@vybestack/llxprt-code-core 0.1.18-nightly.250807.306d1939 → 0.1.18-nightly.250811.b0db22c6

package/dist/src/auth/token-store.spec.js

@@ -0,0 +1,405 @@
+/**
+ * @license
+ * Copyright 2025 Vybestack LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { promises as fs } from 'fs';
+import { join } from 'path';
+import { tmpdir } from 'os';
+import { MultiProviderTokenStore } from './token-store.js';
+describe('MultiProviderTokenStore - Behavioral Tests', () => {
+    let tokenStore;
+    let tempDir;
+    let originalHome;
+    const validQwenToken = {
+        access_token: 'qwen-access-token-123',
+        refresh_token: 'qwen-refresh-token-456',
+        expiry: Math.floor(Date.now() / 1000) + 3600, // 1 hour from now
+        scope: 'read write',
+        token_type: 'Bearer',
+    };
+    const _validGeminiToken = {
+        access_token: 'gemini-access-token-789',
+        refresh_token: 'gemini-refresh-token-101',
+        expiry: Math.floor(Date.now() / 1000) + 7200, // 2 hours from now
+        scope: 'admin',
+        token_type: 'Bearer',
+    };
+    beforeEach(async () => {
+        // Create temporary directory for testing
+        tempDir = await fs.mkdtemp(join(tmpdir(), 'token-store-test-'));
+        // Mock HOME environment to point to temp directory
+        originalHome = process.env.HOME;
+        process.env.HOME = tempDir;
+        tokenStore = new MultiProviderTokenStore();
+    });
+    afterEach(async () => {
+        // Restore original HOME environment
+        if (originalHome) {
+            process.env.HOME = originalHome;
+        }
+        else {
+            delete process.env.HOME;
+        }
+        // Clean up temp directory
+        try {
+            await fs.rm(tempDir, { recursive: true, force: true });
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+    });
+    describe('Token CRUD Operations', () => {
+        /**
+         * @requirement REQ-003.1
+         * @scenario Save token for new provider
+         * @given Empty token store
+         * @when saveToken('qwen', validToken) is called
+         * @then Token is persisted to ~/.llxprt/oauth/qwen.json
+         * @and File has 0600 permissions
+         */
+        it('should save token for new provider with correct file permissions', async () => {
+            await tokenStore.saveToken('qwen', validQwenToken);
+            // Verify expected behavior when implemented:
+            const tokenPath = join(tempDir, '.llxprt', 'oauth', 'qwen.json');
+            await fs.access(tokenPath); // File exists
+            const stats = await fs.stat(tokenPath);
+            expect(stats.mode & 0o777).toBe(0o600); // File permissions are 0600
+            const content = JSON.parse(await fs.readFile(tokenPath, 'utf8'));
+            expect(content).toEqual(validQwenToken);
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario Retrieve saved token
+         * @given Token saved for 'qwen' provider
+         * @when getToken('qwen') is called
+         * @then Returns the saved token with all fields
+         */
+        it('should retrieve saved token with all fields intact', async () => {
+            await tokenStore.saveToken('qwen', validQwenToken);
+            const retrievedToken = await tokenStore.getToken('qwen');
+            expect(retrievedToken).toEqual(validQwenToken);
+            expect(retrievedToken?.access_token).toBe('qwen-access-token-123');
+            expect(retrievedToken?.refresh_token).toBe('qwen-refresh-token-456');
+            expect(retrievedToken?.expiry).toBe(validQwenToken.expiry);
+            expect(retrievedToken?.scope).toBe('read write');
+            expect(retrievedToken?.token_type).toBe('Bearer');
+        });
+        /**
+         * @requirement REQ-003.3
+         * @scenario Token structure validation
+         * @given Token with access_token, refresh_token, expiry
+         * @when saveToken is called
+         * @then All fields are preserved in storage
+         */
+        it('should preserve all token fields when saving and retrieving', async () => {
+            const complexToken = {
+                access_token: 'complex-access-token-with-special-chars!@#$%',
+                refresh_token: 'complex-refresh-token-with-unicode-café',
+                expiry: 1735689600, // Fixed timestamp for testing
+                scope: 'read:user write:repo admin:org',
+                token_type: 'Bearer',
+            };
+            await tokenStore.saveToken('complex', complexToken);
+            const retrieved = await tokenStore.getToken('complex');
+            expect(retrieved).toEqual(complexToken);
+            expect(retrieved?.access_token).toContain('special-chars!@#$%');
+            expect(retrieved?.refresh_token).toContain('unicode-café');
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario Remove provider token
+         * @given Token exists for 'qwen'
+         * @when removeToken('qwen') called
+         * @then File deleted, getToken returns null
+         */
+        it('should remove token file and return null on subsequent gets', async () => {
+            await tokenStore.saveToken('qwen', validQwenToken);
+            await tokenStore.removeToken('qwen');
+            const retrieved = await tokenStore.getToken('qwen');
+            expect(retrieved).toBeNull();
+            const tokenPath = join(tempDir, '.llxprt', 'oauth', 'qwen.json');
+            await expect(fs.access(tokenPath)).rejects.toThrow();
+        });
+    });
+    describe('Multi-Provider Scenarios', () => {
+        /**
+         * @requirement REQ-003.1
+         * @scenario Multiple providers coexist
+         * @given Tokens saved for 'qwen' and 'gemini'
+         * @when getToken('qwen') is called
+         * @then Returns only qwen token, gemini unaffected
+         */
+        it('should handle multiple providers independently', async () => {
+            await tokenStore.saveToken('qwen', validQwenToken);
+            await tokenStore.saveToken('gemini', _validGeminiToken);
+            const qwenToken = await tokenStore.getToken('qwen');
+            const geminiToken = await tokenStore.getToken('gemini');
+            expect(qwenToken).toEqual(validQwenToken);
+            expect(geminiToken).toEqual(_validGeminiToken);
+            expect(qwenToken?.access_token).not.toBe(geminiToken?.access_token);
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario List all authenticated providers
+         * @given Tokens for 'qwen', 'gemini' exist
+         * @when listProviders() is called
+         * @then Returns ['gemini', 'qwen'] sorted
+         */
+        it('should list all providers with stored tokens in sorted order', async () => {
+            await tokenStore.saveToken('qwen', validQwenToken);
+            await tokenStore.saveToken('gemini', _validGeminiToken);
+            await tokenStore.saveToken('anthropic', validQwenToken); // Using same token structure
+            const providers = await tokenStore.listProviders();
+            expect(providers).toEqual(['anthropic', 'gemini', 'qwen']);
+            expect(providers).toHaveLength(3);
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario Provider isolation
+         * @given Multiple providers have tokens
+         * @when one provider token is removed
+         * @then Other providers remain unaffected
+         */
+        it('should maintain provider isolation when removing tokens', async () => {
+            await tokenStore.saveToken('qwen', validQwenToken);
+            await tokenStore.saveToken('gemini', _validGeminiToken);
+            await tokenStore.removeToken('qwen');
+            const qwenToken = await tokenStore.getToken('qwen');
+            const geminiToken = await tokenStore.getToken('gemini');
+            expect(qwenToken).toBeNull();
+            expect(geminiToken).toEqual(_validGeminiToken);
+            const providers = await tokenStore.listProviders();
+            expect(providers).toEqual(['gemini']);
+        });
+    });
+    describe('Security & Permissions', () => {
+        /**
+         * @requirement REQ-003.2
+         * @scenario Secure file permissions
+         * @given New token being saved
+         * @when saveToken creates file
+         * @then File has 0600 (owner read/write only)
+         */
+        it('should create token files with secure 0600 permissions', async () => {
+            await tokenStore.saveToken('security-test', validQwenToken);
+            const tokenPath = join(tempDir, '.llxprt', 'oauth', 'security-test.json');
+            const stats = await fs.stat(tokenPath);
+            expect(stats.mode & 0o777).toBe(0o600);
+            expect(stats.mode & 0o044).toBe(0); // No group/other read
+            expect(stats.mode & 0o022).toBe(0); // No group/other write
+        });
+        /**
+         * @requirement REQ-003.4
+         * @scenario Correct storage path
+         * @given Token for provider 'qwen'
+         * @when saved to filesystem
+         * @then Path is ~/.llxprt/oauth/qwen.json
+         */
+        it('should store tokens in correct ~/.llxprt/oauth/ directory structure', async () => {
+            await tokenStore.saveToken('path-test', validQwenToken);
+            const expectedPath = join(tempDir, '.llxprt', 'oauth', 'path-test.json');
+            await fs.access(expectedPath); // Should not throw
+            const content = JSON.parse(await fs.readFile(expectedPath, 'utf8'));
+            expect(content).toEqual(validQwenToken);
+        });
+        /**
+         * @requirement REQ-003.2
+         * @scenario Directory creation with secure permissions
+         * @given ~/.llxprt/oauth directory doesn't exist
+         * @when first token is saved
+         * @then Directory is created with appropriate permissions
+         */
+        it('should create oauth directory structure with secure permissions', async () => {
+            await tokenStore.saveToken('dir-test', validQwenToken);
+            const oauthDir = join(tempDir, '.llxprt', 'oauth');
+            const llxprtDir = join(tempDir, '.llxprt');
+            const oauthStats = await fs.stat(oauthDir);
+            const llxprtStats = await fs.stat(llxprtDir);
+            expect(oauthStats.isDirectory()).toBe(true);
+            expect(llxprtStats.isDirectory()).toBe(true);
+            expect(oauthStats.mode & 0o777).toBe(0o700); // Directory should be 0700
+        });
+    });
+    describe('Error Handling', () => {
+        /**
+         * @requirement REQ-003.1
+         * @scenario Get token for unauthenticated provider
+         * @given No token exists for 'anthropic'
+         * @when getToken('anthropic') is called
+         * @then Returns null, no error thrown
+         */
+        it('should return null for non-existent provider without throwing error', async () => {
+            const token = await tokenStore.getToken('non-existent');
+            expect(token).toBeNull();
+        });
+        /**
+         * @requirement REQ-003.2
+         * @scenario Handle corrupted token file
+         * @given Malformed JSON in token file
+         * @when getToken is called
+         * @then Returns null and logs warning
+         */
+        it('should handle corrupted token files gracefully', async () => {
+            // First save a valid token
+            await tokenStore.saveToken('corrupted', validQwenToken);
+            // Then corrupt the file
+            const tokenPath = join(tempDir, '.llxprt', 'oauth', 'corrupted.json');
+            await fs.writeFile(tokenPath, '{ invalid json }');
+            const token = await tokenStore.getToken('corrupted');
+            expect(token).toBeNull();
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario Remove non-existent token
+         * @given No token exists for provider
+         * @when removeToken is called
+         * @then Operation succeeds silently
+         */
+        it('should handle removal of non-existent tokens gracefully', async () => {
+            // Should not throw error
+            await expect(tokenStore.removeToken('non-existent')).resolves.not.toThrow();
+        });
+        /**
+         * @requirement REQ-003.2
+         * @scenario Handle filesystem permission errors
+         * @given Filesystem permission restrictions
+         * @when attempting to save token
+         * @then Throws appropriate error
+         */
+        it('should handle filesystem permission errors appropriately', async () => {
+            // Create directory with no write permissions
+            const restrictedDir = join(tempDir, '.llxprt');
+            await fs.mkdir(restrictedDir, { recursive: true });
+            await fs.chmod(restrictedDir, 0o444); // Read-only
+            await expect(tokenStore.saveToken('permission-test', validQwenToken)).rejects.toThrow();
+            await fs.chmod(restrictedDir, 0o755); // Restore permissions for cleanup
+        });
+    });
+    describe('Token Updates', () => {
+        /**
+         * @requirement REQ-003.3
+         * @scenario Update existing token
+         * @given Existing token for 'qwen'
+         * @when saveToken with new token called
+         * @then Old token replaced completely
+         */
+        it('should completely replace existing tokens when saving new ones', async () => {
+            const _updatedToken = {
+                access_token: 'updated-access-token',
+                refresh_token: 'updated-refresh-token',
+                expiry: Math.floor(Date.now() / 1000) + 1800, // 30 minutes
+                scope: 'limited-scope',
+                token_type: 'Bearer',
+            };
+            await tokenStore.saveToken('qwen', validQwenToken);
+            await tokenStore.saveToken('qwen', _updatedToken);
+            const retrieved = await tokenStore.getToken('qwen');
+            expect(retrieved).toEqual(_updatedToken);
+            expect(retrieved?.access_token).toBe('updated-access-token');
+            expect(retrieved?.scope).toBe('limited-scope');
+            expect(retrieved).not.toEqual(validQwenToken);
+        });
+        /**
+         * @requirement REQ-003.3
+         * @scenario Token update preserves file permissions
+         * @given Existing token file with 0600 permissions
+         * @when token is updated
+         * @then File permissions remain 0600
+         */
+        it('should preserve secure file permissions when updating tokens', async () => {
+            const _updatedToken = {
+                access_token: 'permission-update-token',
+                expiry: Math.floor(Date.now() / 1000) + 900, // 15 minutes
+                token_type: 'Bearer',
+            };
+            await tokenStore.saveToken('permission-update', validQwenToken);
+            await tokenStore.saveToken('permission-update', _updatedToken);
+            const tokenPath = join(tempDir, '.llxprt', 'oauth', 'permission-update.json');
+            const stats = await fs.stat(tokenPath);
+            expect(stats.mode & 0o777).toBe(0o600);
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario Partial token updates
+         * @given Token with optional refresh_token
+         * @when saving token without refresh_token
+         * @then Only required fields are stored
+         */
+        it('should handle tokens with optional fields correctly', async () => {
+            const minimalToken = {
+                access_token: 'minimal-access-token',
+                expiry: Math.floor(Date.now() / 1000) + 600, // 10 minutes
+                token_type: 'Bearer',
+                // No refresh_token or scope
+            };
+            await tokenStore.saveToken('minimal', minimalToken);
+            const retrieved = await tokenStore.getToken('minimal');
+            expect(retrieved).toEqual(minimalToken);
+            expect(retrieved?.refresh_token).toBeUndefined();
+            expect(retrieved?.scope).toBeUndefined();
+            expect(retrieved?.access_token).toBe('minimal-access-token');
+        });
+    });
+    describe('Provider Name Validation', () => {
+        /**
+         * @requirement REQ-003.1
+         * @scenario Handle special characters in provider names
+         * @given Provider name with special characters
+         * @when saving token
+         * @then Sanitizes filename appropriately
+         */
+        it('should handle provider names with special characters', async () => {
+            // Test with various special characters that might be problematic in filenames
+            const specialProviders = [
+                'provider-with-hyphens',
+                'provider_with_underscores',
+                'provider.with.dots',
+            ];
+            for (const provider of specialProviders) {
+                await tokenStore.saveToken(provider, validQwenToken);
+                const retrieved = await tokenStore.getToken(provider);
+                expect(retrieved).toEqual(validQwenToken);
+            }
+        });
+        /**
+         * @requirement REQ-003.1
+         * @scenario Handle empty or invalid provider names
+         * @given Empty or invalid provider name
+         * @when attempting to save token
+         * @then Throws appropriate error
+         */
+        it('should reject empty or invalid provider names', async () => {
+            const invalidProviders = ['', ' ', '\t', '\n'];
+            for (const provider of invalidProviders) {
+                await expect(tokenStore.saveToken(provider, validQwenToken)).rejects.toThrow();
+            }
+        });
+    });
+    describe('Concurrent Operations', () => {
+        /**
+         * @requirement REQ-003.1
+         * @scenario Concurrent token operations
+         * @given Multiple simultaneous token operations
+         * @when operations are performed concurrently
+         * @then All operations complete successfully
+         */
+        it('should handle concurrent token operations safely', async () => {
+            const providers = ['concurrent1', 'concurrent2', 'concurrent3'];
+            const tokens = providers.map((provider, index) => ({
+                ...validQwenToken,
+                access_token: `concurrent-token-${index}`,
+            }));
+            // Test concurrent saves
+            const savePromises = providers.map((provider, index) => tokenStore.saveToken(provider, tokens[index]));
+            await Promise.all(savePromises);
+            const getPromises = providers.map((provider) => tokenStore.getToken(provider));
+            const retrievedTokens = await Promise.all(getPromises);
+            retrievedTokens.forEach((token, index) => {
+                expect(token?.access_token).toBe(`concurrent-token-${index}`);
+            });
+        });
+    });
+});
+//# sourceMappingURL=token-store.spec.js.map

package/dist/src/auth/token-store.spec.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-store.spec.js","sourceRoot":"","sources":["../../../src/auth/token-store.spec.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,IAAI,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAC5B,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAG3D,QAAQ,CAAC,4CAA4C,EAAE,GAAG,EAAE;IAC1D,IAAI,UAAmC,CAAC;IACxC,IAAI,OAAe,CAAC;IACpB,IAAI,YAAgC,CAAC;IAErC,MAAM,cAAc,GAAe;QACjC,YAAY,EAAE,uBAAuB;QACrC,aAAa,EAAE,wBAAwB;QACvC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,EAAE,kBAAkB;QAChE,KAAK,EAAE,YAAY;QACnB,UAAU,EAAE,QAAiB;KAC9B,CAAC;IAEF,MAAM,iBAAiB,GAAe;QACpC,YAAY,EAAE,yBAAyB;QACvC,aAAa,EAAE,0BAA0B;QACzC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,EAAE,mBAAmB;QACjE,KAAK,EAAE,OAAO;QACd,UAAU,EAAE,QAAiB;KAC9B,CAAC;IAEF,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,yCAAyC;QACzC,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,mBAAmB,CAAC,CAAC,CAAC;QAEhE,mDAAmD;QACnD,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,OAAO,CAAC;QAE3B,UAAU,GAAG,IAAI,uBAAuB,EAAE,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,oCAAoC;QACpC,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,YAAY,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAC1B,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC;;;;;;;WAOG;QACH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;YAChF,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YAEnD,6CAA6C;YAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YACjE,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc;YAC1C,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACvC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,4BAA4B;YACpE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;YACjE,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,oDAAoD,EAAE,KAAK,IAAI,EAAE;YAClE,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,cAAc,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACzD,MAAM,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;YAC/C,MAAM,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACnE,MAAM,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACrE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACjD,MAAM,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;YAC3E,MAAM,YAAY,GAAe;gBAC/B,YAAY,EAAE,8CAA8C;gBAC5D,aAAa,EAAE,yCAAyC;gBACxD,MAAM,EAAE,UAAU,EAAE,8BAA8B;gBAClD,KAAK,EAAE,gCAAgC;gBACvC,UAAU,EAAE,QAAiB;aAC9B,CAAC;YAEF,MAAM,UAAU,CAAC,SAAS,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;YACpD,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YACvD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YACxC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;YAChE,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;YAC3E,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,UAAU,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACrC,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpD,MAAM,CAAC,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YACjE,MAAM,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;QACxC;;;;;;WAMG;QACH,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;YAC9D,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,UAAU,CAAC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;YACxD,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpD,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACxD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;YAC1C,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YAC/C,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,8DAA8D,EAAE,KAAK,IAAI,EAAE;YAC5E,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,UAAU,CAAC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;YACxD,MAAM,UAAU,CAAC,SAAS,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC,6BAA6B;YACtF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,aAAa,EAAE,CAAC;YACnD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;YAC3D,MAAM,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;YACvE,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,UAAU,CAAC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;YACxD,MAAM,UAAU,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACrC,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpD,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACxD,MAAM,CAAC,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC7B,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YAC/C,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,aAAa,EAAE,CAAC;YACnD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;QACtC;;;;;;WAMG;QACH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,MAAM,UAAU,CAAC,SAAS,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;YAC5D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,oBAAoB,CAAC,CAAC;YAC1E,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACvC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACvC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;YAC1D,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,uBAAuB;QAC7D,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,qEAAqE,EAAE,KAAK,IAAI,EAAE;YACnF,MAAM,UAAU,CAAC,SAAS,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;YACxD,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC;YACzE,MAAM,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,mBAAmB;YAClD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC;YACpE,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;YAC/E,MAAM,UAAU,CAAC,SAAS,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;YACvD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAC3C,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC7C,MAAM,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5C,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,CAAC,UAAU,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,2BAA2B;QAC1E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B;;;;;;WAMG;QACH,EAAE,CAAC,qEAAqE,EAAE,KAAK,IAAI,EAAE;YACnF,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;YACxD,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;YAC9D,2BAA2B;YAC3B,MAAM,UAAU,CAAC,SAAS,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;YACxD,wBAAwB;YACxB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC;YACtE,MAAM,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;YAClD,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YACrD,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;YACvE,yBAAyB;YACzB,MAAM,MAAM,CACV,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,CACvC,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;YACxE,6CAA6C;YAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAC/C,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACnD,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC,CAAC,YAAY;YAClD,MAAM,MAAM,CACV,UAAU,CAAC,SAAS,CAAC,iBAAiB,EAAE,cAAc,CAAC,CACxD,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC,CAAC,kCAAkC;QAC1E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B;;;;;;WAMG;QACH,EAAE,CAAC,gEAAgE,EAAE,KAAK,IAAI,EAAE;YAC9E,MAAM,aAAa,GAAe;gBAChC,YAAY,EAAE,sBAAsB;gBACpC,aAAa,EAAE,uBAAuB;gBACtC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,EAAE,aAAa;gBAC3D,KAAK,EAAE,eAAe;gBACtB,UAAU,EAAE,QAAiB;aAC9B,CAAC;YAEF,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;YAClD,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YACzC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YAC7D,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC/C,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,8DAA8D,EAAE,KAAK,IAAI,EAAE;YAC5E,MAAM,aAAa,GAAe;gBAChC,YAAY,EAAE,yBAAyB;gBACvC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,EAAE,aAAa;gBAC1D,UAAU,EAAE,QAAiB;aAC9B,CAAC;YAEF,MAAM,UAAU,CAAC,SAAS,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAAC;YAChE,MAAM,UAAU,CAAC,SAAS,CAAC,mBAAmB,EAAE,aAAa,CAAC,CAAC;YAC/D,MAAM,SAAS,GAAG,IAAI,CACpB,OAAO,EACP,SAAS,EACT,OAAO,EACP,wBAAwB,CACzB,CAAC;YACF,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACvC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;YACnE,MAAM,YAAY,GAAe;gBAC/B,YAAY,EAAE,sBAAsB;gBACpC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,EAAE,aAAa;gBAC1D,UAAU,EAAE,QAAiB;gBAC7B,4BAA4B;aAC7B,CAAC;YAEF,MAAM,UAAU,CAAC,SAAS,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;YACpD,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YACvD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YACxC,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,aAAa,EAAE,CAAC;YACjD,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,aAAa,EAAE,CAAC;YACzC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;QACxC;;;;;;WAMG;QACH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;YACpE,8EAA8E;YAC9E,MAAM,gBAAgB,GAAG;gBACvB,uBAAuB;gBACvB,2BAA2B;gBAC3B,oBAAoB;aACrB,CAAC;YAEF,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE,CAAC;gBACxC,MAAM,UAAU,CAAC,SAAS,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;gBACrD,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACtD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC,CAAC,CAAC;QAEH;;;;;;WAMG;QACH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,gBAAgB,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAE/C,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE,CAAC;gBACxC,MAAM,MAAM,CACV,UAAU,CAAC,SAAS,CAAC,QAAQ,EAAE,cAAc,CAAC,CAC/C,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACtB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC;;;;;;WAMG;QACH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;YAChE,MAAM,SAAS,GAAG,CAAC,aAAa,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;YAChE,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;gBACjD,GAAG,cAAc;gBACjB,YAAY,EAAE,oBAAoB,KAAK,EAAE;aAC1C,CAAC,CAAC,CAAC;YAEJ,wBAAwB;YACxB,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,EAAE,CACrD,UAAU,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAC9C,CAAC;YAEF,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAChC,MAAM,WAAW,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAC7C,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC9B,CAAC;YACF,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACvD,eAAe,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;gBACvC,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,oBAAoB,KAAK,EAAE,CAAC,CAAC;YAChE,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/auth/types.d.ts

@@ -0,0 +1,130 @@
+/**
+ * @license
+ * Copyright 2025 Vybestack LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { z } from 'zod';
+/**
+ * OAuth token storage schema
+ */
+export declare const OAuthTokenSchema: z.ZodObject<{
+    access_token: z.ZodString;
+    refresh_token: z.ZodOptional<z.ZodString>;
+    expiry: z.ZodNumber;
+    scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    token_type: z.ZodLiteral<"Bearer">;
+    resource_url: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    token_type: "Bearer";
+    access_token: string;
+    expiry: number;
+    scope?: string | null | undefined;
+    refresh_token?: string | undefined;
+    resource_url?: string | undefined;
+}, {
+    token_type: "Bearer";
+    access_token: string;
+    expiry: number;
+    scope?: string | null | undefined;
+    refresh_token?: string | undefined;
+    resource_url?: string | undefined;
+}>;
+/**
+ * Provider OAuth configuration schema
+ */
+export declare const ProviderOAuthConfigSchema: z.ZodObject<{
+    provider: z.ZodEnum<["gemini", "qwen"]>;
+    clientId: z.ZodString;
+    authorizationEndpoint: z.ZodString;
+    tokenEndpoint: z.ZodString;
+    scopes: z.ZodArray<z.ZodString, "many">;
+}, "strip", z.ZodTypeAny, {
+    clientId: string;
+    provider: "gemini" | "qwen";
+    scopes: string[];
+    authorizationEndpoint: string;
+    tokenEndpoint: string;
+}, {
+    clientId: string;
+    provider: "gemini" | "qwen";
+    scopes: string[];
+    authorizationEndpoint: string;
+    tokenEndpoint: string;
+}>;
+/**
+ * Device code response schema
+ */
+export declare const DeviceCodeResponseSchema: z.ZodObject<{
+    device_code: z.ZodString;
+    user_code: z.ZodString;
+    verification_uri: z.ZodString;
+    verification_uri_complete: z.ZodOptional<z.ZodString>;
+    expires_in: z.ZodNumber;
+    interval: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    device_code: string;
+    user_code: string;
+    verification_uri: string;
+    expires_in: number;
+    verification_uri_complete?: string | undefined;
+    interval?: number | undefined;
+}, {
+    device_code: string;
+    user_code: string;
+    verification_uri: string;
+    expires_in: number;
+    verification_uri_complete?: string | undefined;
+    interval?: number | undefined;
+}>;
+/**
+ * Token response schema
+ */
+export declare const TokenResponseSchema: z.ZodObject<{
+    access_token: z.ZodString;
+    token_type: z.ZodString;
+    expires_in: z.ZodOptional<z.ZodNumber>;
+    refresh_token: z.ZodOptional<z.ZodString>;
+    scope: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    resource_url: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    token_type: string;
+    access_token: string;
+    scope?: string | null | undefined;
+    refresh_token?: string | undefined;
+    resource_url?: string | undefined;
+    expires_in?: number | undefined;
+}, {
+    token_type: string;
+    access_token: string;
+    scope?: string | null | undefined;
+    refresh_token?: string | undefined;
+    resource_url?: string | undefined;
+    expires_in?: number | undefined;
+}>;
+/**
+ * Auth status schema
+ */
+export declare const AuthStatusSchema: z.ZodObject<{
+    provider: z.ZodString;
+    authenticated: z.ZodBoolean;
+    authType: z.ZodEnum<["oauth", "api-key", "none"]>;
+    expiresIn: z.ZodOptional<z.ZodNumber>;
+    oauthEnabled: z.ZodOptional<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    authType: "none" | "oauth" | "api-key";
+    provider: string;
+    authenticated: boolean;
+    expiresIn?: number | undefined;
+    oauthEnabled?: boolean | undefined;
+}, {
+    authType: "none" | "oauth" | "api-key";
+    provider: string;
+    authenticated: boolean;
+    expiresIn?: number | undefined;
+    oauthEnabled?: boolean | undefined;
+}>;
+export type OAuthToken = z.infer<typeof OAuthTokenSchema>;
+export type ProviderOAuthConfig = z.infer<typeof ProviderOAuthConfigSchema>;
+export type DeviceCodeResponse = z.infer<typeof DeviceCodeResponseSchema>;
+export type TokenResponse = z.infer<typeof TokenResponseSchema>;
+export type AuthStatus = z.infer<typeof AuthStatusSchema>;

package/dist/src/auth/types.js

@@ -0,0 +1,60 @@
+/**
+ * @license
+ * Copyright 2025 Vybestack LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { z } from 'zod';
+/**
+ * OAuth token storage schema
+ */
+export const OAuthTokenSchema = z.object({
+    access_token: z.string(),
+    refresh_token: z.string().optional(),
+    expiry: z.number(), // Unix timestamp
+    scope: z.string().nullable().optional(),
+    token_type: z.literal('Bearer'),
+    resource_url: z.string().optional(), // For Qwen OAuth - indicates the API endpoint to use
+});
+/**
+ * Provider OAuth configuration schema
+ */
+export const ProviderOAuthConfigSchema = z.object({
+    provider: z.enum(['gemini', 'qwen']),
+    clientId: z.string(),
+    authorizationEndpoint: z.string().url(),
+    tokenEndpoint: z.string().url(),
+    scopes: z.array(z.string()),
+});
+/**
+ * Device code response schema
+ */
+export const DeviceCodeResponseSchema = z.object({
+    device_code: z.string(),
+    user_code: z.string(),
+    verification_uri: z.string().url(),
+    verification_uri_complete: z.string().url().optional(),
+    expires_in: z.number(),
+    interval: z.number().optional(), // Qwen doesn't include this field
+});
+/**
+ * Token response schema
+ */
+export const TokenResponseSchema = z.object({
+    access_token: z.string(),
+    token_type: z.string(),
+    expires_in: z.number().optional(),
+    refresh_token: z.string().optional(),
+    scope: z.string().nullable().optional(), // Qwen may return null for scope
+    resource_url: z.string().optional(), // Qwen OAuth returns the API endpoint to use
+});
+/**
+ * Auth status schema
+ */
+export const AuthStatusSchema = z.object({
+    provider: z.string(),
+    authenticated: z.boolean(),
+    authType: z.enum(['oauth', 'api-key', 'none']),
+    expiresIn: z.number().optional(), // seconds until expiry
+    oauthEnabled: z.boolean().optional(), // whether OAuth is enabled for this provider
+});
+//# sourceMappingURL=types.js.map

package/dist/src/auth/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/auth/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;IACxB,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,iBAAiB;IACrC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IACvC,UAAU,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC/B,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,qDAAqD;CAC3F,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChD,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACpC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,qBAAqB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACvC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAC/B,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CAC5B,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAClC,yBAAyB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACtD,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,kCAAkC;CACpE,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;IACxB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,EAAE,iCAAiC;IAC1E,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,6CAA6C;CACnF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,aAAa,EAAE,CAAC,CAAC,OAAO,EAAE;IAC1B,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAC9C,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,uBAAuB;IACzD,YAAY,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,EAAE,6CAA6C;CACpF,CAAC,CAAC"}

package/dist/src/code_assist/converter.d.ts

@@ -3,7 +3,7 @@
  * Copyright 2025 Google LLC
  * SPDX-License-Identifier: Apache-2.0
  */
-import { Content, GenerateContentParameters, CountTokensParameters, CountTokensResponse, GenerateContentResponse, GenerationConfigRoutingConfig, MediaResolution, Candidate, ModelSelectionConfig, GenerateContentResponsePromptFeedback, GenerateContentResponseUsageMetadata, SafetySetting, SchemaUnion, SpeechConfigUnion, ThinkingConfig, ToolListUnion, ToolConfig } from '@google/genai';
+import { Content, ContentListUnion, GenerateContentParameters, CountTokensParameters, CountTokensResponse, GenerateContentResponse, GenerationConfigRoutingConfig, MediaResolution, Candidate, ModelSelectionConfig, GenerateContentResponsePromptFeedback, GenerateContentResponseUsageMetadata, SafetySetting, SchemaUnion, SpeechConfigUnion, ThinkingConfig, ToolListUnion, ToolConfig } from '@google/genai';
 export interface CAGenerateContentRequest {
     model: string;
     project?: string;
@@ -66,4 +66,5 @@ export declare function toCountTokenRequest(req: CountTokensParameters): CaCount
 export declare function fromCountTokenResponse(res: CaCountTokenResponse): CountTokensResponse;
 export declare function toGenerateContentRequest(req: GenerateContentParameters, userPromptId: string, project?: string, sessionId?: string): CAGenerateContentRequest;
 export declare function fromGenerateContentResponse(res: CaGenerateContentResponse): GenerateContentResponse;
+export declare function toContents(contents: ContentListUnion): Content[];
 export {};

package/dist/src/code_assist/converter.js

@@ -47,7 +47,7 @@ function toVertexGenerateContentRequest(req, sessionId) {
         session_id: sessionId,
     };
 }
-function toContents(contents) {
+export function toContents(contents) {
     if (Array.isArray(contents)) {
         // it's a Content[] or a PartsUnion[]
         return contents.map(toContent);