@thelioo/opencode-balancer 0.1.8 → 0.2.1

package/dist/core/usage/providers/copilot.ts

@@ -0,0 +1,243 @@
+import type { Account } from "../../types";
+import { redactUsageError, redactUsagePayload } from "../redact";
+import type { ProviderUsageService, ProviderUsageSnapshot } from "../types";
+
+function unavailable(
+	account: Account,
+	message: string,
+	error?: string,
+): ProviderUsageSnapshot {
+	return {
+		alias: account.alias,
+		confidence: "unavailable",
+		fetchedAt: Date.now(),
+		message,
+		providerID: account.providerID,
+		...(error ? { error: redactUsageError(error, account) } : {}),
+	};
+}
+
+function githubHeaders(account: Account) {
+	return {
+		Accept: "application/vnd.github+json",
+		Authorization: `Bearer ${account.auth.type === "oauth" ? account.auth.access : ""}`,
+		"X-GitHub-Api-Version": "2026-03-10",
+	};
+}
+
+async function fetchJSON(url: string, account: Account) {
+	const response = await fetch(url, { headers: githubHeaders(account) });
+	if (!response.ok) return { ok: false as const, status: response.status };
+	try {
+		return { body: await response.json(), ok: true as const };
+	} catch {
+		return { body: undefined, ok: true as const };
+	}
+}
+
+function sumNetQuantity(body: unknown) {
+	const items = (body as { usageItems?: unknown } | undefined)?.usageItems;
+	if (!Array.isArray(items)) return undefined;
+
+	let total = 0;
+	let found = false;
+	for (const item of items) {
+		const quantity = (
+			item as { netQuantity?: unknown; quantity?: unknown } | undefined
+		)?.netQuantity;
+		const legacyQuantity = (item as { quantity?: unknown } | undefined)
+			?.quantity;
+		const value =
+			typeof quantity === "number"
+				? quantity
+				: typeof legacyQuantity === "number"
+					? legacyQuantity
+					: undefined;
+		if (value === undefined) continue;
+		total += value;
+		found = true;
+	}
+	return found ? total : undefined;
+}
+
+function numberAt(value: unknown, path: string[]) {
+	let current = value;
+	for (const key of path)
+		current = (current as Record<string, unknown> | undefined)?.[key];
+	return typeof current === "number" && Number.isFinite(current)
+		? current
+		: undefined;
+}
+
+function parseInternalQuota(body: unknown) {
+	const premium = (
+		body as {
+			quota_snapshots?: {
+				premium_interactions?: unknown;
+				premium_models?: unknown;
+				chat?: unknown;
+			};
+		}
+	)?.quota_snapshots;
+	const snapshot =
+		premium?.premium_interactions ?? premium?.premium_models ?? premium?.chat;
+	const entitlement = numberAt(snapshot, ["entitlement"]);
+	const remaining =
+		numberAt(snapshot, ["remaining"]) ??
+		numberAt(snapshot, ["quota_remaining"]);
+	const percentRemaining = numberAt(snapshot, ["percent_remaining"]);
+
+	return {
+		entitlement,
+		percentRemaining,
+		remaining,
+		used:
+			entitlement !== undefined && remaining !== undefined
+				? Math.max(0, entitlement - remaining)
+				: undefined,
+	};
+}
+
+async function refreshInternalUserQuota(account: Account) {
+	const internal = await fetchJSON(
+		"https://api.github.com/copilot_internal/user",
+		account,
+	);
+	if (!internal.ok) return { ok: false as const, status: internal.status };
+
+	const login =
+		typeof internal.body?.login === "string"
+			? internal.body.login
+			: "GitHub user";
+	const plan =
+		typeof internal.body?.copilot_plan === "string"
+			? internal.body.copilot_plan
+			: undefined;
+	const quota = parseInternalQuota(internal.body);
+	if (!plan && quota.used === undefined && quota.remaining === undefined)
+		return { ok: false as const, status: 200 };
+	return {
+		ok: true as const,
+		snapshot: {
+			alias: account.alias,
+			confidence: "exact" as const,
+			fetchedAt: Date.now(),
+			providerID: account.providerID,
+			...(quota.used !== undefined ? { usedTokens: quota.used } : {}),
+			...(quota.remaining !== undefined
+				? { remainingTokens: quota.remaining }
+				: {}),
+			message: plan
+				? `GitHub Copilot personal quota fetched for ${login} (${plan}).`
+				: `GitHub Copilot personal quota fetched for ${login}.`,
+			rawRedacted: redactUsagePayload(internal.body, account),
+		},
+	};
+}
+
+async function refreshPersonalUsage(
+	account: Account,
+): Promise<ProviderUsageSnapshot> {
+	const internal = await refreshInternalUserQuota(account);
+	if (internal.ok) return internal.snapshot;
+
+	const user = await fetchJSON("https://api.github.com/user", account);
+	if (!user.ok) {
+		return unavailable(
+			account,
+			`GitHub Copilot personal billing usage requires user API access; /user returned HTTP ${user.status}.`,
+		);
+	}
+
+	const login =
+		typeof user.body?.login === "string" ? user.body.login : undefined;
+	if (!login)
+		return unavailable(
+			account,
+			"GitHub Copilot personal billing usage requires a GitHub username from /user.",
+		);
+
+	const premiumURL = `https://api.github.com/users/${encodeURIComponent(login)}/settings/billing/premium_request/usage`;
+	const premium = await fetchJSON(premiumURL, account);
+	if (premium.ok) {
+		return {
+			alias: account.alias,
+			confidence: "exact",
+			fetchedAt: Date.now(),
+			message: `GitHub Copilot personal premium request usage fetched for ${login}.`,
+			providerID: account.providerID,
+			rawRedacted: redactUsagePayload(premium.body, account),
+			usedTokens: sumNetQuantity(premium.body),
+		};
+	}
+
+	const summaryURL = `https://api.github.com/users/${encodeURIComponent(login)}/settings/billing/usage/summary?product=copilot`;
+	const summary = await fetchJSON(summaryURL, account);
+	if (summary.ok) {
+		return {
+			alias: account.alias,
+			confidence: "exact",
+			fetchedAt: Date.now(),
+			message: `GitHub Copilot personal billing usage fetched for ${login}.`,
+			providerID: account.providerID,
+			rawRedacted: redactUsagePayload(summary.body, account),
+			usedTokens: sumNetQuantity(summary.body),
+		};
+	}
+
+	return unavailable(
+		account,
+		`GitHub Copilot personal billing usage unavailable; copilot_internal/user returned HTTP ${internal.status}, premium requests returned HTTP ${premium.status}, and billing summary returned HTTP ${summary.status}.`,
+	);
+}
+
+export const copilotUsageService: ProviderUsageService = {
+	providerID: "github-copilot",
+	async refreshUsage(account) {
+		const githubOrg = account.auth.metadata?.githubOrg;
+		if (account.auth.type !== "oauth") {
+			return unavailable(account, "GitHub Copilot usage requires OAuth auth.");
+		}
+
+		if (!githubOrg) return refreshPersonalUsage(account);
+
+		try {
+			const response = await fetch(
+				`https://api.github.com/orgs/${encodeURIComponent(githubOrg)}/copilot/billing`,
+				{
+					headers: githubHeaders(account),
+				},
+			);
+			if (!response.ok) {
+				return unavailable(
+					account,
+					`GitHub Copilot billing request failed with HTTP ${response.status}.`,
+				);
+			}
+
+			const body = await response.json();
+			const planName =
+				typeof body?.plan_type === "string" ? body.plan_type : undefined;
+			return {
+				alias: account.alias,
+				confidence: "exact",
+				fetchedAt: Date.now(),
+				providerID: account.providerID,
+				...(planName ? { planName } : {}),
+				message: planName
+					? `GitHub Copilot billing fetched for ${githubOrg} (${planName}).`
+					: `GitHub Copilot billing fetched for ${githubOrg}.`,
+				rawRedacted: redactUsagePayload(body, account),
+			};
+		} catch (error) {
+			return unavailable(
+				account,
+				"GitHub Copilot billing request failed; exact billing data is unavailable.",
+				error instanceof Error ? error.message : String(error),
+			);
+		}
+	},
+	supports(providerID) {
+		return providerID === "github-copilot" || providerID === "copilot";
+	},
+};

package/dist/core/usage/providers/openai.ts

@@ -0,0 +1,179 @@
+import type { Account } from "../../types";
+import { redactUsageError, redactUsagePayload } from "../redact";
+import type { ProviderUsageService, ProviderUsageSnapshot } from "../types";
+
+function unavailable(
+	account: Account,
+	message: string,
+	error?: string,
+): ProviderUsageSnapshot {
+	return {
+		alias: account.alias,
+		confidence: "unavailable",
+		fetchedAt: Date.now(),
+		message,
+		providerID: account.providerID,
+		...(error ? { error: redactUsageError(error, account) } : {}),
+	};
+}
+
+function isRecord(value: unknown): value is Record<string, unknown> {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+
+function asNumber(value: unknown): number | undefined {
+	return typeof value === "number" && Number.isFinite(value)
+		? value
+		: undefined;
+}
+
+function decodeJwtPayload(token: string): Record<string, unknown> | undefined {
+	const payload = token.split(".")[1];
+	if (!payload) return undefined;
+
+	try {
+		const normalized = payload.replace(/-/g, "+").replace(/_/g, "/");
+		const padded = `${normalized}${"=".repeat((4 - (normalized.length % 4)) % 4)}`;
+		const decoded = JSON.parse(
+			Buffer.from(padded, "base64").toString("utf8"),
+		) as unknown;
+		return isRecord(decoded) ? decoded : undefined;
+	} catch {
+		return undefined;
+	}
+}
+
+function chatgptAccountID(account: Account): string | undefined {
+	if (account.auth.type !== "oauth") return undefined;
+	if (account.auth.accountId) return account.auth.accountId;
+
+	const payload = decodeJwtPayload(account.auth.access);
+	const authClaim = payload?.["https://api.openai.com/auth"];
+	if (!isRecord(authClaim)) return undefined;
+
+	const accountID = authClaim.chatgpt_account_id;
+	return typeof accountID === "string" && accountID.trim()
+		? accountID
+		: undefined;
+}
+
+function planName(planType: unknown): string | undefined {
+	if (typeof planType !== "string" || !planType.trim()) return undefined;
+	const normalized = planType.trim().toLowerCase();
+	const names: Record<string, string> = {
+		enterprise: "ChatGPT Enterprise",
+		plus: "ChatGPT Plus",
+		pro: "ChatGPT Pro",
+		team: "ChatGPT Team",
+	};
+	return names[normalized] ?? planType;
+}
+
+function resetAtMillis(value: unknown): number | undefined {
+	const timestamp = asNumber(value);
+	if (timestamp === undefined || timestamp < 0) return undefined;
+	return timestamp > 1_000_000_000_000 ? timestamp : timestamp * 1000;
+}
+
+async function refreshChatGPTUsage(
+	account: Account,
+): Promise<ProviderUsageSnapshot> {
+	if (account.auth.type !== "oauth") {
+		return unavailable(account, "OpenAI ChatGPT usage requires OAuth auth.");
+	}
+
+	try {
+		const headers: Record<string, string> = {
+			Authorization: `Bearer ${account.auth.access}`,
+			"User-Agent": "opencode-balancer/0.1.3",
+		};
+		const accountID = chatgptAccountID(account);
+		if (accountID) headers["ChatGPT-Account-Id"] = accountID;
+
+		const response = await fetch("https://chatgpt.com/backend-api/wham/usage", {
+			headers,
+		});
+		if (!response.ok) {
+			return unavailable(
+				account,
+				`OpenAI ChatGPT usage request failed with HTTP ${response.status}.`,
+			);
+		}
+
+		const body = (await response.json()) as unknown;
+		const rateLimit =
+			isRecord(body) && isRecord(body.rate_limit) ? body.rate_limit : undefined;
+		const primary =
+			rateLimit && isRecord(rateLimit.primary_window)
+				? rateLimit.primary_window
+				: undefined;
+		return {
+			alias: account.alias,
+			confidence: "exact",
+			fetchedAt: Date.now(),
+			message: "OpenAI ChatGPT usage fetched.",
+			planName: isRecord(body) ? planName(body.plan_type) : undefined,
+			providerID: account.providerID,
+			rawRedacted: redactUsagePayload(body, account),
+			resetAt: primary ? resetAtMillis(primary.reset_at) : undefined,
+			usedPercent: primary ? asNumber(primary.used_percent) : undefined,
+		};
+	} catch (error) {
+		return unavailable(
+			account,
+			"OpenAI ChatGPT usage request failed; exact usage is unavailable.",
+			error instanceof Error ? error.message : String(error),
+		);
+	}
+}
+
+export const openaiUsageService: ProviderUsageService = {
+	providerID: "openai",
+	async refreshUsage(account) {
+		if (account.auth.type !== "api") {
+			return refreshChatGPTUsage(account);
+		}
+
+		const url = new URL(
+			"https://api.openai.com/v1/organization/usage/completions",
+		);
+		url.searchParams.set(
+			"start_time",
+			String(Math.floor((Date.now() - 24 * 60 * 60 * 1000) / 1000)),
+		);
+		url.searchParams.set("bucket_width", "1d");
+
+		try {
+			const response = await fetch(url, {
+				headers: {
+					Authorization: `Bearer ${account.auth.key}`,
+				},
+			});
+			if (!response.ok) {
+				return unavailable(
+					account,
+					`OpenAI usage request failed with HTTP ${response.status}.`,
+				);
+			}
+
+			const body = await response.json();
+			return {
+				alias: account.alias,
+				confidence: "exact",
+				fetchedAt: Date.now(),
+				message: "OpenAI organization usage fetched.",
+				providerID: account.providerID,
+				rawRedacted: redactUsagePayload(body, account),
+			};
+		} catch (error) {
+			return unavailable(
+				account,
+				"OpenAI usage request failed; exact usage is unavailable.",
+				error instanceof Error ? error.message : String(error),
+			);
+		}
+	},
+	supports(providerID) {
+		return providerID === "openai";
+	},
+};

package/dist/core/usage/redact.ts

@@ -0,0 +1,80 @@
+import type { Account } from "../types";
+
+const REDACTED = "[redacted]";
+
+function accountSecretValues(account: Account) {
+	const values = new Set<string>();
+	if (account.auth.type === "api") values.add(account.auth.key);
+	if (account.auth.type === "oauth") {
+		values.add(account.auth.access);
+		values.add(account.auth.refresh);
+	}
+	if (account.auth.type === "wellknown") {
+		values.add(account.auth.key);
+		values.add(account.auth.token);
+	}
+	values.delete("");
+	return values;
+}
+
+function keyWords(key: string) {
+	return key
+		.replace(/([a-z0-9])([A-Z])/g, "$1 $2")
+		.toLowerCase()
+		.split(/[^a-z0-9]+/)
+		.filter(Boolean);
+}
+
+function isCredentialKey(key: string) {
+	const lower = key.toLowerCase();
+	const compact = lower.replace(/[^a-z0-9]/g, "");
+	if (
+		lower.includes("api_key") ||
+		compact.includes("apikey") ||
+		lower.includes("access_token") ||
+		compact.includes("accesstoken") ||
+		lower.includes("refresh_token") ||
+		compact.includes("refreshtoken") ||
+		lower.includes("x-api-key") ||
+		compact.includes("xapikey") ||
+		lower.includes("authorization")
+	) {
+		return true;
+	}
+
+	const words = keyWords(key);
+	return ["token", "key", "secret", "password"].some(
+		(credential) => lower === credential || words.includes(credential),
+	);
+}
+
+export function redactUsagePayload(value: unknown, account: Account): unknown {
+	return redactValue(value, accountSecretValues(account));
+}
+
+export function redactUsageError(error: string, account: Account) {
+	return redactString(error, accountSecretValues(account));
+}
+
+function redactString(value: string, secrets: Set<string>) {
+	let redacted = value;
+	for (const secret of [...secrets].sort((a, b) => b.length - a.length)) {
+		redacted = redacted.split(secret).join(REDACTED);
+	}
+	return redacted;
+}
+
+function redactValue(value: unknown, secrets: Set<string>): unknown {
+	if (typeof value === "string") return redactString(value, secrets);
+	if (!value || typeof value !== "object") return value;
+	if (Array.isArray(value))
+		return value.map((item) => redactValue(item, secrets));
+
+	const redacted: Record<string, unknown> = {};
+	for (const [key, child] of Object.entries(value)) {
+		redacted[redactString(key, secrets)] = isCredentialKey(key)
+			? REDACTED
+			: redactValue(child, secrets);
+	}
+	return redacted;
+}

package/dist/core/usage/store.ts

@@ -0,0 +1,66 @@
+import type { Database } from "bun:sqlite";
+import type { ProviderUsageSnapshot } from "./types";
+
+export function saveUsageSnapshot(
+	db: Database,
+	snapshot: ProviderUsageSnapshot,
+) {
+	const { rawRedacted, ...normalizedSnapshot } = snapshot;
+	const rawRedactedJSON = Object.hasOwn(snapshot, "rawRedacted")
+		? JSON.stringify(rawRedacted)
+		: null;
+
+	db.query(
+		`INSERT INTO usage_snapshots (
+            provider_id, alias, fetched_at, confidence, normalized_json, raw_redacted_json, error
+        ) VALUES (?, ?, ?, ?, ?, ?, ?)
+        ON CONFLICT(provider_id, alias) DO UPDATE SET
+            fetched_at = excluded.fetched_at,
+            confidence = excluded.confidence,
+            normalized_json = excluded.normalized_json,
+            raw_redacted_json = excluded.raw_redacted_json,
+            error = excluded.error`,
+	).run(
+		snapshot.providerID,
+		snapshot.alias,
+		snapshot.fetchedAt,
+		snapshot.confidence,
+		JSON.stringify(normalizedSnapshot),
+		rawRedactedJSON,
+		snapshot.error ?? null,
+	);
+
+	if (
+		snapshot.confidence === "exact" &&
+		snapshot.usedPercent !== undefined &&
+		snapshot.usedPercent < 100
+	) {
+		db.query<unknown, [number, string, string]>(
+			`UPDATE accounts
+             SET rate_limited_until = NULL,
+                 updated_at = ?
+             WHERE provider_id = ? AND alias = ?`,
+		).run(snapshot.fetchedAt, snapshot.providerID, snapshot.alias);
+	}
+}
+
+export function getUsageSnapshot(
+	db: Database,
+	providerID: string,
+	alias: string,
+) {
+	const row = db
+		.query<
+			{ normalized_json: string; raw_redacted_json: string | null },
+			[string, string]
+		>(
+			"SELECT normalized_json, raw_redacted_json FROM usage_snapshots WHERE provider_id = ? AND alias = ?",
+		)
+		.get(providerID, alias);
+	if (!row) return undefined;
+
+	const snapshot = JSON.parse(row.normalized_json) as ProviderUsageSnapshot;
+	if (row.raw_redacted_json !== null)
+		snapshot.rawRedacted = JSON.parse(row.raw_redacted_json);
+	return snapshot;
+}

package/dist/core/usage/types.ts

@@ -0,0 +1,24 @@
+import type { Account } from "../types";
+
+export type UsageConfidence = "exact" | "estimated" | "unavailable";
+
+export type ProviderUsageSnapshot = {
+	providerID: string;
+	alias: string;
+	fetchedAt: number;
+	confidence: UsageConfidence;
+	planName?: string;
+	usedTokens?: number;
+	remainingTokens?: number;
+	usedPercent?: number;
+	resetAt?: number;
+	message: string;
+	rawRedacted?: unknown;
+	error?: string;
+};
+
+export type ProviderUsageService = {
+	providerID: string;
+	supports(providerID: string): boolean;
+	refreshUsage(account: Account): Promise<ProviderUsageSnapshot>;
+};