@prometheus-ai/ai 0.5.4 → 0.5.8

package/src/{utils → registry}/oauth/minimax-code.ts

@@ -1,8 +1,8 @@
 /**
- * MiniMax Coding Plan login flow.
+ * MiniMax Token Plan login flow.
  *
- * MiniMax Coding Plan is a subscription service that provides access to
- * MiniMax models (M2, M2.1) through an OpenAI-compatible API.
+ * MiniMax Token Plan is a subscription service that provides access to
+ * MiniMax models (M2 and newer) through an OpenAI-compatible API.
  *
  * This is not OAuth - it's a simple API key flow:
  * 1. Open browser to the matching regional MiniMax subscription page
@@ -13,23 +13,23 @@
  * China: https://api.minimaxi.com/v1
  */
 
-import { validateOpenAICompatibleApiKey } from "./api-key-validation";
+import { validateOpenAICompatibleApiKey } from "../api-key-validation";
 import type { OAuthController } from "./types";
 
-const AUTH_URL_INTL = "https://platform.minimax.io/subscribe/coding-plan";
-const AUTH_URL_CN = "https://platform.minimaxi.com/subscribe/coding-plan";
+const AUTH_URL_INTL = "https://platform.minimax.io/subscribe/token-plan";
+const AUTH_URL_CN = "https://platform.minimaxi.com/subscribe/token-plan";
 const API_BASE_URL_INTL = "https://api.minimax.io/v1";
 const API_BASE_URL_CN = "https://api.minimaxi.com/v1";
-const VALIDATION_MODEL = "MiniMax-M2";
+const VALIDATION_MODEL = "MiniMax-M3";
 
 /**
- * Login to MiniMax Coding Plan (international).
+ * Login to MiniMax Token Plan (international).
  *
  * Opens browser to subscription page, prompts user to paste their API key.
  * Returns the API key directly (not OAuthCredentials - this isn't OAuth).
  */
 export async function loginMiniMaxCode(options: OAuthController): Promise<string> {
-	return loginMiniMaxCodeWithBaseUrl(options, AUTH_URL_INTL, API_BASE_URL_INTL, "MiniMax Coding Plan");
+	return loginMiniMaxCodeWithBaseUrl(options, AUTH_URL_INTL, API_BASE_URL_INTL, "MiniMax Token Plan");
 }
 
 async function loginMiniMaxCodeWithBaseUrl(
@@ -38,17 +38,18 @@ async function loginMiniMaxCodeWithBaseUrl(
 	baseUrl: string,
 	providerName: string,
 ): Promise<string> {
+	const fetchImpl = options.fetch ?? fetch;
 	if (!options.onPrompt) {
-		throw new Error("MiniMax Coding Plan login requires onPrompt callback");
+		throw new Error("MiniMax Token Plan login requires onPrompt callback");
 	}
 	// Open browser to subscription page
 	options.onAuth?.({
 		url: authUrl,
-		instructions: "Subscribe to Coding Plan and copy your API key",
+		instructions: "Subscribe to Token Plan and copy your API key",
 	});
 	// Prompt user to paste their API key
 	const apiKey = await options.onPrompt({
-		message: "Paste your MiniMax Coding Plan API key",
+		message: "Paste your MiniMax Token Plan API key",
 		placeholder: "sk-...",
 	});
 	if (options.signal?.aborted) {
@@ -66,15 +67,16 @@ async function loginMiniMaxCodeWithBaseUrl(
 		baseUrl,
 		model: VALIDATION_MODEL,
 		signal: options.signal,
+		fetch: fetchImpl,
 	});
 	return trimmed;
 }
 
 /**
- * Login to MiniMax Coding Plan (China).
+ * Login to MiniMax Token Plan (China).
  *
  * Same flow as international but uses China endpoint.
  */
 export async function loginMiniMaxCodeCn(options: OAuthController): Promise<string> {
-	return loginMiniMaxCodeWithBaseUrl(options, AUTH_URL_CN, API_BASE_URL_CN, "MiniMax Coding Plan (China)");
+	return loginMiniMaxCodeWithBaseUrl(options, AUTH_URL_CN, API_BASE_URL_CN, "MiniMax Token Plan (China)");
 }

package/src/{utils → registry}/oauth/types.ts

@@ -1,3 +1,6 @@
+import type { FetchImpl } from "../../types";
+import type { OAuthProviderUnion } from "../registry";
+
 export type OAuthCredentials = {
 	refresh: string;
 	access: string;
@@ -8,57 +11,7 @@ export type OAuthCredentials = {
 	accountId?: string;
 };
 
-export type OAuthProvider =
-	| "alibaba-coding-plan"
-	| "anthropic"
-	| "cerebras"
-	| "cloudflare-ai-gateway"
-	| "cursor"
-	| "deepseek"
-	| "fireworks"
-	| "firepass"
-	| "github-copilot"
-	| "google-gemini-cli"
-	| "google-antigravity"
-	| "gitlab-duo"
-	| "huggingface"
-	| "kimi-code"
-	| "kilo"
-	| "kagi"
-	| "litellm"
-	| "lm-studio"
-	| "minimax-code"
-	| "minimax-code-cn"
-	| "moonshot"
-	| "nvidia"
-	| "nanogpt"
-	| "ollama"
-	| "ollama-cloud"
-	| "openai-codex"
-	| "openai-codex-device"
-	| "opencode-go"
-	| "openrouter"
-	| "opencode-zen"
-	| "parallel"
-	| "perplexity"
-	| "qianfan"
-	| "qwen-portal"
-	| "synthetic"
-	| "tavily"
-	| "together"
-	| "venice"
-	| "vercel-ai-gateway"
-	| "wafer-pass"
-	| "wafer-serverless"
-	| "vllm"
-	| "xai-oauth"
-	| "xiaomi"
-	| "xiaomi-token-plan-sgp"
-	| "xiaomi-token-plan-ams"
-	| "xiaomi-token-plan-cn"
-	| "zenmux"
-	| "zai"
-	| "zhipu-coding-plan";
+export type OAuthProvider = OAuthProviderUnion;
 
 export type OAuthProviderId = OAuthProvider | (string & {});
 
@@ -85,6 +38,7 @@ export interface OAuthController {
 	onManualCodeInput?(): Promise<string>;
 	onPrompt?(prompt: OAuthPrompt): Promise<string>;
 	signal?: AbortSignal;
+	fetch?: FetchImpl;
 }
 
 export interface OAuthLoginCallbacks extends OAuthController {
@@ -99,4 +53,6 @@ export interface OAuthProviderInterface {
 	login(callbacks: OAuthLoginCallbacks): Promise<OAuthCredentials | string>;
 	refreshToken?(credentials: OAuthCredentials): Promise<OAuthCredentials>;
 	getApiKey?(credentials: OAuthCredentials): string;
+	/** Store resulting OAuth credentials under a different provider id. */
+	readonly storeCredentialsAs?: string;
 }

package/src/{utils → registry}/oauth/wafer.ts

@@ -18,7 +18,7 @@
  * Validation uses the shared `/v1/models` endpoint, which works for both
  * tiers and is cheap (no token spend).
  */
-import { createApiKeyLogin } from "./api-key-login";
+import { createApiKeyLogin } from "../api-key-login";
 
 const WAFER_AUTH_URL = "https://wafer.ai/dashboard";
 const WAFER_MODELS_URL = "https://pass.wafer.ai/v1/models";

package/src/{utils → registry}/oauth/xai-oauth.ts

@@ -10,6 +10,7 @@
  * rejected on every call site, not just the first.
  */
 
+import type { FetchImpl } from "../../types";
 import { OAuthCallbackFlow, type OAuthCallbackFlowOptions } from "./callback-server";
 import { generatePKCE } from "./pkce";
 import type { OAuthController, OAuthCredentials } from "./types";
@@ -70,10 +71,14 @@ export function validateXAIEndpoint(url: string, field: string): string {
  *
  * Hermes `_xai_oauth_discovery` L3038-3084.
  */
-async function xaiOAuthDiscovery(timeoutMs: number = DISCOVERY_TIMEOUT_MS): Promise<XAIOAuthDiscovery> {
+async function xaiOAuthDiscovery(
+	timeoutMs: number = DISCOVERY_TIMEOUT_MS,
+	fetchOverride?: FetchImpl,
+): Promise<XAIOAuthDiscovery> {
+	const fetchImpl = fetchOverride ?? fetch;
 	let response: Response;
 	try {
-		response = await fetch(XAI_OAUTH_DISCOVERY_URL, {
+		response = await fetchImpl(XAI_OAUTH_DISCOVERY_URL, {
 			method: "GET",
 			headers: { Accept: "application/json" },
 			signal: AbortSignal.timeout(timeoutMs),
@@ -179,6 +184,7 @@ function buildXAIAuthorizeUrl(opts: BuildXAIAuthorizeUrlOptions): string {
  */
 export class XAIOAuthFlow extends OAuthCallbackFlow {
 	#verifier: string = "";
+	#fetch: FetchImpl;
 
 	constructor(ctrl: OAuthController) {
 		super(ctrl, {
@@ -187,6 +193,7 @@ export class XAIOAuthFlow extends OAuthCallbackFlow {
 			callbackHostname: XAI_OAUTH_REDIRECT_HOST,
 			redirectUri: `http://${XAI_OAUTH_REDIRECT_HOST}:${XAI_OAUTH_REDIRECT_PORT}${XAI_OAUTH_REDIRECT_PATH}`,
 		} satisfies OAuthCallbackFlowOptions);
+		this.#fetch = ctrl.fetch ?? fetch;
 	}
 
 	async generateAuthUrl(state: string, redirectUri: string): Promise<{ url: string; instructions?: string }> {
@@ -194,7 +201,7 @@ export class XAIOAuthFlow extends OAuthCallbackFlow {
 		this.#verifier = pkce.verifier;
 		const nonce = crypto.randomUUID().replace(/-/g, "");
 
-		const discovery = await xaiOAuthDiscovery();
+		const discovery = await xaiOAuthDiscovery(DISCOVERY_TIMEOUT_MS, this.#fetch);
 		const url = buildXAIAuthorizeUrl({
 			authorizationEndpoint: discovery.authorization_endpoint,
 			redirectUri,
@@ -210,7 +217,7 @@ export class XAIOAuthFlow extends OAuthCallbackFlow {
 	}
 
 	async exchangeToken(code: string, _state: string, redirectUri: string): Promise<OAuthCredentials> {
-		const discovery = await xaiOAuthDiscovery();
+		const discovery = await xaiOAuthDiscovery(DISCOVERY_TIMEOUT_MS, this.#fetch);
 		const tokenEndpoint = validateXAIEndpoint(discovery.token_endpoint, "token_endpoint");
 
 		const body = new URLSearchParams({
@@ -221,7 +228,7 @@ export class XAIOAuthFlow extends OAuthCallbackFlow {
 			code_verifier: this.#verifier,
 		});
 
-		const response = await fetch(tokenEndpoint, {
+		const response = await this.#fetch(tokenEndpoint, {
 			method: "POST",
 			headers: {
 				"Content-Type": "application/x-www-form-urlencoded",
@@ -282,12 +289,13 @@ export async function loginXAIOAuth(ctrl: OAuthController): Promise<OAuthCredent
  * re-validates the cached `token_endpoint` on the refresh hot path so a
  * cached-but-poisoned endpoint cannot silently leak a refresh_token.
  */
-export async function refreshXAIOAuthToken(refreshToken: string): Promise<OAuthCredentials> {
+export async function refreshXAIOAuthToken(refreshToken: string, fetchOverride?: FetchImpl): Promise<OAuthCredentials> {
+	const fetchImpl = fetchOverride ?? fetch;
 	if (typeof refreshToken !== "string" || !refreshToken.trim()) {
 		throw new Error("missing refresh_token");
 	}
 
-	const discovery = await xaiOAuthDiscovery();
+	const discovery = await xaiOAuthDiscovery(DISCOVERY_TIMEOUT_MS, fetchImpl);
 	const tokenEndpoint = validateXAIEndpoint(discovery.token_endpoint, "token_endpoint");
 
 	const body = new URLSearchParams({
@@ -296,7 +304,7 @@ export async function refreshXAIOAuthToken(refreshToken: string): Promise<OAuthC
 		refresh_token: refreshToken,
 	});
 
-	const response = await fetch(tokenEndpoint, {
+	const response = await fetchImpl(tokenEndpoint, {
 		method: "POST",
 		headers: {
 			"Content-Type": "application/x-www-form-urlencoded",

package/src/{utils → registry}/oauth/xiaomi.ts

@@ -8,6 +8,7 @@
  * login opens plan management so users copy the regional `tp-...` key.
  */
 
+import type { FetchImpl } from "../../types";
 import type { OAuthController } from "./types";
 
 const PROVIDER_ID = "xiaomi";
@@ -50,9 +51,11 @@ const VALIDATION_TIMEOUT_MS = 15_000;
 
 async function validateXiaomiApiKey(
 	apiKey: string,
+	tokenPlanRegion: XiaomiTokenPlanRegion | undefined,
 	signal?: AbortSignal,
-	tokenPlanRegion?: XiaomiTokenPlanRegion,
+	fetchOverride?: FetchImpl,
 ): Promise<void> {
+	const fetchImpl = fetchOverride ?? fetch;
 	// Region-specific Token Plan logins must validate against the selected
 	// cluster. Generic Xiaomi login keeps the historical SGP → AMS → CN fallback.
 	const endpoints = tokenPlanRegion
@@ -74,7 +77,7 @@ async function validateXiaomiApiKey(
 		const timeoutSignal = AbortSignal.timeout(VALIDATION_TIMEOUT_MS);
 		const requestSignal = signal ? AbortSignal.any([signal, timeoutSignal]) : timeoutSignal;
 		try {
-			const response = await fetch(`${ep.baseUrl}/chat/completions`, {
+			const response = await fetchImpl(`${ep.baseUrl}/chat/completions`, {
 				method: "POST",
 				headers: {
 					"Content-Type": "application/json",
@@ -139,6 +142,7 @@ async function validateXiaomiApiKey(
  * Returns the API key directly (not OAuthCredentials - this isn't OAuth).
  */
 export async function loginXiaomi(options: OAuthController): Promise<string> {
+	const fetchImpl = options.fetch ?? fetch;
 	if (!options.onPrompt) {
 		throw new Error(`${PROVIDER_NAME} login requires onPrompt callback`);
 	}
@@ -159,7 +163,7 @@ export async function loginXiaomi(options: OAuthController): Promise<string> {
 	}
 
 	options.onProgress?.(`Validating ${PROVIDER_ID} API key...`);
-	await validateXiaomiApiKey(trimmed, options.signal);
+	await validateXiaomiApiKey(trimmed, undefined, options.signal, fetchImpl);
 	return trimmed;
 }
 
@@ -169,6 +173,7 @@ export async function loginXiaomi(options: OAuthController): Promise<string> {
  * Prompts for a token-plan API key and validates it against the selected region.
  */
 export async function loginXiaomiTokenPlan(options: OAuthController, region: XiaomiTokenPlanRegion): Promise<string> {
+	const fetchImpl = options.fetch ?? fetch;
 	if (!options.onPrompt) {
 		throw new Error(`Xiaomi Token Plan (${TOKEN_PLAN_REGION_NAMES[region]}) login requires onPrompt callback`);
 	}
@@ -189,6 +194,6 @@ export async function loginXiaomiTokenPlan(options: OAuthController, region: Xia
 	}
 
 	options.onProgress?.(`Validating Xiaomi Token Plan (${TOKEN_PLAN_REGION_NAMES[region]}) API key...`);
-	await validateXiaomiApiKey(trimmed, options.signal, region);
+	await validateXiaomiApiKey(trimmed, region, options.signal, fetchImpl);
 	return trimmed;
 }

package/src/{utils/oauth → registry}/ollama-cloud.ts

@@ -1,4 +1,5 @@
-import type { OAuthController } from "./types";
+import type { OAuthController, OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
 
 const OLLAMA_CLOUD_KEYS_URL = "https://ollama.com/settings/keys";
 
@@ -26,3 +27,9 @@ export async function loginOllamaCloud(options: OAuthController): Promise<string
 	}
 	return trimmed;
 }
+
+export const ollamaCloudProvider = {
+	id: "ollama-cloud",
+	name: "Ollama Cloud",
+	login: (cb: OAuthLoginCallbacks) => loginOllamaCloud(cb),
+} as const satisfies ProviderDefinition;

package/src/{utils/oauth → registry}/ollama.ts

@@ -1,16 +1,5 @@
-/**
- * Ollama login flow.
- *
- * Ollama is typically used locally without authentication, but some hosted
- * deployments require a bearer token/API key.
- *
- * This flow is API-key based (not OAuth):
- * 1. Optionally open Ollama docs
- * 2. Prompt user for API key/token (optional)
- * 3. Persist key only when provided
- */
-
-import type { OAuthController } from "./types";
+import type { OAuthController } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
 
 const OLLAMA_DOCS_URL = "https://github.com/ollama/ollama/blob/main/docs/api.md";
 
@@ -45,3 +34,9 @@ export async function loginOllama(options: OAuthController): Promise<string> {
 
 	return apiKey.trim();
 }
+
+export const ollamaProvider = {
+	id: "ollama",
+	name: "Ollama (Local OpenAI-compatible)",
+	login: loginOllama,
+} as const satisfies ProviderDefinition;

package/src/registry/openai-codex-device.ts

@@ -0,0 +1,18 @@
+import type { OAuthCredentials, OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
+
+export const openaiCodexDeviceProvider = {
+	id: "openai-codex-device",
+	name: "ChatGPT Plus/Pro (Codex, headless/device)",
+	login: async (cb: OAuthLoginCallbacks) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { loginOpenAICodexDevice } = await import("./oauth/openai-codex");
+		return loginOpenAICodexDevice(cb);
+	},
+	refreshToken: async (credentials: OAuthCredentials) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { refreshOpenAICodexToken } = await import("./oauth/openai-codex");
+		return refreshOpenAICodexToken(credentials.refresh);
+	},
+	storeCredentialsAs: "openai-codex",
+} as const satisfies ProviderDefinition;

package/src/registry/openai-codex.ts

@@ -0,0 +1,19 @@
+import type { OAuthCredentials, OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
+
+export const openaiCodexProvider = {
+	id: "openai-codex",
+	name: "ChatGPT Plus/Pro (Codex Subscription)",
+	login: async (cb: OAuthLoginCallbacks) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { loginOpenAICodex } = await import("./oauth/openai-codex");
+		return loginOpenAICodex(cb);
+	},
+	refreshToken: async (credentials: OAuthCredentials) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { refreshOpenAICodexToken } = await import("./oauth/openai-codex");
+		return refreshOpenAICodexToken(credentials.refresh);
+	},
+	callbackPort: 1455,
+	pasteCodeFlow: true,
+} as const satisfies ProviderDefinition;

package/src/registry/openai.ts

@@ -0,0 +1,6 @@
+import type { ProviderDefinition } from "./types";
+
+export const openaiProvider = {
+	id: "openai",
+	name: "OpenAI",
+} as const satisfies ProviderDefinition;

package/src/registry/opencode-go.ts

@@ -0,0 +1,12 @@
+import type { OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
+
+export const opencodeGoProvider = {
+	id: "opencode-go",
+	name: "OpenCode Go",
+	login: async (cb: OAuthLoginCallbacks) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { loginOpenCode } = await import("./oauth/opencode");
+		return loginOpenCode(cb);
+	},
+} as const satisfies ProviderDefinition;

package/src/registry/opencode-zen.ts

@@ -0,0 +1,12 @@
+import type { OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
+
+export const opencodeZenProvider = {
+	id: "opencode-zen",
+	name: "OpenCode Zen",
+	login: async (cb: OAuthLoginCallbacks) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { loginOpenCode } = await import("./oauth/opencode");
+		return loginOpenCode(cb);
+	},
+} as const satisfies ProviderDefinition;

package/src/{utils/oauth → registry}/openrouter.ts

@@ -1,11 +1,13 @@
+import { createApiKeyLogin } from "./api-key-login";
+import type { OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
+
 /** OpenRouter login flow (API key paste, validated via /auth/key).
  *
  * `/api/v1/models` is public and returns 200 for any bearer (including bogus),
  * so it cannot validate auth. `/api/v1/auth/key` is the canonical "who am I"
  * endpoint — 200 for valid keys, 401 otherwise.
  */
-import { createApiKeyLogin } from "./api-key-login";
-
 export const loginOpenRouter = createApiKeyLogin({
 	providerLabel: "OpenRouter",
 	authUrl: "https://openrouter.ai/keys",
@@ -18,3 +20,9 @@ export const loginOpenRouter = createApiKeyLogin({
 		modelsUrl: "https://openrouter.ai/api/v1/auth/key",
 	},
 });
+
+export const openrouterProvider = {
+	id: "openrouter",
+	name: "OpenRouter",
+	login: (cb: OAuthLoginCallbacks) => loginOpenRouter(cb),
+} as const satisfies ProviderDefinition;

package/src/{utils/oauth → registry}/parallel.ts

@@ -1,14 +1,5 @@
-/**
- * Parallel login flow.
- *
- * Parallel uses an API key from the account settings page.
- * This is an API key flow:
- * 1. Open browser to Parallel API key settings
- * 2. User copies API key
- * 3. User pastes key into the CLI/TUI
- */
-
-import type { OAuthController } from "./types";
+import type { OAuthController, OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
 
 const AUTH_URL = "https://platform.parallel.ai/settings?tab=api-keys";
 
@@ -44,3 +35,10 @@ export async function loginParallel(options: OAuthController): Promise<string> {
 
 	return trimmed;
 }
+
+export const parallelProvider = {
+	id: "parallel",
+	name: "Parallel",
+	envKeys: "PARALLEL_API_KEY",
+	login: (cb: OAuthLoginCallbacks) => loginParallel(cb),
+} as const satisfies ProviderDefinition;

package/src/registry/perplexity.ts

@@ -0,0 +1,13 @@
+import type { OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
+
+export const perplexityProvider = {
+	id: "perplexity",
+	name: "Perplexity (Pro/Max)",
+	envKeys: "PERPLEXITY_API_KEY",
+	login: async (cb: OAuthLoginCallbacks) => {
+		// Lazy import: keep heavy OAuth flow modules out of the eager registry graph.
+		const { loginPerplexity } = await import("./oauth/perplexity");
+		return loginPerplexity(cb);
+	},
+} as const satisfies ProviderDefinition;

package/src/{utils/oauth → registry}/qianfan.ts

@@ -1,26 +1,11 @@
-/**
- * Qianfan login flow.
- *
- * Qianfan provides an OpenAI-compatible API endpoint.
- * Login is API-key based:
- * 1. Open browser to Qianfan API key console
- * 2. User copies API key
- * 3. User pastes key into CLI prompt
- */
-
 import { validateOpenAICompatibleApiKey } from "./api-key-validation";
-import type { OAuthController } from "./types";
+import type { OAuthController, OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
 
 const AUTH_URL = "https://console.bce.baidu.com/qianfan/ais/console/apiKey";
 const API_BASE_URL = "https://qianfan.baidubce.com/v2";
 const VALIDATION_MODEL = "deepseek-v3.2";
 
-/**
- * Login to Qianfan.
- *
- * Opens browser to API key page, prompts user to paste their API key.
- * Returns the API key directly (not OAuthCredentials - this isn't OAuth).
- */
 export async function loginQianfan(options: OAuthController): Promise<string> {
 	if (!options.onPrompt) {
 		throw new Error("Qianfan login requires onPrompt callback");
@@ -56,3 +41,9 @@ export async function loginQianfan(options: OAuthController): Promise<string> {
 
 	return trimmed;
 }
+
+export const qianfanProvider = {
+	id: "qianfan",
+	name: "Qianfan",
+	login: (cb: OAuthLoginCallbacks) => loginQianfan(cb),
+} as const satisfies ProviderDefinition;

package/src/{utils/oauth → registry}/qwen-portal.ts

@@ -1,28 +1,11 @@
-/**
- * Qwen Portal login flow.
- *
- * Qwen Portal exposes an OpenAI-compatible endpoint at https://portal.qwen.ai/v1
- * and accepts OAuth bearer tokens or API keys.
- *
- * This is a token/API-key flow:
- * 1. Open Qwen Portal
- * 2. Copy either your OAuth token or API key
- * 3. Paste it into the CLI
- */
-
 import { validateOpenAICompatibleApiKey } from "./api-key-validation";
-import type { OAuthController } from "./types";
+import type { OAuthController, OAuthLoginCallbacks } from "./oauth/types";
+import type { ProviderDefinition } from "./types";
 
 const AUTH_URL = "https://chat.qwen.ai";
 const API_BASE_URL = "https://portal.qwen.ai/v1";
 const VALIDATION_MODEL = "coder-model";
 
-/**
- * Login to Qwen Portal.
- *
- * Prompts for either `QWEN_OAUTH_TOKEN` or `QWEN_PORTAL_API_KEY` value.
- * Returns the value directly (stored as api_key credential in auth storage).
- */
 export async function loginQwenPortal(options: OAuthController): Promise<string> {
 	if (!options.onPrompt) {
 		throw new Error("Qwen Portal login requires onPrompt callback");
@@ -58,3 +41,9 @@ export async function loginQwenPortal(options: OAuthController): Promise<string>
 
 	return trimmed;
 }
+
+export const qwenPortalProvider = {
+	id: "qwen-portal",
+	name: "Qwen Portal",
+	login: (cb: OAuthLoginCallbacks) => loginQwenPortal(cb),
+} as const satisfies ProviderDefinition;