@vacbo/opencode-anthropic-fix 0.0.44 → 0.1.1

package/src/oauth.ts

@@ -107,6 +107,7 @@ export async function exchange(code: string, verifier: string): Promise<Exchange
           reason = parsed.message;
         }
       } catch {
+        // Body is not JSON — use raw text as the reason, trimmed to strip whitespace
         reason = rawText.trim() || undefined;
       }
     }
@@ -154,6 +155,8 @@ export async function exchange(code: string, verifier: string): Promise<Exchange
         ? await result
             .text()
             .then((value) => (typeof value === "string" ? value : ""))
+            // Body may be unreadable on 5xx responses; empty string is the correct fallback
+            // because we've already captured the HTTP status for the caller.
             .catch(() => "")
         : "";
     return fail(result.status, raw);
@@ -198,6 +201,8 @@ export async function revoke(refreshToken: string): Promise<boolean> {
     });
     return resp.ok;
   } catch {
+    // Best-effort revocation — network errors, DNS failures, or endpoint unavailability
+    // are all expected; callers proceed with local cleanup regardless.
     return false;
   }
 }
@@ -236,6 +241,7 @@ export async function refreshToken(
   });
 
   if (!resp.ok) {
+    // Empty string is the correct fallback — we already have resp.status for the error message.
     const text = await resp.text().catch(() => "");
     const error: RefreshError = new Error(`Token refresh failed (HTTP ${resp.status}): ${text}`);
     error.status = resp.status;
@@ -243,7 +249,7 @@ export async function refreshToken(
       const parsed = JSON.parse(text);
       if (parsed.error) error.code = parsed.error;
     } catch {
-      // Body may not be valid JSON
+      // Body may not be valid JSON — leave error.code unset, the HTTP status is still attached
     }
     throw error;
   }

package/src/parent-pid-watcher.test.ts

@@ -0,0 +1,219 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+
+// RED phase — will be GREEN after T18.
+// @ts-expect-error T18 creates this module and makes these tests executable.
+import { ParentPidWatcher, watchParentAndExit } from "./parent-pid-watcher.js";
+
+const originalPlatformDescriptor = Object.getOwnPropertyDescriptor(process, "platform");
+const originalPpidDescriptor = Object.getOwnPropertyDescriptor(process, "ppid");
+
+function restorePlatform(): void {
+  if (originalPlatformDescriptor) {
+    Object.defineProperty(process, "platform", originalPlatformDescriptor);
+  }
+}
+
+function setPlatform(platform: NodeJS.Platform): void {
+  Object.defineProperty(process, "platform", {
+    value: platform,
+    configurable: true,
+  });
+}
+
+function restoreParentPid(): void {
+  if (originalPpidDescriptor) {
+    Object.defineProperty(process, "ppid", originalPpidDescriptor);
+  }
+}
+
+function setCurrentParentPid(ppid: number): void {
+  Object.defineProperty(process, "ppid", {
+    value: ppid,
+    configurable: true,
+  });
+}
+
+function makeProcessError(code: "EPERM" | "ESRCH"): NodeJS.ErrnoException {
+  const error = new Error(`process.kill failed with ${code}`) as NodeJS.ErrnoException;
+  error.code = code;
+  return error;
+}
+
+describe("ParentPidWatcher", () => {
+  beforeEach(() => {
+    vi.useFakeTimers();
+    restorePlatform();
+    restoreParentPid();
+  });
+
+  afterEach(() => {
+    vi.useRealTimers();
+    vi.restoreAllMocks();
+    restorePlatform();
+    restoreParentPid();
+  });
+
+  it("starts polling parent PID every 5 seconds by default", () => {
+    const onParentGone = vi.fn();
+    const intervalSpy = vi.spyOn(globalThis, "setInterval");
+    const killSpy = vi.spyOn(process, "kill").mockImplementation(() => true);
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      onParentGone,
+    });
+
+    watcher.start();
+
+    expect(intervalSpy).toHaveBeenCalledTimes(1);
+    expect(intervalSpy).toHaveBeenLastCalledWith(expect.any(Function), 5000);
+
+    vi.advanceTimersByTime(5000);
+
+    expect(killSpy).toHaveBeenCalledWith(4242, 0);
+    expect(onParentGone).not.toHaveBeenCalled();
+  });
+
+  it("fires the callback when process.kill(parentPid, 0) reports ESRCH", () => {
+    const onParentGone = vi.fn();
+
+    vi.spyOn(process, "kill").mockImplementation(() => {
+      throw makeProcessError("ESRCH");
+    });
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      onParentGone,
+    });
+
+    watcher.start();
+    vi.advanceTimersByTime(5000);
+
+    expect(onParentGone).toHaveBeenCalledTimes(1);
+  });
+
+  it("fires the callback when process.ppid changes away from the configured parent PID", () => {
+    const onParentGone = vi.fn();
+    setCurrentParentPid(4242);
+
+    vi.spyOn(process, "kill").mockImplementation(() => true);
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      onParentGone,
+    });
+
+    watcher.start();
+    setCurrentParentPid(9001);
+    vi.advanceTimersByTime(5000);
+
+    expect(onParentGone).toHaveBeenCalledTimes(1);
+  });
+
+  it("stops polling after the callback fires", () => {
+    const onParentGone = vi.fn();
+    const clearIntervalSpy = vi.spyOn(globalThis, "clearInterval");
+    const killSpy = vi.spyOn(process, "kill").mockImplementation(() => {
+      throw makeProcessError("ESRCH");
+    });
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      onParentGone,
+    });
+
+    watcher.start();
+    vi.advanceTimersByTime(5000);
+    vi.advanceTimersByTime(20_000);
+
+    expect(onParentGone).toHaveBeenCalledTimes(1);
+    expect(killSpy).toHaveBeenCalledTimes(1);
+    expect(clearIntervalSpy).toHaveBeenCalledTimes(1);
+  });
+
+  it("manual stop() halts polling", () => {
+    const onParentGone = vi.fn();
+    const clearIntervalSpy = vi.spyOn(globalThis, "clearInterval");
+    const killSpy = vi.spyOn(process, "kill").mockImplementation(() => true);
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      pollIntervalMs: 1000,
+      onParentGone,
+    });
+
+    watcher.start();
+    watcher.stop();
+    vi.advanceTimersByTime(10_000);
+
+    expect(killSpy).not.toHaveBeenCalled();
+    expect(onParentGone).not.toHaveBeenCalled();
+    expect(clearIntervalSpy).toHaveBeenCalledTimes(1);
+  });
+
+  it("does not start polling for invalid parent PIDs", () => {
+    const intervalSpy = vi.spyOn(globalThis, "setInterval");
+    const onParentGone = vi.fn();
+
+    expect(() => new ParentPidWatcher({ parentPid: 0, onParentGone }).start()).toThrow(/parent pid/i);
+    expect(() => new ParentPidWatcher({ parentPid: -1, onParentGone }).start()).toThrow(/parent pid/i);
+    expect(() => new ParentPidWatcher({ parentPid: Number.NaN, onParentGone }).start()).toThrow(/parent pid/i);
+    expect(intervalSpy).not.toHaveBeenCalled();
+  });
+
+  it("treats EPERM as parent-still-alive on macOS", () => {
+    const onParentGone = vi.fn();
+    setPlatform("darwin");
+
+    const killSpy = vi.spyOn(process, "kill").mockImplementation(() => {
+      throw makeProcessError("EPERM");
+    });
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      onParentGone,
+    });
+
+    watcher.start();
+    vi.advanceTimersByTime(5000);
+
+    expect(killSpy).toHaveBeenCalledWith(4242, 0);
+    expect(onParentGone).not.toHaveBeenCalled();
+  });
+
+  it("treats EPERM as parent-still-alive on Linux", () => {
+    const onParentGone = vi.fn();
+    setPlatform("linux");
+
+    const killSpy = vi.spyOn(process, "kill").mockImplementation(() => {
+      throw makeProcessError("EPERM");
+    });
+
+    const watcher = new ParentPidWatcher({
+      parentPid: 4242,
+      onParentGone,
+    });
+
+    watcher.start();
+    vi.advanceTimersByTime(5000);
+
+    expect(killSpy).toHaveBeenCalledWith(4242, 0);
+    expect(onParentGone).not.toHaveBeenCalled();
+  });
+
+  it("uses the same parent-death contract on Windows via watchParentAndExit", () => {
+    setPlatform("win32");
+
+    const exitSpy = vi.spyOn(process, "exit").mockImplementation((() => undefined) as never);
+    vi.spyOn(process, "kill").mockImplementation(() => {
+      throw makeProcessError("ESRCH");
+    });
+
+    const watcher = watchParentAndExit(4242, 7);
+
+    watcher.start();
+    vi.advanceTimersByTime(5000);
+
+    expect(exitSpy).toHaveBeenCalledWith(7);
+  });
+});

package/src/parent-pid-watcher.ts

@@ -0,0 +1,99 @@
+const DEFAULT_POLL_INTERVAL_MS = 5_000;
+const DEFAULT_PARENT_EXIT_CODE = 1;
+
+export interface ParentPidWatcherOptions {
+  parentPid: number;
+  pollIntervalMs?: number;
+  onParentGone: () => void;
+}
+
+function assertValidParentPid(parentPid: number): void {
+  if (!Number.isInteger(parentPid) || parentPid <= 0) {
+    throw new Error("Parent PID must be a positive integer.");
+  }
+}
+
+function assertValidPollInterval(pollIntervalMs: number): void {
+  if (!Number.isFinite(pollIntervalMs) || pollIntervalMs <= 0) {
+    throw new Error("Poll interval must be a positive number.");
+  }
+}
+
+function isParentAlive(parentPid: number): boolean {
+  try {
+    process.kill(parentPid, 0);
+    return true;
+  } catch (error) {
+    const code = (error as NodeJS.ErrnoException).code;
+    if (code === "ESRCH") {
+      return false;
+    }
+
+    if (code === "EPERM") {
+      return true;
+    }
+
+    return true;
+  }
+}
+
+export class ParentPidWatcher {
+  private readonly parentPid: number;
+  private readonly pollIntervalMs: number;
+  private readonly onParentGone: () => void;
+
+  private interval: ReturnType<typeof setInterval> | null = null;
+  private shouldMonitorPpidDrift = false;
+
+  constructor(options: ParentPidWatcherOptions) {
+    this.parentPid = options.parentPid;
+    this.pollIntervalMs = options.pollIntervalMs ?? DEFAULT_POLL_INTERVAL_MS;
+    this.onParentGone = options.onParentGone;
+  }
+
+  start(): void {
+    if (this.interval) {
+      return;
+    }
+
+    assertValidParentPid(this.parentPid);
+    assertValidPollInterval(this.pollIntervalMs);
+
+    this.shouldMonitorPpidDrift = process.ppid === this.parentPid;
+
+    this.interval = setInterval(() => {
+      if (this.shouldMonitorPpidDrift && process.ppid !== this.parentPid) {
+        this.handleParentGone();
+        return;
+      }
+
+      if (!isParentAlive(this.parentPid)) {
+        this.handleParentGone();
+      }
+    }, this.pollIntervalMs);
+  }
+
+  stop(): void {
+    if (!this.interval) {
+      return;
+    }
+
+    clearInterval(this.interval);
+    this.interval = null;
+    this.shouldMonitorPpidDrift = false;
+  }
+
+  private handleParentGone(): void {
+    this.stop();
+    this.onParentGone();
+  }
+}
+
+export function watchParentAndExit(parentPid: number, exitCode = DEFAULT_PARENT_EXIT_CODE): ParentPidWatcher {
+  return new ParentPidWatcher({
+    parentPid,
+    onParentGone: () => {
+      process.exit(exitCode);
+    },
+  });
+}

package/src/plugin-helpers.ts

@@ -0,0 +1,112 @@
+import { AccountManager } from "./accounts.js";
+import { stripAnsi } from "./commands/router.js";
+import type { AnthropicAuthConfig } from "./config.js";
+import type { OpenCodeClient } from "./token-refresh.js";
+
+/**
+ * Cap on the toast-debounce timestamp map. Bounded because each distinct
+ * `debounceKey` creates a long-lived entry, and new debounce keys accumulate
+ * over a session (one per account switch reason, per account, etc.). Eviction
+ * is FIFO on the insertion order preserved by Map.
+ */
+const DEBOUNCE_TOAST_MAP_MAX_SIZE = 50;
+
+export interface PluginHelperDeps {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any -- OpenCode plugin client API boundary; accepts arbitrary extension methods
+  client: OpenCodeClient & Record<string, any>;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any -- plugin config accepts forward-compatible arbitrary keys
+  config: AnthropicAuthConfig & Record<string, any>;
+  debugLog: (...args: unknown[]) => void;
+  getAccountManager: () => AccountManager | null;
+  setAccountManager: (accountManager: AccountManager | null) => void;
+}
+
+export function createPluginHelpers({
+  client,
+  config,
+  debugLog,
+  getAccountManager,
+  setAccountManager,
+}: PluginHelperDeps) {
+  const debouncedToastTimestamps = new Map<string, number>();
+
+  async function sendCommandMessage(sessionID: string, text: string) {
+    await client.session?.prompt({
+      path: { id: sessionID },
+      body: { noReply: true, parts: [{ type: "text", text, ignored: true }] },
+    });
+  }
+
+  async function reloadAccountManagerFromDisk() {
+    if (!getAccountManager()) return;
+    setAccountManager(await AccountManager.load(config, null));
+  }
+
+  async function persistOpenCodeAuth(refresh: string, access: string | undefined, expires: number | undefined) {
+    await client.auth?.set({
+      path: { id: "anthropic" },
+      body: { type: "oauth", refresh, access, expires },
+    });
+  }
+
+  async function runCliCommand(argv: string[]): Promise<{ code: number; stdout: string; stderr: string }> {
+    const logs: string[] = [];
+    const errors: string[] = [];
+    let code = 1;
+    try {
+      const { main: cliMain } = await import("./cli.js");
+      code = await cliMain(argv, {
+        io: {
+          log: (...args: unknown[]) => logs.push(args.map(String).join(" ")),
+          error: (...args: unknown[]) => errors.push(args.map(String).join(" ")),
+        },
+      });
+    } catch (err) {
+      errors.push(err instanceof Error ? err.message : String(err));
+    }
+    return {
+      code,
+      stdout: stripAnsi(logs.join("\n")).trim(),
+      stderr: stripAnsi(errors.join("\n")).trim(),
+    };
+  }
+
+  async function toast(
+    message: string,
+    variant: "info" | "success" | "warning" | "error" = "info",
+    options: { debounceKey?: string } = {},
+  ) {
+    if (config.toasts.quiet && variant !== "error") return;
+    if (variant !== "error" && options.debounceKey) {
+      const minGapMs = Math.max(0, config.toasts.debounce_seconds) * 1000;
+      if (minGapMs > 0) {
+        const now = Date.now();
+        const lastAt = debouncedToastTimestamps.get(options.debounceKey) ?? 0;
+        if (now - lastAt < minGapMs) return;
+        if (
+          !debouncedToastTimestamps.has(options.debounceKey) &&
+          debouncedToastTimestamps.size >= DEBOUNCE_TOAST_MAP_MAX_SIZE
+        ) {
+          const oldestKey = debouncedToastTimestamps.keys().next().value;
+          if (oldestKey !== undefined) debouncedToastTimestamps.delete(oldestKey);
+        }
+        debouncedToastTimestamps.set(options.debounceKey, now);
+      }
+    }
+    try {
+      await client.tui?.showToast({ body: { message, variant } });
+    } catch (err) {
+      if (!(err instanceof TypeError)) debugLog("toast failed:", err);
+    }
+  }
+
+  return {
+    toast,
+    sendCommandMessage,
+    runCliCommand,
+    reloadAccountManagerFromDisk,
+    persistOpenCodeAuth,
+  };
+}
+
+export type PluginHelpers = ReturnType<typeof createPluginHelpers>;

package/src/refresh-helpers.ts

@@ -0,0 +1,169 @@
+import type { AccountManager, ManagedAccount } from "./accounts.js";
+import type { AnthropicAuthConfig } from "./config.js";
+import type { OpenCodeClient } from "./token-refresh.js";
+import { markTokenStateUpdated, readDiskAccountAuth, refreshAccountToken } from "./token-refresh.js";
+
+type RefreshSource = "foreground" | "idle";
+
+type RefreshInFlightEntry = {
+  promise: Promise<string>;
+  source: RefreshSource;
+};
+
+export interface RefreshDeps {
+  client: OpenCodeClient;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any -- plugin config accepts forward-compatible arbitrary keys
+  config: AnthropicAuthConfig & Record<string, any>;
+  getAccountManager: () => AccountManager | null;
+  debugLog: (...args: unknown[]) => void;
+}
+
+export function createRefreshHelpers({ client, config, getAccountManager, debugLog }: RefreshDeps) {
+  const refreshInFlight = new Map<string, RefreshInFlightEntry>();
+  const idleRefreshLastAttempt = new Map<string, number>();
+  const idleRefreshInFlight = new Set<string>();
+
+  const IDLE_REFRESH_ENABLED = config.idle_refresh.enabled;
+  const IDLE_REFRESH_WINDOW_MS = config.idle_refresh.window_minutes * 60 * 1000;
+  const IDLE_REFRESH_MIN_INTERVAL_MS = config.idle_refresh.min_interval_minutes * 60 * 1000;
+
+  function parseRefreshFailure(refreshError: unknown) {
+    const message = refreshError instanceof Error ? refreshError.message : String(refreshError);
+    const status =
+      typeof refreshError === "object" && refreshError && "status" in refreshError
+        ? Number((refreshError as Record<string, unknown>).status)
+        : NaN;
+    const errorCode =
+      typeof refreshError === "object" && refreshError && ("errorCode" in refreshError || "code" in refreshError)
+        ? String(
+            (refreshError as Record<string, unknown>).errorCode || (refreshError as Record<string, unknown>).code || "",
+          )
+        : "";
+    const msgLower = message.toLowerCase();
+    const isInvalidGrant =
+      errorCode === "invalid_grant" || errorCode === "invalid_request" || msgLower.includes("invalid_grant");
+    const isTerminalStatus = status === 400 || status === 401 || status === 403;
+    return { message, status, errorCode, isInvalidGrant, isTerminalStatus };
+  }
+
+  async function refreshAccountTokenSingleFlight(
+    account: ManagedAccount,
+    source: RefreshSource = "foreground",
+  ): Promise<string> {
+    const key = account.id;
+    const existing = refreshInFlight.get(key);
+    if (existing) {
+      if (source === "foreground" && existing.source === "idle") {
+        try {
+          await existing.promise;
+        } catch (err) {
+          void err;
+        }
+        if (account.access && account.expires && account.expires > Date.now()) return account.access;
+        const retried = refreshInFlight.get(key);
+        if (retried && retried !== existing) {
+          return retried.promise;
+        }
+      } else {
+        return existing.promise;
+      }
+    }
+
+    const entry: RefreshInFlightEntry = {
+      source,
+      promise: Promise.resolve(""),
+    };
+    const p = (async () => {
+      try {
+        return await refreshAccountToken(account, client, source, {
+          onTokensUpdated: async () => {
+            try {
+              await getAccountManager()!.saveToDisk();
+            } catch {
+              getAccountManager()!.requestSaveToDisk();
+              throw new Error("save failed, debounced retry scheduled");
+            }
+          },
+          debugLog,
+        });
+      } finally {
+        if (refreshInFlight.get(key) === entry) refreshInFlight.delete(key);
+      }
+    })();
+    entry.promise = p;
+    refreshInFlight.set(key, entry);
+    return p;
+  }
+
+  async function refreshIdleAccount(account: ManagedAccount) {
+    if (!getAccountManager()) return;
+    if (idleRefreshInFlight.has(account.id)) return;
+    idleRefreshInFlight.add(account.id);
+    const attemptedRefreshToken = account.refreshToken;
+    try {
+      try {
+        await refreshAccountTokenSingleFlight(account, "idle");
+        return;
+      } catch (err) {
+        let details = parseRefreshFailure(err);
+        if (!(details.isInvalidGrant || details.isTerminalStatus)) {
+          debugLog("idle refresh skipped after transient failure", {
+            accountIndex: account.index,
+            status: details.status,
+            errorCode: details.errorCode,
+            message: details.message,
+          });
+          return;
+        }
+        const diskAuth = await readDiskAccountAuth(account.id);
+        const retryToken = diskAuth?.refreshToken;
+        if (retryToken && retryToken !== attemptedRefreshToken && account.refreshToken === attemptedRefreshToken) {
+          account.refreshToken = retryToken;
+          if (diskAuth?.tokenUpdatedAt) account.tokenUpdatedAt = diskAuth.tokenUpdatedAt;
+          else markTokenStateUpdated(account);
+        }
+        try {
+          await refreshAccountTokenSingleFlight(account, "idle");
+        } catch (retryErr) {
+          details = parseRefreshFailure(retryErr);
+          debugLog("idle refresh retry failed", {
+            accountIndex: account.index,
+            status: details.status,
+            errorCode: details.errorCode,
+            message: details.message,
+          });
+        }
+      }
+    } finally {
+      idleRefreshInFlight.delete(account.id);
+    }
+  }
+
+  function maybeRefreshIdleAccounts(activeAccount: ManagedAccount) {
+    const accountManager = getAccountManager();
+    if (!IDLE_REFRESH_ENABLED || !accountManager) return;
+    const now = Date.now();
+    const excluded = new Set([activeAccount.index]);
+    const candidates = accountManager
+      .getEnabledAccounts(excluded)
+      .filter((acc) => !acc.expires || acc.expires <= now + IDLE_REFRESH_WINDOW_MS)
+      .filter((acc) => {
+        const last = idleRefreshLastAttempt.get(acc.id) ?? 0;
+        return now - last >= IDLE_REFRESH_MIN_INTERVAL_MS;
+      })
+      .sort((a, b) => (a.expires ?? 0) - (b.expires ?? 0));
+    const target = candidates[0];
+    if (!target) return;
+    idleRefreshLastAttempt.set(target.id, now);
+    void refreshIdleAccount(target);
+  }
+
+  return {
+    parseRefreshFailure,
+    refreshAccountTokenSingleFlight,
+    refreshIdleAccount,
+    maybeRefreshIdleAccounts,
+  };
+}
+
+export type RefreshHelpers = ReturnType<typeof createRefreshHelpers>;