInput): Record<string, unknown> {
+    if (input.transport === 'stdio') {
+      if (!input.command?.trim()) {
+        throw new AppError('command is required for stdio MCP servers.', {
+          code: 'MCP_COMMAND_REQUIRED',
+          statusCode: 400,
+        });
+      }
+      return {
+        command: input.command,
+        args: input.args ?? [],
+        env: input.env ?? {},
+        cwd: input.cwd,
+      };
+    }
+
+    if (!input.url?.trim()) {
+      throw new AppError('url is required for http/sse MCP servers.', {
+        code: 'MCP_URL_REQUIRED',
+        statusCode: 400,
+      });
+    }
+
+    return {
+      type: input.transport,
+      url: input.url,
+      headers: input.headers ?? {},
+    };
+  }
+
+  protected normalizeServerConfig(
+    scope: McpScope,
+    name: string,
+    rawConfig: unknown,
+  ): ProviderMcpServer | null {
+    if (!rawConfig || typeof rawConfig !== 'object') {
+      return null;
+    }
+
+    const config = rawConfig as Record<string, unknown>;
+    if (typeof config.command === 'string') {
+      return {
+        provider: 'qwen',
+        name,
+        scope,
+        transport: 'stdio',
+        command: config.command,
+        args: readStringArray(config.args),
+        env: readStringRecord(config.env),
+        cwd: readOptionalString(config.cwd),
+      };
+    }
+
+    if (typeof config.url === 'string') {
+      const transport = readOptionalString(config.type) === 'sse' ? 'sse' : 'http';
+      return {
+        provider: 'qwen',
+        name,
+        scope,
+        transport,
+        url: config.url,
+        headers: readStringRecord(config.headers),
+      };
+    }
+
+    return null;
+  }
+}