@pixelbyte-software/pixcode 1.54.10 → 1.54.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CODE_OF_CONDUCT.md +41 -41
- package/CONTRIBUTING.md +156 -156
- package/LICENSE +21 -718
- package/README.de.md +169 -169
- package/README.ja.md +167 -167
- package/README.ko.md +167 -167
- package/README.md +435 -418
- package/README.ru.md +169 -169
- package/README.tr.md +298 -298
- package/README.zh-CN.md +167 -167
- package/SECURITY.md +46 -46
- package/dist/api-automation.html +110 -110
- package/dist/api-docs.html +548 -548
- package/dist/assets/{index-DWOW_Jn0.js → index-Bcqs_1vc.js} +114 -114
- package/dist/clear-cache.html +85 -85
- package/dist/convert-icons.md +52 -52
- package/dist/docs.html +308 -308
- package/dist/features.html +133 -133
- package/dist/generate-icons.js +48 -48
- package/dist/humans.txt +15 -15
- package/dist/icons/codex-white.svg +3 -3
- package/dist/icons/codex.svg +3 -3
- package/dist/icons/cursor-white.svg +11 -11
- package/dist/icons/qwen-logo.svg +14 -14
- package/dist/index.html +58 -58
- package/dist/landing.html +268 -268
- package/dist/llms-full.txt +119 -119
- package/dist/llms.txt +53 -53
- package/dist/manifest.json +60 -60
- package/dist/openapi.yaml +1696 -1696
- package/dist/orchestration.html +125 -125
- package/dist/robots.txt +4 -4
- package/dist/site.css +692 -692
- package/dist/sitemap.xml +51 -51
- package/dist/sw.js +132 -132
- package/dist-server/server/cli.js +100 -100
- package/dist-server/server/daemon/manager.js +33 -33
- package/dist-server/server/daemon-manager.js +64 -64
- package/dist-server/server/routes/commands.js +25 -25
- package/dist-server/server/routes/git.js +17 -17
- package/dist-server/server/routes/live-view.js +46 -46
- package/dist-server/server/services/public-api-manifest.js +51 -51
- package/package.json +224 -224
- package/scripts/fix-node-pty.js +67 -67
- package/scripts/github/create-v1.38-issues.mjs +351 -351
- package/scripts/github/create-vscode-workbench-issues.mjs +121 -121
- package/scripts/smoke/backend-resource-bounds.mjs +152 -152
- package/scripts/smoke/changes-panel-layout.mjs +48 -48
- package/scripts/smoke/chat-composer-fixed-layout.mjs +55 -55
- package/scripts/smoke/chat-message-timeline-order.mjs +41 -41
- package/scripts/smoke/chat-realtime-hydration.mjs +44 -44
- package/scripts/smoke/chat-session-provider-pools.mjs +35 -35
- package/scripts/smoke/chat-session-state.mjs +19 -19
- package/scripts/smoke/code-editor-theme.mjs +55 -55
- package/scripts/smoke/code-editor-vscode-engine.mjs +91 -91
- package/scripts/smoke/command-center-agent-writes.mjs +79 -79
- package/scripts/smoke/command-center-non-git.mjs +46 -46
- package/scripts/smoke/context-packet.mjs +43 -43
- package/scripts/smoke/control-room-ux-redesign.mjs +91 -91
- package/scripts/smoke/daemon-entrypoint.mjs +20 -20
- package/scripts/smoke/default-landing-routing.mjs +33 -33
- package/scripts/smoke/desktop-native-notifications.mjs +30 -30
- package/scripts/smoke/desktop-tray-icon.mjs +33 -33
- package/scripts/smoke/discord-release-workflow.mjs +24 -24
- package/scripts/smoke/git-install-update.mjs +255 -255
- package/scripts/smoke/handoff-artifact-protocol.mjs +50 -50
- package/scripts/smoke/live-view-diagnostics.mjs +53 -53
- package/scripts/smoke/live-view-environment.mjs +92 -92
- package/scripts/smoke/live-view-integration.mjs +450 -450
- package/scripts/smoke/mac-desktop-runtime.mjs +37 -37
- package/scripts/smoke/mobile-tunnel-guidance.mjs +29 -29
- package/scripts/smoke/mobile-ux.mjs +76 -76
- package/scripts/smoke/model-registry.mjs +36 -36
- package/scripts/smoke/multi-project-ui.mjs +45 -45
- package/scripts/smoke/multi-worker-slots.mjs +42 -42
- package/scripts/smoke/notification-center.mjs +87 -87
- package/scripts/smoke/notification-inapp-preference.mjs +23 -23
- package/scripts/smoke/notification-taxonomy.mjs +58 -58
- package/scripts/smoke/orchestration-api.mjs +172 -172
- package/scripts/smoke/orchestration-execution-dashboard.mjs +33 -33
- package/scripts/smoke/orchestration-live-run.mjs +176 -176
- package/scripts/smoke/orchestration-mobile-scroll.mjs +29 -29
- package/scripts/smoke/orchestration-model-sync.mjs +30 -30
- package/scripts/smoke/orchestration-permission-fallback.mjs +34 -34
- package/scripts/smoke/orchestration-runtime-guards.mjs +48 -48
- package/scripts/smoke/orchestration-user-facing-output.mjs +25 -25
- package/scripts/smoke/permission-policy.mjs +50 -50
- package/scripts/smoke/pixcode-workbench-1-48.mjs +167 -167
- package/scripts/smoke/provider-models-opencode-live.mjs +66 -66
- package/scripts/smoke/provider-rest-api.mjs +124 -124
- package/scripts/smoke/provider-selection-status.mjs +52 -52
- package/scripts/smoke/run-state-refresh.mjs +52 -52
- package/scripts/smoke/runtime-manager.mjs +99 -99
- package/scripts/smoke/shell-manual-disconnect.mjs +30 -30
- package/scripts/smoke/side-panel-editor-layout.mjs +34 -34
- package/scripts/smoke/static-root-routing.mjs +21 -21
- package/scripts/smoke/strict-handoff-compact.mjs +60 -60
- package/scripts/smoke/taskmaster-config.mjs +24 -24
- package/scripts/smoke/taskmaster-execution-telegram.mjs +3 -3
- package/scripts/smoke/taskmaster-onboarding.mjs +3 -3
- package/scripts/smoke/taskmaster-run-graph.mjs +3 -3
- package/scripts/smoke/telegram-control.mjs +331 -331
- package/scripts/smoke/tunnel-persistence.mjs +56 -56
- package/scripts/smoke/update-issue-progress.mjs +69 -69
- package/scripts/smoke/update-ux.mjs +55 -55
- package/scripts/smoke/v138-completion.mjs +132 -132
- package/scripts/smoke/v138-desktop-release-hardening.mjs +69 -69
- package/scripts/smoke/v138-diagnostics.mjs +63 -63
- package/scripts/smoke/v138-issue-planner.mjs +33 -33
- package/scripts/smoke/v143-remote-control.mjs +76 -76
- package/scripts/smoke/v144-production-loop.mjs +47 -47
- package/scripts/smoke/v145-platformization.mjs +46 -46
- package/scripts/smoke/v146-control-room-ui.mjs +150 -150
- package/scripts/smoke/version-modal-autoshow.mjs +29 -29
- package/scripts/smoke/vscode-workbench-layout.mjs +63 -63
- package/scripts/smoke/vscode-workbench-polish.mjs +461 -461
- package/scripts/smoke/workflow-fallback-replay.mjs +56 -56
- package/scripts/smoke/workflow-templates.mjs +43 -43
- package/scripts/smoke/workflow-trace-timeline.mjs +46 -46
- package/scripts/update-git-install.mjs +298 -298
- package/server/claude-sdk.js +927 -927
- package/server/cli.js +1106 -1106
- package/server/constants/config.js +4 -4
- package/server/cursor-cli.js +344 -344
- package/server/daemon/manager.js +563 -563
- package/server/daemon-manager.js +964 -964
- package/server/database/db.js +988 -988
- package/server/database/json-store.js +197 -197
- package/server/gemini-cli.js +550 -550
- package/server/gemini-response-handler.js +79 -79
- package/server/index.js +5671 -5671
- package/server/load-env.js +35 -35
- package/server/middleware/account-lockout.js +112 -112
- package/server/middleware/auth.js +277 -277
- package/server/middleware/rate-limiter.js +87 -87
- package/server/modules/orchestration/a2a/adapter-registry.ts +108 -108
- package/server/modules/orchestration/a2a/adapters/abstract-a2a.adapter.ts +63 -63
- package/server/modules/orchestration/a2a/adapters/claude-code.adapter.ts +286 -286
- package/server/modules/orchestration/a2a/adapters/codex.adapter.ts +244 -244
- package/server/modules/orchestration/a2a/adapters/cursor.adapter.ts +249 -249
- package/server/modules/orchestration/a2a/adapters/gemini.adapter.ts +248 -248
- package/server/modules/orchestration/a2a/adapters/json-event.adapter.test.ts +60 -60
- package/server/modules/orchestration/a2a/adapters/json-event.adapter.ts +101 -101
- package/server/modules/orchestration/a2a/adapters/opencode.adapter.ts +248 -248
- package/server/modules/orchestration/a2a/adapters/qwen.adapter.ts +248 -248
- package/server/modules/orchestration/a2a/agent-card.ts +55 -55
- package/server/modules/orchestration/a2a/auth.middleware.ts +29 -29
- package/server/modules/orchestration/a2a/bus.ts +46 -46
- package/server/modules/orchestration/a2a/routes.ts +586 -586
- package/server/modules/orchestration/a2a/task-dispatcher.ts +345 -345
- package/server/modules/orchestration/a2a/task-store.ts +178 -178
- package/server/modules/orchestration/a2a/types.ts +126 -126
- package/server/modules/orchestration/a2a/validator.ts +113 -113
- package/server/modules/orchestration/index.ts +99 -99
- package/server/modules/orchestration/preview/port-watcher.ts +112 -112
- package/server/modules/orchestration/preview/preview-proxy.ts +60 -60
- package/server/modules/orchestration/preview/types.ts +19 -19
- package/server/modules/orchestration/security/permission-policy.ts +401 -401
- package/server/modules/orchestration/tasks/orchestration-task-store.ts +41 -41
- package/server/modules/orchestration/tasks/orchestration-task.routes.ts +81 -81
- package/server/modules/orchestration/tasks/orchestration-task.service.ts +201 -201
- package/server/modules/orchestration/tasks/orchestration-task.types.ts +40 -40
- package/server/modules/orchestration/tasks/task-run-graph.ts +155 -155
- package/server/modules/orchestration/workflows/approval-queue.ts +106 -106
- package/server/modules/orchestration/workflows/built-in-workflows.ts +127 -127
- package/server/modules/orchestration/workflows/context-packet.ts +186 -186
- package/server/modules/orchestration/workflows/handoff-artifact.ts +175 -175
- package/server/modules/orchestration/workflows/workflow-fallback-policy.ts +161 -161
- package/server/modules/orchestration/workflows/workflow-replay.ts +254 -254
- package/server/modules/orchestration/workflows/workflow-runner.ts +2062 -2062
- package/server/modules/orchestration/workflows/workflow-store.ts +97 -97
- package/server/modules/orchestration/workflows/workflow-templates.ts +272 -272
- package/server/modules/orchestration/workflows/workflow-trace.ts +424 -424
- package/server/modules/orchestration/workflows/workflow.routes.ts +586 -586
- package/server/modules/orchestration/workflows/workflow.types.ts +111 -111
- package/server/modules/orchestration/workflows/workspace-target.ts +122 -122
- package/server/modules/orchestration/workspace/docker-workspace.ts +136 -136
- package/server/modules/orchestration/workspace/path-safety.ts +55 -55
- package/server/modules/orchestration/workspace/types.ts +52 -52
- package/server/modules/orchestration/workspace/workspace-manager.ts +102 -102
- package/server/modules/orchestration/workspace/worktree-workspace.ts +126 -126
- package/server/modules/providers/index.ts +2 -2
- package/server/modules/providers/list/claude/claude-auth.provider.ts +146 -146
- package/server/modules/providers/list/claude/claude-mcp.provider.ts +135 -135
- package/server/modules/providers/list/claude/claude-sessions.provider.ts +306 -306
- package/server/modules/providers/list/claude/claude.provider.ts +15 -15
- package/server/modules/providers/list/codex/codex-auth.provider.ts +117 -117
- package/server/modules/providers/list/codex/codex-mcp.provider.ts +135 -135
- package/server/modules/providers/list/codex/codex-sessions.provider.ts +319 -319
- package/server/modules/providers/list/codex/codex.provider.ts +15 -15
- package/server/modules/providers/list/cursor/cursor-auth.provider.ts +147 -147
- package/server/modules/providers/list/cursor/cursor-mcp.provider.ts +108 -108
- package/server/modules/providers/list/cursor/cursor-sessions.provider.ts +421 -421
- package/server/modules/providers/list/cursor/cursor.provider.ts +15 -15
- package/server/modules/providers/list/gemini/gemini-auth.provider.ts +173 -173
- package/server/modules/providers/list/gemini/gemini-mcp.provider.ts +110 -110
- package/server/modules/providers/list/gemini/gemini-sessions.provider.ts +227 -227
- package/server/modules/providers/list/gemini/gemini.provider.ts +15 -15
- package/server/modules/providers/list/opencode/opencode-auth.provider.ts +131 -131
- package/server/modules/providers/list/opencode/opencode-sessions.provider.ts +286 -286
- package/server/modules/providers/list/qwen/qwen-auth.provider.ts +146 -146
- package/server/modules/providers/list/qwen/qwen-sessions.provider.ts +265 -265
- package/server/modules/providers/provider.registry.ts +40 -40
- package/server/modules/providers/provider.routes.ts +982 -982
- package/server/modules/providers/services/mcp.service.ts +86 -86
- package/server/modules/providers/services/provider-auth.service.ts +26 -26
- package/server/modules/providers/services/sessions.service.ts +45 -45
- package/server/modules/providers/shared/base/abstract.provider.ts +20 -20
- package/server/modules/providers/shared/mcp/mcp.provider.ts +151 -151
- package/server/modules/providers/tests/mcp.test.ts +293 -293
- package/server/openai-codex.js +468 -468
- package/server/opencode-cli.js +491 -491
- package/server/opencode-response-handler.js +111 -111
- package/server/projects.js +3135 -3135
- package/server/qwen-code-cli.js +410 -410
- package/server/routes/agent.js +1462 -1462
- package/server/routes/auth.js +298 -298
- package/server/routes/codex.js +20 -20
- package/server/routes/commands.js +581 -581
- package/server/routes/cursor.js +61 -61
- package/server/routes/diagnostics.js +44 -44
- package/server/routes/gemini.js +25 -25
- package/server/routes/git.js +1822 -1822
- package/server/routes/live-view.js +434 -434
- package/server/routes/mcp-utils.js +13 -13
- package/server/routes/messages.js +97 -97
- package/server/routes/network.js +143 -143
- package/server/routes/platformization.js +231 -231
- package/server/routes/plugins.js +690 -690
- package/server/routes/production-agent-loop.js +90 -90
- package/server/routes/projects.js +918 -918
- package/server/routes/public-api.js +34 -34
- package/server/routes/qwen.js +27 -27
- package/server/routes/remote.js +56 -56
- package/server/routes/settings.js +321 -321
- package/server/routes/telegram.js +163 -163
- package/server/routes/user.js +125 -125
- package/server/routes/webhooks.js +63 -63
- package/server/services/control-room.js +102 -102
- package/server/services/diagnostics.js +165 -165
- package/server/services/external-access.js +403 -403
- package/server/services/install-jobs.js +715 -715
- package/server/services/live-view.js +956 -956
- package/server/services/managed-runtimes.js +493 -493
- package/server/services/model-registry.js +144 -144
- package/server/services/notification-orchestrator.js +365 -365
- package/server/services/notification-taxonomy.js +204 -204
- package/server/services/platformization.js +1052 -1052
- package/server/services/production-agent-loop.js +248 -248
- package/server/services/provider-cli-versions.js +149 -149
- package/server/services/provider-credentials.js +189 -189
- package/server/services/provider-models.js +396 -396
- package/server/services/public-api-manifest.js +181 -181
- package/server/services/qr-login.js +126 -126
- package/server/services/remote-connection.js +127 -127
- package/server/services/runtime-manager.js +323 -323
- package/server/services/startup-update.js +259 -259
- package/server/services/telegram/bot.js +393 -393
- package/server/services/telegram/control-center.js +2453 -2453
- package/server/services/telegram/telegram-gateway.js +314 -314
- package/server/services/telegram/telegram-http-client.js +201 -201
- package/server/services/telegram/translations.js +470 -470
- package/server/services/webhooks.js +216 -216
- package/server/sessionManager.js +225 -225
- package/server/setup-wizard.js +283 -283
- package/server/shared/interfaces.ts +54 -54
- package/server/shared/types.ts +172 -172
- package/server/shared/utils.ts +193 -193
- package/server/tsconfig.json +36 -36
- package/server/utils/colors.js +21 -21
- package/server/utils/commandParser.js +305 -305
- package/server/utils/frontmatter.js +18 -18
- package/server/utils/gitConfig.js +34 -34
- package/server/utils/plugin-loader.js +461 -461
- package/server/utils/plugin-process-manager.js +185 -185
- package/server/utils/port-access.js +227 -227
- package/server/utils/runtime-paths.js +37 -37
- package/server/utils/security-log.js +84 -84
- package/server/utils/url-detection.js +71 -71
- package/server/vite-daemon.js +79 -79
- package/shared/modelConstants.js +161 -161
- package/shared/networkHosts.js +22 -22
|
@@ -1,146 +1,146 @@
|
|
|
1
|
-
/* eslint-disable import-x/order */
|
|
2
|
-
import { readFile } from 'node:fs/promises';
|
|
3
|
-
import os from 'node:os';
|
|
4
|
-
import path from 'node:path';
|
|
5
|
-
|
|
6
|
-
import spawn from 'cross-spawn';
|
|
7
|
-
|
|
8
|
-
import type { IProviderAuth } from '@/shared/interfaces.js';
|
|
9
|
-
import type { ProviderAuthStatus } from '@/shared/types.js';
|
|
10
|
-
import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
|
|
11
|
-
|
|
12
|
-
// @ts-ignore — plain-JS module, typed via inference
|
|
13
|
-
import { getProviderCredentials } from '@/services/provider-credentials.js';
|
|
14
|
-
|
|
15
|
-
type QwenCredentialsStatus = {
|
|
16
|
-
authenticated: boolean;
|
|
17
|
-
email: string | null;
|
|
18
|
-
method: string | null;
|
|
19
|
-
error?: string;
|
|
20
|
-
};
|
|
21
|
-
|
|
22
|
-
/**
|
|
23
|
-
* Qwen Code auth checker.
|
|
24
|
-
*
|
|
25
|
-
* Qwen supports three credential surfaces — in priority order:
|
|
26
|
-
* 1. `QWEN_API_KEY` env var (classic API key)
|
|
27
|
-
* 2. `OPENAI_API_KEY` + `OPENAI_BASE_URL` env vars (OpenAI-compatible BYOK
|
|
28
|
-
* — what the docs recommend for ModelScope, OpenRouter, and self-hosted)
|
|
29
|
-
* 3. Local OAuth tokens at `~/.qwen/oauth_creds.json` (Qwen OAuth /
|
|
30
|
-
* Alibaba Cloud Coding Plan cached credentials)
|
|
31
|
-
* 4. `~/.qwen/settings.json` with an embedded `auth.method` + API key
|
|
32
|
-
*/
|
|
33
|
-
export class QwenProviderAuth implements IProviderAuth {
|
|
34
|
-
private checkInstalled(): boolean {
|
|
35
|
-
const cliPath = process.env.QWEN_CLI_PATH || process.env.QWEN_PATH || 'qwen';
|
|
36
|
-
try {
|
|
37
|
-
const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
|
|
38
|
-
return !result.error && result.status === 0;
|
|
39
|
-
} catch {
|
|
40
|
-
return false;
|
|
41
|
-
}
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
async getStatus(): Promise<ProviderAuthStatus> {
|
|
45
|
-
const installed = this.checkInstalled();
|
|
46
|
-
|
|
47
|
-
if (!installed) {
|
|
48
|
-
return {
|
|
49
|
-
installed,
|
|
50
|
-
provider: 'qwen',
|
|
51
|
-
authenticated: false,
|
|
52
|
-
email: null,
|
|
53
|
-
method: null,
|
|
54
|
-
error: 'Qwen Code CLI is not installed',
|
|
55
|
-
};
|
|
56
|
-
}
|
|
57
|
-
|
|
58
|
-
const credentials = await this.checkCredentials();
|
|
59
|
-
|
|
60
|
-
return {
|
|
61
|
-
installed,
|
|
62
|
-
provider: 'qwen',
|
|
63
|
-
authenticated: credentials.authenticated,
|
|
64
|
-
email: credentials.email,
|
|
65
|
-
method: credentials.method,
|
|
66
|
-
error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
|
|
67
|
-
};
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
private async checkCredentials(): Promise<QwenCredentialsStatus> {
|
|
71
|
-
// Pixcode-managed credentials come first. If the user saved an API key
|
|
72
|
-
// through our Settings > Agents > API Key form, we trust that no
|
|
73
|
-
// matter what the environment or ~/.qwen/* files say. Base URL is
|
|
74
|
-
// optional — some users point at Alibaba's default endpoint.
|
|
75
|
-
try {
|
|
76
|
-
const creds = await getProviderCredentials('qwen');
|
|
77
|
-
if (creds?.apiKey) {
|
|
78
|
-
const label = creds.baseUrl
|
|
79
|
-
? `API Key · ${(() => { try { return new URL(creds.baseUrl).host; } catch { return creds.baseUrl; } })()}`
|
|
80
|
-
: 'API Key Auth';
|
|
81
|
-
return { authenticated: true, email: label, method: 'pixcode_store' };
|
|
82
|
-
}
|
|
83
|
-
} catch { /* fall through */ }
|
|
84
|
-
|
|
85
|
-
if (process.env.QWEN_API_KEY?.trim()) {
|
|
86
|
-
return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
|
|
87
|
-
}
|
|
88
|
-
// Loosened: base URL is optional. Qwen Code also works with the default
|
|
89
|
-
// Alibaba endpoint baked into the CLI. Previously required both env vars
|
|
90
|
-
// and silently failed when the user only pasted an API key.
|
|
91
|
-
if (process.env.OPENAI_API_KEY?.trim()) {
|
|
92
|
-
return { authenticated: true, email: 'OpenAI-Compatible Auth', method: 'api_key' };
|
|
93
|
-
}
|
|
94
|
-
|
|
95
|
-
// OAuth credentials file — written by `/auth` interactive flow.
|
|
96
|
-
try {
|
|
97
|
-
const credsPath = path.join(os.homedir(), '.qwen', 'oauth_creds.json');
|
|
98
|
-
const content = await readFile(credsPath, 'utf8');
|
|
99
|
-
const creds = readObjectRecord(JSON.parse(content)) ?? {};
|
|
100
|
-
const accessToken = readOptionalString(creds.access_token);
|
|
101
|
-
if (accessToken) {
|
|
102
|
-
const email = readOptionalString(creds.email)
|
|
103
|
-
?? readOptionalString(creds.user_email)
|
|
104
|
-
?? 'OAuth Session';
|
|
105
|
-
return { authenticated: true, email, method: 'credentials_file' };
|
|
106
|
-
}
|
|
107
|
-
} catch { /* fall through to settings.json */ }
|
|
108
|
-
|
|
109
|
-
// settings.json — the API-key / OpenAI-compat authoring path.
|
|
110
|
-
try {
|
|
111
|
-
const settingsPath = path.join(os.homedir(), '.qwen', 'settings.json');
|
|
112
|
-
const content = await readFile(settingsPath, 'utf8');
|
|
113
|
-
const settings = readObjectRecord(JSON.parse(content)) ?? {};
|
|
114
|
-
const auth = readObjectRecord(settings.auth) ?? {};
|
|
115
|
-
const method = readOptionalString(auth.method) ?? readOptionalString(settings.authMethod);
|
|
116
|
-
const apiKey = readOptionalString(auth.apiKey) ?? readOptionalString(settings.apiKey);
|
|
117
|
-
|
|
118
|
-
if (apiKey) {
|
|
119
|
-
return {
|
|
120
|
-
authenticated: true,
|
|
121
|
-
email: method ? `${method} (settings.json)` : 'API Key Auth',
|
|
122
|
-
method: 'settings_file',
|
|
123
|
-
};
|
|
124
|
-
}
|
|
125
|
-
|
|
126
|
-
if (method && method.toLowerCase().includes('oauth')) {
|
|
127
|
-
// Settings file says OAuth is configured but the creds file isn't
|
|
128
|
-
// readable — treat as a soft "not authenticated yet" rather than an
|
|
129
|
-
// install error, because the browser flow may be mid-flight.
|
|
130
|
-
return {
|
|
131
|
-
authenticated: false,
|
|
132
|
-
email: null,
|
|
133
|
-
method: 'credentials_file',
|
|
134
|
-
error: 'OAuth not yet complete — run `qwen` and finish `/auth`.',
|
|
135
|
-
};
|
|
136
|
-
}
|
|
137
|
-
} catch { /* no settings yet */ }
|
|
138
|
-
|
|
139
|
-
return {
|
|
140
|
-
authenticated: false,
|
|
141
|
-
email: null,
|
|
142
|
-
method: null,
|
|
143
|
-
error: 'Qwen Code is not configured',
|
|
144
|
-
};
|
|
145
|
-
}
|
|
146
|
-
}
|
|
1
|
+
/* eslint-disable import-x/order */
|
|
2
|
+
import { readFile } from 'node:fs/promises';
|
|
3
|
+
import os from 'node:os';
|
|
4
|
+
import path from 'node:path';
|
|
5
|
+
|
|
6
|
+
import spawn from 'cross-spawn';
|
|
7
|
+
|
|
8
|
+
import type { IProviderAuth } from '@/shared/interfaces.js';
|
|
9
|
+
import type { ProviderAuthStatus } from '@/shared/types.js';
|
|
10
|
+
import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
|
|
11
|
+
|
|
12
|
+
// @ts-ignore — plain-JS module, typed via inference
|
|
13
|
+
import { getProviderCredentials } from '@/services/provider-credentials.js';
|
|
14
|
+
|
|
15
|
+
type QwenCredentialsStatus = {
|
|
16
|
+
authenticated: boolean;
|
|
17
|
+
email: string | null;
|
|
18
|
+
method: string | null;
|
|
19
|
+
error?: string;
|
|
20
|
+
};
|
|
21
|
+
|
|
22
|
+
/**
|
|
23
|
+
* Qwen Code auth checker.
|
|
24
|
+
*
|
|
25
|
+
* Qwen supports three credential surfaces — in priority order:
|
|
26
|
+
* 1. `QWEN_API_KEY` env var (classic API key)
|
|
27
|
+
* 2. `OPENAI_API_KEY` + `OPENAI_BASE_URL` env vars (OpenAI-compatible BYOK
|
|
28
|
+
* — what the docs recommend for ModelScope, OpenRouter, and self-hosted)
|
|
29
|
+
* 3. Local OAuth tokens at `~/.qwen/oauth_creds.json` (Qwen OAuth /
|
|
30
|
+
* Alibaba Cloud Coding Plan cached credentials)
|
|
31
|
+
* 4. `~/.qwen/settings.json` with an embedded `auth.method` + API key
|
|
32
|
+
*/
|
|
33
|
+
export class QwenProviderAuth implements IProviderAuth {
|
|
34
|
+
private checkInstalled(): boolean {
|
|
35
|
+
const cliPath = process.env.QWEN_CLI_PATH || process.env.QWEN_PATH || 'qwen';
|
|
36
|
+
try {
|
|
37
|
+
const result = spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
|
|
38
|
+
return !result.error && result.status === 0;
|
|
39
|
+
} catch {
|
|
40
|
+
return false;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
async getStatus(): Promise<ProviderAuthStatus> {
|
|
45
|
+
const installed = this.checkInstalled();
|
|
46
|
+
|
|
47
|
+
if (!installed) {
|
|
48
|
+
return {
|
|
49
|
+
installed,
|
|
50
|
+
provider: 'qwen',
|
|
51
|
+
authenticated: false,
|
|
52
|
+
email: null,
|
|
53
|
+
method: null,
|
|
54
|
+
error: 'Qwen Code CLI is not installed',
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
const credentials = await this.checkCredentials();
|
|
59
|
+
|
|
60
|
+
return {
|
|
61
|
+
installed,
|
|
62
|
+
provider: 'qwen',
|
|
63
|
+
authenticated: credentials.authenticated,
|
|
64
|
+
email: credentials.email,
|
|
65
|
+
method: credentials.method,
|
|
66
|
+
error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
|
|
67
|
+
};
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
private async checkCredentials(): Promise<QwenCredentialsStatus> {
|
|
71
|
+
// Pixcode-managed credentials come first. If the user saved an API key
|
|
72
|
+
// through our Settings > Agents > API Key form, we trust that no
|
|
73
|
+
// matter what the environment or ~/.qwen/* files say. Base URL is
|
|
74
|
+
// optional — some users point at Alibaba's default endpoint.
|
|
75
|
+
try {
|
|
76
|
+
const creds = await getProviderCredentials('qwen');
|
|
77
|
+
if (creds?.apiKey) {
|
|
78
|
+
const label = creds.baseUrl
|
|
79
|
+
? `API Key · ${(() => { try { return new URL(creds.baseUrl).host; } catch { return creds.baseUrl; } })()}`
|
|
80
|
+
: 'API Key Auth';
|
|
81
|
+
return { authenticated: true, email: label, method: 'pixcode_store' };
|
|
82
|
+
}
|
|
83
|
+
} catch { /* fall through */ }
|
|
84
|
+
|
|
85
|
+
if (process.env.QWEN_API_KEY?.trim()) {
|
|
86
|
+
return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
|
|
87
|
+
}
|
|
88
|
+
// Loosened: base URL is optional. Qwen Code also works with the default
|
|
89
|
+
// Alibaba endpoint baked into the CLI. Previously required both env vars
|
|
90
|
+
// and silently failed when the user only pasted an API key.
|
|
91
|
+
if (process.env.OPENAI_API_KEY?.trim()) {
|
|
92
|
+
return { authenticated: true, email: 'OpenAI-Compatible Auth', method: 'api_key' };
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
// OAuth credentials file — written by `/auth` interactive flow.
|
|
96
|
+
try {
|
|
97
|
+
const credsPath = path.join(os.homedir(), '.qwen', 'oauth_creds.json');
|
|
98
|
+
const content = await readFile(credsPath, 'utf8');
|
|
99
|
+
const creds = readObjectRecord(JSON.parse(content)) ?? {};
|
|
100
|
+
const accessToken = readOptionalString(creds.access_token);
|
|
101
|
+
if (accessToken) {
|
|
102
|
+
const email = readOptionalString(creds.email)
|
|
103
|
+
?? readOptionalString(creds.user_email)
|
|
104
|
+
?? 'OAuth Session';
|
|
105
|
+
return { authenticated: true, email, method: 'credentials_file' };
|
|
106
|
+
}
|
|
107
|
+
} catch { /* fall through to settings.json */ }
|
|
108
|
+
|
|
109
|
+
// settings.json — the API-key / OpenAI-compat authoring path.
|
|
110
|
+
try {
|
|
111
|
+
const settingsPath = path.join(os.homedir(), '.qwen', 'settings.json');
|
|
112
|
+
const content = await readFile(settingsPath, 'utf8');
|
|
113
|
+
const settings = readObjectRecord(JSON.parse(content)) ?? {};
|
|
114
|
+
const auth = readObjectRecord(settings.auth) ?? {};
|
|
115
|
+
const method = readOptionalString(auth.method) ?? readOptionalString(settings.authMethod);
|
|
116
|
+
const apiKey = readOptionalString(auth.apiKey) ?? readOptionalString(settings.apiKey);
|
|
117
|
+
|
|
118
|
+
if (apiKey) {
|
|
119
|
+
return {
|
|
120
|
+
authenticated: true,
|
|
121
|
+
email: method ? `${method} (settings.json)` : 'API Key Auth',
|
|
122
|
+
method: 'settings_file',
|
|
123
|
+
};
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
if (method && method.toLowerCase().includes('oauth')) {
|
|
127
|
+
// Settings file says OAuth is configured but the creds file isn't
|
|
128
|
+
// readable — treat as a soft "not authenticated yet" rather than an
|
|
129
|
+
// install error, because the browser flow may be mid-flight.
|
|
130
|
+
return {
|
|
131
|
+
authenticated: false,
|
|
132
|
+
email: null,
|
|
133
|
+
method: 'credentials_file',
|
|
134
|
+
error: 'OAuth not yet complete — run `qwen` and finish `/auth`.',
|
|
135
|
+
};
|
|
136
|
+
}
|
|
137
|
+
} catch { /* no settings yet */ }
|
|
138
|
+
|
|
139
|
+
return {
|
|
140
|
+
authenticated: false,
|
|
141
|
+
email: null,
|
|
142
|
+
method: null,
|
|
143
|
+
error: 'Qwen Code is not configured',
|
|
144
|
+
};
|
|
145
|
+
}
|
|
146
|
+
}
|