@playwo/opencode-cursor-oauth 0.0.0-dev.a9d6c62f0dd9 → 0.0.0-dev.be56e19110ad

package/README.md

@@ -1,103 +1,31 @@
-# @playwo/opencode-cursor-oauth
+# opencode-cursor-oauth
 
-OpenCode plugin that connects to Cursor's API, giving you access to Cursor
-models inside OpenCode with full tool-calling support.
+Use Cursor models (Claude, GPT, Gemini, etc.) inside [OpenCode](https://opencode.ai).
 
-## Install in OpenCode
+## What it does
 
-Add this to `~/.config/opencode/opencode.json`:
+- **OAuth login** to Cursor via browser
+- **Model discovery** — automatically fetches your available Cursor models
+- **Local proxy** — runs an OpenAI-compatible endpoint that translates to Cursor's gRPC protocol
+- **Auto-refresh** — handles token expiration automatically
 
-```jsonc
-{
-  "$schema": "https://opencode.ai/config.json",
-  "plugin": [
-    "@playwo/opencode-cursor-oauth"
-  ],
-  "provider": {
-    "cursor": {
-      "name": "Cursor"
-    }
-  }
-}
-```
-
-The `cursor` provider stub is required because OpenCode drops providers that do
-not already exist in its bundled provider catalog.
-
-OpenCode installs npm plugins automatically at startup, so users do not need to
-clone this repository.
-
-## Authenticate
-
-```sh
-opencode auth login --provider cursor
-```
-
-This opens Cursor OAuth in the browser. Tokens are stored in
-`~/.local/share/opencode/auth.json` and refreshed automatically.
-
-## Use
-
-Start OpenCode and select any Cursor model. The plugin starts a local
-OpenAI-compatible proxy on demand and routes requests through Cursor's gRPC API.
-
-## How it works
-
-1. OAuth — browser-based login to Cursor via PKCE.
-2. Model discovery — queries Cursor's gRPC API for all available models and fails plugin loading visibly if discovery does not succeed.
-3. Local proxy — translates `POST /v1/chat/completions` into Cursor's
-   protobuf/Connect protocol.
-4. Native tool routing — rejects Cursor's built-in filesystem/shell tools and
-   exposes OpenCode's tool surface via Cursor MCP instead.
-
-Cursor agent streaming uses Cursor's `RunSSE` + `BidiAppend` transport, so the
-plugin runs entirely inside OpenCode without a Node sidecar.
+## Install
 
-## Architecture
+Add to your `opencode.json`:
 
+```json
+{
+  "plugin": ["@playwo/opencode-cursor-oauth"]
+}
 ```
-OpenCode  -->  /v1/chat/completions  -->  Bun.serve (proxy)
-                                              |
-                              RunSSE stream + BidiAppend writes
-                                              |
-                                Cursor Connect/SSE transport
-                                              |
-                                     api2.cursor.sh gRPC
-```
-
-### Tool call flow
-
-```
-1. Cursor model receives OpenAI tools via RequestContext (as MCP tool defs)
-2. Model tries native tools (readArgs, shellArgs, etc.)
-3. Proxy rejects each with typed error (ReadRejected, ShellRejected, etc.)
-4. Model falls back to MCP tool -> mcpArgs exec message
-5. Proxy emits OpenAI tool_calls SSE chunk, pauses the Cursor stream
-6. OpenCode executes tool, sends result in follow-up request
-7. Proxy resumes the Cursor stream with mcpResult and continues streaming
-```
-
-## Develop locally
-
-```sh
-bun install
-bun run build
-bun test/smoke.ts
-```
-
-## Publish
 
-GitHub Actions publishes this package with `.github/workflows/publish-npm.yml`.
+Then authenticate via the OpenCode UI (Settings → Providers → Cursor → Login).
 
-- branch pushes publish a `dev` build as `0.0.0-dev.<sha>`
-- versioned releases publish `latest` using the `package.json` version and upload the packed `.tgz` to the GitHub release
-
-Repository secrets required:
+## Requirements
 
-- `NPM_TOKEN` for npm publish access
+- Cursor account with API access
+- OpenCode 1.2+
 
-## Requirements
+## License
 
-- [OpenCode](https://opencode.ai)
-- [Bun](https://bun.sh)
-- Active [Cursor](https://cursor.com) subscription
+MIT

package/dist/auth.js

@@ -1,4 +1,5 @@
 import { generatePKCE } from "./pkce";
+import { errorDetails, logPluginError, logPluginWarn } from "./logger";
 const CURSOR_LOGIN_URL = "https://cursor.com/loginDeepControl";
 const CURSOR_POLL_URL = "https://api2.cursor.sh/auth/poll";
 const CURSOR_REFRESH_URL = process.env.CURSOR_REFRESH_URL ??
@@ -40,13 +41,32 @@ export async function pollCursorAuth(uuid, verifier) {
             }
             throw new Error(`Poll failed: ${response.status}`);
         }
-        catch {
+        catch (error) {
             consecutiveErrors++;
             if (consecutiveErrors >= 3) {
+                logPluginError("Cursor auth polling failed repeatedly", {
+                    stage: "oauth_poll",
+                    uuid,
+                    attempts: attempt + 1,
+                    consecutiveErrors,
+                    ...errorDetails(error),
+                });
                 throw new Error("Too many consecutive errors during Cursor auth polling");
             }
+            logPluginWarn("Cursor auth polling attempt failed", {
+                stage: "oauth_poll",
+                uuid,
+                attempt: attempt + 1,
+                consecutiveErrors,
+                ...errorDetails(error),
+            });
         }
     }
+    logPluginError("Cursor authentication polling timed out", {
+        stage: "oauth_poll",
+        uuid,
+        attempts: POLL_MAX_ATTEMPTS,
+    });
     throw new Error("Cursor authentication polling timeout");
 }
 export async function refreshCursorToken(refreshToken) {
@@ -60,6 +80,11 @@ export async function refreshCursorToken(refreshToken) {
     });
     if (!response.ok) {
         const error = await response.text();
+        logPluginError("Cursor token refresh failed", {
+            stage: "token_refresh",
+            status: response.status,
+            responseBody: error,
+        });
         throw new Error(`Cursor token refresh failed: ${error}`);
     }
     const data = (await response.json());
@@ -86,7 +111,6 @@ export function getTokenExpiry(token) {
             return decoded.exp * 1000 - 5 * 60 * 1000;
         }
     }
-    catch {
-    }
+    catch { }
     return Date.now() + 3600 * 1000;
 }

package/dist/constants.d.ts

@@ -0,0 +1,2 @@
+export declare const CURSOR_PROVIDER_ID: "cursor";
+export declare const OPENCODE_TITLE_REQUEST_MARKER = "Generate a title for this conversation:";

package/dist/constants.js

@@ -0,0 +1,2 @@
+export const CURSOR_PROVIDER_ID = "cursor";
+export const OPENCODE_TITLE_REQUEST_MARKER = "Generate a title for this conversation:";

package/dist/cursor/bidi-session.d.ts

@@ -0,0 +1,13 @@
+import { type CursorBaseRequestOptions } from "./headers";
+export declare function encodeBidiAppendRequest(dataHex: string, requestId: string, appendSeqno: number): Uint8Array;
+export interface CursorSession {
+    write: (data: Uint8Array) => void;
+    end: () => void;
+    onData: (cb: (chunk: Buffer) => void) => void;
+    onClose: (cb: (code: number) => void) => void;
+    readonly alive: boolean;
+}
+export interface CreateCursorSessionOptions extends CursorBaseRequestOptions {
+    requestId: string;
+}
+export declare function createCursorSession(options: CreateCursorSessionOptions): Promise<CursorSession>;

package/dist/cursor/bidi-session.js

@@ -0,0 +1,149 @@
+import { create, toBinary } from "@bufbuild/protobuf";
+import { BidiRequestIdSchema } from "../proto/agent_pb";
+import { CURSOR_API_URL } from "./config";
+import { concatBytes, encodeProtoMessageField, encodeProtoStringField, encodeProtoVarintField, frameConnectMessage, toFetchBody, } from "./connect-framing";
+import { buildCursorHeaders } from "./headers";
+import { errorDetails, logPluginError, logPluginWarn } from "../logger";
+export function encodeBidiAppendRequest(dataHex, requestId, appendSeqno) {
+    const requestIdBytes = toBinary(BidiRequestIdSchema, create(BidiRequestIdSchema, { requestId }));
+    return concatBytes([
+        encodeProtoStringField(1, dataHex),
+        encodeProtoMessageField(2, requestIdBytes),
+        encodeProtoVarintField(3, appendSeqno),
+    ]);
+}
+export async function createCursorSession(options) {
+    const response = await fetch(new URL("/agent.v1.AgentService/RunSSE", options.url ?? CURSOR_API_URL), {
+        method: "POST",
+        headers: buildCursorHeaders(options, "application/connect+proto", {
+            accept: "text/event-stream",
+            "connect-protocol-version": "1",
+        }),
+        body: toFetchBody(frameConnectMessage(toBinary(BidiRequestIdSchema, create(BidiRequestIdSchema, { requestId: options.requestId })))),
+    });
+    if (!response.ok || !response.body) {
+        const errorBody = await response.text().catch(() => "");
+        logPluginError("Cursor RunSSE request failed", {
+            requestId: options.requestId,
+            status: response.status,
+            responseBody: errorBody,
+        });
+        throw new Error(`RunSSE failed: ${response.status}${errorBody ? ` ${errorBody}` : ""}`);
+    }
+    const cbs = {
+        data: null,
+        close: null,
+    };
+    const abortController = new AbortController();
+    const reader = response.body.getReader();
+    let appendSeqno = 0;
+    let alive = true;
+    let closeCode = 0;
+    let writeChain = Promise.resolve();
+    const pendingChunks = [];
+    const finish = (code) => {
+        if (!alive)
+            return;
+        alive = false;
+        closeCode = code;
+        cbs.close?.(code);
+    };
+    const append = async (data) => {
+        const requestBody = encodeBidiAppendRequest(Buffer.from(data).toString("hex"), options.requestId, appendSeqno++);
+        const appendResponse = await fetch(new URL("/aiserver.v1.BidiService/BidiAppend", options.url ?? CURSOR_API_URL), {
+            method: "POST",
+            headers: buildCursorHeaders(options, "application/proto"),
+            body: toFetchBody(requestBody),
+            signal: abortController.signal,
+        });
+        if (!appendResponse.ok) {
+            const errorBody = await appendResponse.text().catch(() => "");
+            logPluginError("Cursor BidiAppend request failed", {
+                requestId: options.requestId,
+                appendSeqno: appendSeqno - 1,
+                status: appendResponse.status,
+                responseBody: errorBody,
+            });
+            throw new Error(`BidiAppend failed: ${appendResponse.status}${errorBody ? ` ${errorBody}` : ""}`);
+        }
+        await appendResponse.arrayBuffer().catch(() => undefined);
+    };
+    (async () => {
+        try {
+            while (true) {
+                const { done, value } = await reader.read();
+                if (done) {
+                    finish(0);
+                    break;
+                }
+                if (value && value.length > 0) {
+                    const chunk = Buffer.from(value);
+                    if (cbs.data) {
+                        cbs.data(chunk);
+                    }
+                    else {
+                        pendingChunks.push(chunk);
+                    }
+                }
+            }
+        }
+        catch (error) {
+            logPluginWarn("Cursor stream reader closed with error", {
+                requestId: options.requestId,
+                ...errorDetails(error),
+            });
+            finish(alive ? 1 : closeCode);
+        }
+    })();
+    return {
+        get alive() {
+            return alive;
+        },
+        write(data) {
+            if (!alive)
+                return;
+            writeChain = writeChain
+                .then(() => append(data))
+                .catch((error) => {
+                logPluginError("Cursor stream append failed", {
+                    requestId: options.requestId,
+                    ...errorDetails(error),
+                });
+                try {
+                    abortController.abort();
+                }
+                catch { }
+                try {
+                    reader.cancel();
+                }
+                catch { }
+                finish(1);
+            });
+        },
+        end() {
+            try {
+                abortController.abort();
+            }
+            catch { }
+            try {
+                reader.cancel();
+            }
+            catch { }
+            finish(0);
+        },
+        onData(cb) {
+            cbs.data = cb;
+            while (pendingChunks.length > 0) {
+                cb(pendingChunks.shift());
+            }
+        },
+        onClose(cb) {
+            if (!alive) {
+                queueMicrotask(() => cb(closeCode));
+            }
+            else {
+                cbs.close = cb;
+            }
+        },
+    };
+}

package/dist/cursor/config.d.ts

@@ -0,0 +1,4 @@
+export declare const CURSOR_API_URL: string;
+export declare const CURSOR_CLIENT_VERSION = "cli-2026.01.09-231024f";
+export declare const CURSOR_CONNECT_PROTOCOL_VERSION = "1";
+export declare const CONNECT_END_STREAM_FLAG = 2;

package/dist/cursor/config.js

@@ -0,0 +1,4 @@
+export const CURSOR_API_URL = process.env.CURSOR_API_URL ?? "https://api2.cursor.sh";
+export const CURSOR_CLIENT_VERSION = "cli-2026.01.09-231024f";
+export const CURSOR_CONNECT_PROTOCOL_VERSION = "1";
+export const CONNECT_END_STREAM_FLAG = 0b00000010;

package/dist/cursor/connect-framing.d.ts

@@ -0,0 +1,10 @@
+/** Connect protocol frame: [1-byte flags][4-byte BE length][payload] */
+export declare function frameConnectMessage(data: Uint8Array, flags?: number): Buffer;
+export declare function decodeConnectUnaryBody(payload: Uint8Array): Uint8Array | null;
+export declare function encodeVarint(value: number): Uint8Array;
+export declare function encodeProtoField(tag: number, wireType: number, value: Uint8Array): Uint8Array;
+export declare function encodeProtoStringField(tag: number, value: string): Uint8Array;
+export declare function encodeProtoMessageField(tag: number, value: Uint8Array): Uint8Array;
+export declare function encodeProtoVarintField(tag: number, value: number): Uint8Array;
+export declare function concatBytes(parts: Uint8Array[]): Uint8Array;
+export declare function toFetchBody(data: Uint8Array): ArrayBuffer;

package/dist/cursor/connect-framing.js

@@ -0,0 +1,80 @@
+import { CONNECT_END_STREAM_FLAG } from "./config";
+/** Connect protocol frame: [1-byte flags][4-byte BE length][payload] */
+export function frameConnectMessage(data, flags = 0) {
+    const frame = Buffer.alloc(5 + data.length);
+    frame[0] = flags;
+    frame.writeUInt32BE(data.length, 1);
+    frame.set(data, 5);
+    return frame;
+}
+export function decodeConnectUnaryBody(payload) {
+    if (payload.length < 5)
+        return null;
+    let offset = 0;
+    while (offset + 5 <= payload.length) {
+        const flags = payload[offset];
+        const view = new DataView(payload.buffer, payload.byteOffset + offset, payload.byteLength - offset);
+        const messageLength = view.getUint32(1, false);
+        const frameEnd = offset + 5 + messageLength;
+        if (frameEnd > payload.length)
+            return null;
+        if ((flags & 0b0000_0001) !== 0)
+            return null;
+        if ((flags & CONNECT_END_STREAM_FLAG) === 0) {
+            return payload.subarray(offset + 5, frameEnd);
+        }
+        offset = frameEnd;
+    }
+    return null;
+}
+export function encodeVarint(value) {
+    if (!Number.isSafeInteger(value) || value < 0) {
+        throw new Error(`Unsupported varint value: ${value}`);
+    }
+    const bytes = [];
+    let current = value;
+    while (current >= 0x80) {
+        bytes.push((current & 0x7f) | 0x80);
+        current = Math.floor(current / 128);
+    }
+    bytes.push(current);
+    return Uint8Array.from(bytes);
+}
+export function encodeProtoField(tag, wireType, value) {
+    const key = encodeVarint((tag << 3) | wireType);
+    const out = new Uint8Array(key.length + value.length);
+    out.set(key, 0);
+    out.set(value, key.length);
+    return out;
+}
+export function encodeProtoStringField(tag, value) {
+    const bytes = new TextEncoder().encode(value);
+    const len = encodeVarint(bytes.length);
+    const payload = new Uint8Array(len.length + bytes.length);
+    payload.set(len, 0);
+    payload.set(bytes, len.length);
+    return encodeProtoField(tag, 2, payload);
+}
+export function encodeProtoMessageField(tag, value) {
+    const len = encodeVarint(value.length);
+    const payload = new Uint8Array(len.length + value.length);
+    payload.set(len, 0);
+    payload.set(value, len.length);
+    return encodeProtoField(tag, 2, payload);
+}
+export function encodeProtoVarintField(tag, value) {
+    return encodeProtoField(tag, 0, encodeVarint(value));
+}
+export function concatBytes(parts) {
+    const total = parts.reduce((sum, part) => sum + part.length, 0);
+    const out = new Uint8Array(total);
+    let offset = 0;
+    for (const part of parts) {
+        out.set(part, offset);
+        offset += part.length;
+    }
+    return out;
+}
+export function toFetchBody(data) {
+    return data.buffer.slice(data.byteOffset, data.byteOffset + data.byteLength);
+}

package/dist/cursor/headers.d.ts

@@ -0,0 +1,6 @@
+export interface CursorBaseRequestOptions {
+    accessToken: string;
+    url?: string;
+}
+export declare function buildCursorHeaders(options: CursorBaseRequestOptions, contentType: string, extra?: Record<string, string>): Headers;
+export declare function buildCursorHeaderValues(options: CursorBaseRequestOptions, contentType: string, extra?: Record<string, string>): Record<string, string>;

package/dist/cursor/headers.js

@@ -0,0 +1,16 @@
+import { CURSOR_CLIENT_VERSION } from "./config";
+export function buildCursorHeaders(options, contentType, extra = {}) {
+    const headers = new Headers(buildCursorHeaderValues(options, contentType, extra));
+    return headers;
+}
+export function buildCursorHeaderValues(options, contentType, extra = {}) {
+    return {
+        authorization: `Bearer ${options.accessToken}`,
+        "content-type": contentType,
+        "x-ghost-mode": "true",
+        "x-cursor-client-version": CURSOR_CLIENT_VERSION,
+        "x-cursor-client-type": "cli",
+        "x-request-id": crypto.randomUUID(),
+        ...extra,
+    };
+}

package/dist/cursor/index.d.ts

@@ -0,0 +1,5 @@
+export { CURSOR_API_URL, CURSOR_CLIENT_VERSION, CURSOR_CONNECT_PROTOCOL_VERSION, CONNECT_END_STREAM_FLAG, } from "./config";
+export { concatBytes, decodeConnectUnaryBody, encodeProtoMessageField, encodeProtoStringField, encodeProtoVarintField, encodeVarint, frameConnectMessage, toFetchBody, } from "./connect-framing";
+export { buildCursorHeaders, buildCursorHeaderValues, type CursorBaseRequestOptions, } from "./headers";
+export { createCursorSession, encodeBidiAppendRequest, type CreateCursorSessionOptions, type CursorSession, } from "./bidi-session";
+export { callCursorUnaryRpc, type CursorUnaryRpcOptions } from "./unary-rpc";

package/dist/cursor/index.js

@@ -0,0 +1,5 @@
+export { CURSOR_API_URL, CURSOR_CLIENT_VERSION, CURSOR_CONNECT_PROTOCOL_VERSION, CONNECT_END_STREAM_FLAG, } from "./config";
+export { concatBytes, decodeConnectUnaryBody, encodeProtoMessageField, encodeProtoStringField, encodeProtoVarintField, encodeVarint, frameConnectMessage, toFetchBody, } from "./connect-framing";
+export { buildCursorHeaders, buildCursorHeaderValues, } from "./headers";
+export { createCursorSession, encodeBidiAppendRequest, } from "./bidi-session";
+export { callCursorUnaryRpc } from "./unary-rpc";

package/dist/cursor/unary-rpc.d.ts

@@ -0,0 +1,13 @@
+export interface CursorUnaryRpcOptions {
+    accessToken: string;
+    rpcPath: string;
+    requestBody: Uint8Array;
+    url?: string;
+    timeoutMs?: number;
+    transport?: "auto" | "fetch" | "http2";
+}
+export declare function callCursorUnaryRpc(options: CursorUnaryRpcOptions): Promise<{
+    body: Uint8Array;
+    exitCode: number;
+    timedOut: boolean;
+}>;