@suncreation/opencode-claude-patch 0.1.0 → 0.1.1

package/README.md

@@ -1,11 +1,13 @@
 # opencode-anthropic-oauth-patch
 
-Installable OpenCode plugin for sanitizing Anthropic OAuth / Claude request shape, with helper exports for lower-level integrations.
+Installable OpenCode plugin that restores Anthropic provider visibility, reads the working OpenCode OAuth token file, refreshes Anthropic access tokens, and patches Claude request shape for OpenCode/oh-my-opencode.
 
 This is meant for OpenCode/oh-my-opencode-style integrations where Claude OAuth requests break because extra Anthropic-incompatible fields are injected into the request path.
 
 ## What it patches automatically as an OpenCode plugin
 
+- Registers an Anthropic auth/provider bridge for OpenCode using `~/.local/share/opencode/auth.json`
+- Refreshes Anthropic OAuth access tokens through `https://console.anthropic.com/v1/oauth/token`
 - Removes `thinking`, `output_config`, and related Anthropic-problematic option fields from OpenCode provider options
 - Rewrites OpenCode system prompt strings into a single Claude-Code-compatible system string
 - Sets Claude-Code-compatible Anthropic headers by default
@@ -36,7 +38,7 @@ Add the package to your `opencode.json` plugin list:
 Install it from this repository:
 
 ```bash
-npm install /Users/admin/Projects/subscription-llm/npm/opencode-anthropic-oauth-patch
+npm install /Users/admin/Projects/npm/opencode-anthropic-oauth-patch
 ```
 
 If you later publish it, keep the same `plugin` entry and install with:
@@ -51,6 +53,7 @@ OpenCode will auto-install npm plugins referenced in `opencode.json` at startup.
 
 The root package export is an OpenCode plugin function. Once installed and listed in `opencode.json`, it auto-applies:
 
+- Anthropic auth/provider loading backed by the OpenCode OAuth token file
 - `chat.params` patching for Anthropic/Claude models
 - `chat.headers` patching for Claude-compatible headers
 - `experimental.chat.system.transform` patching for a single Claude-Code-style system prompt

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@suncreation/opencode-claude-patch",
-  "version": "0.1.0",
-  "description": "Reusable Anthropic OAuth request sanitizer for OpenCode and similar tools",
+  "version": "0.1.1",
+  "description": "Anthropic OAuth provider bridge and Claude request patch for OpenCode",
   "type": "module",
   "main": "./src/index.js",
   "types": "./src/index.d.ts",

package/src/helpers.d.ts

@@ -27,3 +27,7 @@ export declare function createAnthropicOAuthPatchedFetch(
   options?: PatchOptions
 ): typeof fetch;
 export declare function installGlobalAnthropicOAuthFetchPatch(options?: PatchOptions): boolean;
+export declare function getOAuthAccessToken(
+  provider: "anthropic",
+  options?: { authPath?: string }
+): Promise<string>;

package/src/helpers.js

@@ -1,4 +1,9 @@
+import { mkdir, readFile, writeFile } from "node:fs/promises";
+import { homedir } from "node:os";
+import { dirname, resolve } from "node:path";
+
 const DEFAULT_SYSTEM_PREFIX = "You are Claude Code, Anthropic's official CLI for Claude.";
+const DEFAULT_AUTH_PATH = resolve(homedir(), ".local/share/opencode/auth.json");
 
 const DEFAULT_PATCH_HEADERS = {
   "anthropic-beta": "oauth-2025-04-20,interleaved-thinking-2025-05-14,claude-code-20250219",
@@ -6,6 +11,13 @@ const DEFAULT_PATCH_HEADERS = {
   "user-agent": "claude-cli/2.1.2 (external, cli)"
 };
 
+const PROVIDER_CONFIG = {
+  anthropic: {
+    refreshUrl: "https://console.anthropic.com/v1/oauth/token",
+    clientId: "9d1c250a-e61b-44d9-88ed-5944d1962f5e"
+  }
+};
+
 const FETCH_PATCH_MARKER = Symbol.for("opencode.anthropic.oauth.patch.fetch");
 
 function isPlainObject(value) {
@@ -16,6 +28,104 @@ function deepClone(value) {
   return value === undefined ? undefined : JSON.parse(JSON.stringify(value));
 }
 
+function resolveAuthPath(authPath) {
+  return authPath ? resolve(String(authPath).replace(/^~(?=$|\/)/, homedir())) : DEFAULT_AUTH_PATH;
+}
+
+function isTokenValid(tokenData) {
+  if (!isPlainObject(tokenData)) {
+    return false;
+  }
+
+  const access = tokenData.access;
+  const expires = tokenData.expires;
+  return typeof access === "string" && typeof expires === "number" && expires > Date.now() + 60_000;
+}
+
+async function readAuthData(authPath) {
+  try {
+    const raw = await readFile(authPath, "utf8");
+    const parsed = JSON.parse(raw);
+    return isPlainObject(parsed) ? parsed : {};
+  } catch {
+    return {};
+  }
+}
+
+async function writeAuthData(authPath, data) {
+  await mkdir(dirname(authPath), { recursive: true });
+  await writeFile(authPath, JSON.stringify(data, null, 2), "utf8");
+}
+
+function normalizeRefreshedToken(refreshed, previous = {}) {
+  const nowMs = Date.now();
+  let expires = refreshed.expires;
+  if (typeof expires !== "number") {
+    if (typeof refreshed.expires_at === "number") {
+      expires = refreshed.expires_at;
+    } else if (typeof refreshed.expires_in === "number") {
+      expires = nowMs + refreshed.expires_in * 1000;
+    } else if (typeof previous.expires === "number") {
+      expires = previous.expires;
+    } else {
+      expires = nowMs + 3600_000;
+    }
+  }
+
+  return {
+    ...previous,
+    access: refreshed.access ?? refreshed.access_token ?? previous.access,
+    refresh: refreshed.refresh ?? refreshed.refresh_token ?? previous.refresh,
+    expires: Math.trunc(expires)
+  };
+}
+
+async function refreshAccessToken(provider, providerData, authPath) {
+  const config = PROVIDER_CONFIG[provider];
+  const refreshToken = providerData?.refresh;
+  if (!config || typeof refreshToken !== "string" || !refreshToken) {
+    throw new Error(`Missing refresh token for provider '${provider}'`);
+  }
+
+  const response = await fetch(config.refreshUrl, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({
+      grant_type: "refresh_token",
+      refresh_token: refreshToken,
+      client_id: config.clientId
+    })
+  });
+
+  if (!response.ok) {
+    throw new Error(`Token refresh failed: ${response.status}`);
+  }
+
+  const refreshed = await response.json();
+  const merged = normalizeRefreshedToken(isPlainObject(refreshed) ? refreshed : {}, providerData);
+  if (typeof merged.access !== "string" || !merged.access) {
+    throw new Error(`Refresh succeeded but no access token for provider '${provider}'`);
+  }
+
+  const authData = await readAuthData(authPath);
+  authData[provider] = merged;
+  await writeAuthData(authPath, authData);
+  return merged;
+}
+
+export async function getOAuthAccessToken(provider, options = {}) {
+  const authPath = resolveAuthPath(options.authPath);
+  const authData = await readAuthData(authPath);
+  const providerData = isPlainObject(authData[provider]) ? authData[provider] : {};
+
+  if (isTokenValid(providerData)) {
+    return providerData.access;
+  }
+
+  const refreshed = await refreshAccessToken(provider, providerData, authPath);
+  return refreshed.access;
+}
+
 function isAnthropicMessagesUrl(url) {
   if (typeof url !== "string") {
     return false;

package/src/index.js

@@ -1,5 +1,6 @@
 import {
   DEFAULT_SYSTEM_PREFIX,
+  getOAuthAccessToken,
   installGlobalAnthropicOAuthFetchPatch,
   isOpenCodeAnthropicPatchTarget,
   mergePatchHeaders,
@@ -23,6 +24,78 @@ export default async function OpenCodeAnthropicOAuthPatch() {
   });
 
   return {
+    auth: {
+      provider: "anthropic",
+      async loader(_getAuth, provider) {
+        for (const model of Object.values(provider.models ?? {})) {
+          model.cost = {
+            input: 0,
+            output: 0,
+            cache: {
+              read: 0,
+              write: 0
+            }
+          };
+        }
+
+        return {
+          apiKey: "",
+          async fetch(input, init) {
+            const token = await getOAuthAccessToken("anthropic");
+            const requestInit = init ?? {};
+            const requestHeaders = new Headers();
+
+            if (input instanceof Request) {
+              input.headers.forEach((value, key) => {
+                requestHeaders.set(key, value);
+              });
+            }
+
+            if (requestInit.headers) {
+              if (requestInit.headers instanceof Headers) {
+                requestInit.headers.forEach((value, key) => {
+                  requestHeaders.set(key, value);
+                });
+              } else if (Array.isArray(requestInit.headers)) {
+                for (const [key, value] of requestInit.headers) {
+                  if (typeof value !== "undefined") {
+                    requestHeaders.set(key, String(value));
+                  }
+                }
+              } else {
+                for (const [key, value] of Object.entries(requestInit.headers)) {
+                  if (typeof value !== "undefined") {
+                    requestHeaders.set(key, String(value));
+                  }
+                }
+              }
+            }
+
+            requestHeaders.set("authorization", `Bearer ${token}`);
+            requestHeaders.delete("x-api-key");
+            requestHeaders.delete("Authorization");
+
+            const mergedHeaders = mergePatchHeaders(Object.fromEntries(requestHeaders.entries()));
+            const patchedFetch = installGlobalAnthropicOAuthFetchPatch({
+              ensureClaudeCodeSystem: true,
+              normalizeSystemToUserMessage: true,
+              systemPrefix: pluginOptions.systemPrefix
+            })
+              ? globalThis.fetch
+              : globalThis.fetch;
+
+            return patchedFetch(input, {
+              ...requestInit,
+              headers: {
+                ...mergedHeaders,
+                authorization: `Bearer ${token}`
+              }
+            });
+          }
+        };
+      }
+    },
+
     async "chat.params"(input, output) {
       if (!isOpenCodeAnthropicPatchTarget(input)) {
         return;