@vybestack/llxprt-code-core 0.1.23 → 0.2.2-nightly.250908.fb8099b7

package/dist/src/providers/gemini/GeminiProvider.js

@@ -4,18 +4,20 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 import { DebugLogger } from '../../debug/index.js';
-import { AuthType, ContentGeneratorRole, AuthenticationRequiredError, getCoreSystemPromptAsync, createCodeAssistContentGenerator, } from '@vybestack/llxprt-code-core';
+import { Config } from '../../config/config.js';
+import { AuthType } from '../../core/contentGenerator.js';
+import { AuthenticationRequiredError } from '../errors.js';
+import { getCoreSystemPromptAsync } from '../../core/prompts.js';
+import { createCodeAssistContentGenerator } from '../../code_assist/codeAssist.js';
+import { Type, } from '@google/genai';
 import { BaseProvider } from '../BaseProvider.js';
 import { getSettingsService } from '../../settings/settingsServiceInstance.js';
 export class GeminiProvider extends BaseProvider {
     logger;
     authMode = 'none';
-    geminiConfig;
     currentModel = 'gemini-2.5-pro';
     modelExplicitlySet = false;
-    baseURL;
     modelParams;
-    toolSchemas;
     geminiOAuthManager;
     constructor(apiKey, baseURL, config, oauthManager) {
         // Initialize base provider with auth configuration
@@ -23,17 +25,13 @@ export class GeminiProvider extends BaseProvider {
             name: 'gemini',
             apiKey,
             baseURL,
-            cliKey: apiKey, // CLI --key argument
             envKeyNames: ['GEMINI_API_KEY', 'GOOGLE_API_KEY'],
             isOAuthEnabled: false, // OAuth enablement will be checked dynamically
             oauthProvider: 'gemini',
             oauthManager, // Keep the manager for checking enablement
         };
-        super(baseConfig);
+        super(baseConfig, config, undefined);
         this.logger = new DebugLogger('llxprt:gemini:provider');
-        // Store Gemini-specific configuration
-        this.geminiConfig = config;
-        this.baseURL = baseURL;
         this.geminiOAuthManager = oauthManager;
         // Do not determine auth mode on instantiation.
         // This will be done lazily when a chat completion is requested.
@@ -59,38 +57,76 @@ export class GeminiProvider extends BaseProvider {
     async determineBestAuth() {
         // Re-check OAuth enablement state before determining auth
         this.updateOAuthState();
-        // Use the base provider's auth precedence resolution
+        // First check if we have Gemini-specific credentials
+        if (this.hasVertexAICredentials()) {
+            this.authMode = 'vertex-ai';
+            this.setupVertexAIAuth();
+            return 'USE_VERTEX_AI';
+        }
+        if (this.hasGeminiAPIKey()) {
+            this.authMode = 'gemini-api-key';
+            return process.env.GEMINI_API_KEY;
+        }
+        // No Gemini-specific credentials, check OAuth availability
         try {
             const token = await this.getAuthToken();
-            // Check for special OAuth signal
-            if (token === 'USE_LOGIN_WITH_GOOGLE') {
-                this.authMode = 'oauth';
-                return token; // Return the magic token
-            }
-            // Determine auth mode based on resolved authentication method
             const authMethodName = await this.getAuthMethodName();
-            if (authMethodName?.startsWith('oauth-')) {
+            // Check if OAuth is configured for Gemini
+            const manager = this.geminiOAuthManager;
+            const isOAuthEnabled = manager?.isOAuthEnabled &&
+                typeof manager.isOAuthEnabled === 'function' &&
+                manager.isOAuthEnabled('gemini');
+            if (isOAuthEnabled &&
+                (authMethodName?.startsWith('oauth-') ||
+                    (this.geminiOAuthManager && !token))) {
                 this.authMode = 'oauth';
+                return 'USE_LOGIN_WITH_GOOGLE';
             }
-            else if (this.hasVertexAICredentials()) {
-                this.authMode = 'vertex-ai';
-                this.setupVertexAIAuth();
-            }
-            else if (this.hasGeminiAPIKey() || authMethodName?.includes('key')) {
-                this.authMode = 'gemini-api-key';
-            }
-            else {
-                this.authMode = 'none';
+            // If we have a token but it's not for Gemini (e.g., from another provider),
+            // we should still fall back to OAuth for Gemini web search - BUT ONLY IF OAUTH IS ENABLED
+            if (!this.hasGeminiAPIKey() && !this.hasVertexAICredentials()) {
+                if (isOAuthEnabled) {
+                    this.authMode = 'oauth';
+                    return 'USE_LOGIN_WITH_GOOGLE';
+                }
+                else {
+                    // OAuth is disabled and no other auth method available
+                    throw new AuthenticationRequiredError('Web search requires Gemini authentication, but no API key is set and OAuth is disabled', 'none', ['GEMINI_API_KEY', 'GOOGLE_API_KEY']);
+                }
             }
-            return token;
+            this.authMode = 'none';
+            return token || '';
         }
         catch (error) {
+            // CRITICAL FIX: Only fall back to LOGIN_WITH_GOOGLE if OAuth is actually enabled
+            // Don't use it when OAuth has been disabled
+            const manager = this.geminiOAuthManager;
+            const isOAuthEnabled = this.geminiOAuthManager &&
+                manager.isOAuthEnabled &&
+                typeof manager.isOAuthEnabled === 'function' &&
+                manager.isOAuthEnabled('gemini');
+            if (isOAuthEnabled) {
+                this.authMode = 'oauth';
+                return 'USE_LOGIN_WITH_GOOGLE';
+            }
             // Handle case where no auth is available
-            const authType = this.geminiConfig?.getContentGeneratorConfig()?.authType;
+            const authType = this.globalConfig?.getContentGeneratorConfig()?.authType;
             if (authType === AuthType.USE_NONE) {
                 this.authMode = 'none';
                 throw new AuthenticationRequiredError('Authentication is set to USE_NONE but no credentials are available', this.authMode, ['GEMINI_API_KEY', 'GOOGLE_API_KEY']);
             }
+            // When used as serverToolsProvider without API key, fall back to OAuth ONLY if enabled
+            // This handles the case where Gemini is used for server tools but not as main provider
+            if (!this.hasGeminiAPIKey() && !this.hasVertexAICredentials()) {
+                if (isOAuthEnabled) {
+                    this.authMode = 'oauth';
+                    return 'USE_LOGIN_WITH_GOOGLE';
+                }
+                else {
+                    // OAuth is disabled and no other auth method available
+                    throw new AuthenticationRequiredError('Web search requires Gemini authentication, but no API key is set and OAuth is disabled', 'none', ['GEMINI_API_KEY', 'GOOGLE_API_KEY']);
+                }
+            }
             throw error;
         }
     }
@@ -99,8 +135,15 @@ export class GeminiProvider extends BaseProvider {
      * Determines if this provider supports OAuth authentication
      */
     supportsOAuth() {
-        // Gemini always supports Google OAuth
-        return true;
+        // Check if OAuth is actually enabled for Gemini in the OAuth manager
+        const manager = this.geminiOAuthManager;
+        if (manager?.isOAuthEnabled &&
+            typeof manager.isOAuthEnabled === 'function') {
+            return manager.isOAuthEnabled('gemini');
+        }
+        // Default to false if OAuth manager is not available
+        // This ensures we don't fall back to LOGIN_WITH_GOOGLE when OAuth is disabled
+        return false;
     }
     /**
      * Checks if Vertex AI credentials are available
@@ -127,7 +170,6 @@ export class GeminiProvider extends BaseProvider {
      * Sets the config instance for reading OAuth credentials
      */
     setConfig(config) {
-        this.geminiConfig = config;
         // Sync with config model if user hasn't explicitly set a model
         // This ensures consistency between config and provider state
         const configModel = config.getModel();
@@ -168,8 +210,9 @@ export class GeminiProvider extends BaseProvider {
             const apiKey = (await this.getAuthToken()) || process.env.GEMINI_API_KEY;
             if (apiKey) {
                 try {
-                    const url = this.baseURL
-                        ? `${this.baseURL.replace(/\/$/, '')}/v1beta/models?key=${apiKey}`
+                    const baseURL = this.getBaseURL();
+                    const url = baseURL
+                        ? `${baseURL.replace(/\/$/, '')}/v1beta/models?key=${apiKey}`
                         : `https://generativelanguage.googleapis.com/v1beta/models?key=${apiKey}`;
                     const response = await fetch(url, {
                         method: 'GET',
@@ -216,464 +259,23 @@ export class GeminiProvider extends BaseProvider {
             },
         ];
     }
-    async *generateChatCompletion(messages, tools, _toolFormat) {
-        // Comprehensive debug logging
-        this.logger.debug(() => `generateChatCompletion called with ${messages.length} messages`);
-        this.logger.debug(() => `Messages: ${JSON.stringify(messages, null, 2)}`);
-        this.logger.debug(() => `First message: ${messages[0] ? JSON.stringify(messages[0], null, 2) : 'NO FIRST MESSAGE'}`);
-        this.logger.debug(() => `Tools: ${tools ? JSON.stringify(tools.map((t) => t.function.name)) : 'NO TOOLS'}`);
-        // Lazily determine the best auth method now that it's needed.
-        // This implements lazy OAuth triggering - OAuth is only triggered when making API calls
-        let authToken;
-        try {
-            authToken = await this.determineBestAuth();
-        }
-        catch (error) {
-            if (error instanceof AuthenticationRequiredError) {
-                throw error;
-            }
-            throw new AuthenticationRequiredError('Failed to resolve authentication for Gemini provider', this.authMode, ['GEMINI_API_KEY', 'GOOGLE_API_KEY']);
-        }
-        // Authentication has already been resolved by determineBestAuth()
-        // No need for additional validation since the auth token is already obtained
-        // Import the necessary modules dynamically to avoid circular dependencies
-        const { GoogleGenAI } = await import('@google/genai');
-        // Create the appropriate client based on auth mode
-        let genAI;
-        const httpOptions = {
-            headers: {
-                'User-Agent': `LLxprt-Code/${process.env.CLI_VERSION || process.version} (${process.platform}; ${process.arch})`,
-            },
-        };
-        switch (this.authMode) {
-            case 'gemini-api-key':
-                genAI = new GoogleGenAI({
-                    apiKey: authToken,
-                    httpOptions: this.baseURL
-                        ? {
-                            ...httpOptions,
-                            baseUrl: this.baseURL,
-                        }
-                        : httpOptions,
-                });
-                break;
-            case 'vertex-ai':
-                genAI = new GoogleGenAI({
-                    apiKey: authToken,
-                    vertexai: true,
-                    httpOptions: this.baseURL
-                        ? {
-                            ...httpOptions,
-                            baseUrl: this.baseURL,
-                        }
-                        : httpOptions,
-                });
-                break;
-            case 'oauth': {
-                // For OAuth, create a minimal config-like object if we don't have one
-                const configForOAuth = this.geminiConfig || {
-                    getProxy: () => undefined, // OAuth only needs this from config
-                };
-                // For OAuth, we need to use the code assist server
-                const contentGenerator = await createCodeAssistContentGenerator(httpOptions, AuthType.LOGIN_WITH_GOOGLE, configForOAuth, this.baseURL);
-                // Convert messages to Gemini request format
-                // Use config model in OAuth mode to ensure synchronization
-                const oauthModel = this.modelExplicitlySet
-                    ? this.currentModel
-                    : this.geminiConfig?.getModel() || this.currentModel;
-                // Generate systemInstruction using getCoreSystemPrompt
-                // Get user memory from config if available
-                const userMemory = this.geminiConfig?.getUserMemory
-                    ? this.geminiConfig.getUserMemory()
-                    : '';
-                const systemInstruction = await getCoreSystemPromptAsync(userMemory, oauthModel);
-                // Store tools if provided
-                if (tools && tools.length > 0) {
-                    this.toolSchemas = this.convertToolsToGeminiFormat(tools);
-                }
-                // Use provided tools or stored tools
-                let geminiTools = tools
-                    ? this.convertToolsToGeminiFormat(tools)
-                    : this.toolSchemas;
-                // For Flash models, always include tools if available
-                if (oauthModel.includes('flash') && !geminiTools && this.toolSchemas) {
-                    geminiTools = this.toolSchemas;
-                }
-                const request = {
-                    model: oauthModel,
-                    contents: this.convertMessagesToGeminiFormat(messages),
-                    systemInstruction,
-                    config: {
-                        tools: geminiTools,
-                        ...this.modelParams,
-                    },
-                };
-                // Use the content generator stream
-                // PRIVACY FIX: Removed sessionId to prevent transmission to Google servers
-                const streamResult = await contentGenerator.generateContentStream(request, 'oauth-session');
-                // Convert the stream to our format
-                for await (const response of streamResult) {
-                    // Extract text from the response
-                    const text = response.candidates?.[0]?.content?.parts
-                        ?.filter((part) => 'text' in part)
-                        ?.map((part) => part.text)
-                        ?.join('') || '';
-                    // Extract function calls from the response
-                    const functionCalls = response.candidates?.[0]?.content?.parts
-                        ?.filter((part) => 'functionCall' in part)
-                        ?.map((part) => part.functionCall) || [];
-                    // Build response message
-                    const message = {
-                        role: ContentGeneratorRole.ASSISTANT,
-                        content: text,
-                    };
-                    // Add function calls if any
-                    if (functionCalls && functionCalls.length > 0) {
-                        message.tool_calls = functionCalls.map((call) => ({
-                            id: call.id ||
-                                `call_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`,
-                            type: 'function',
-                            function: {
-                                name: call.name || 'unknown_function',
-                                arguments: JSON.stringify(call.args || {}),
-                            },
-                        }));
-                    }
-                    // Only yield if there's content or tool calls
-                    if (text || (functionCalls && functionCalls.length > 0)) {
-                        yield message;
-                    }
-                }
-                return;
-            }
-            case 'none':
-                // For 'none' mode, use the resolved auth token
-                genAI = new GoogleGenAI({
-                    apiKey: authToken,
-                    vertexai: this.hasVertexAICredentials(),
-                    httpOptions: this.baseURL
-                        ? {
-                            ...httpOptions,
-                            baseUrl: this.baseURL,
-                        }
-                        : httpOptions,
-                });
-                break;
-            default:
-                throw new Error(`Unsupported auth mode: ${this.authMode}`);
-        }
-        // Get the models interface (which is a ContentGenerator)
-        const contentGenerator = genAI.models;
-        // Store tools if provided
-        if (tools && tools.length > 0) {
-            this.toolSchemas = this.convertToolsToGeminiFormat(tools);
-        }
-        // Convert IMessage[] to Gemini format - do this after storing tools so priming can access them
-        const contents = this.convertMessagesToGeminiFormat(messages);
-        // Use provided tools or stored tools
-        let geminiTools = tools
-            ? this.convertToolsToGeminiFormat(tools)
-            : this.toolSchemas;
-        // Create the request - ContentGenerator expects model in the request
-        // Use explicit model if set, otherwise fall back to config model
-        const modelToUse = this.modelExplicitlySet
-            ? this.currentModel
-            : this.geminiConfig?.getModel() || this.currentModel;
-        // For Flash models, always include tools if available
-        if (modelToUse.includes('flash') && !geminiTools && this.toolSchemas) {
-            geminiTools = this.toolSchemas;
-        }
-        // Generate systemInstruction using getCoreSystemPrompt
-        // Get user memory from config if available
-        const userMemory = this.geminiConfig?.getUserMemory
-            ? this.geminiConfig.getUserMemory()
-            : '';
-        const systemInstruction = await getCoreSystemPromptAsync(userMemory, modelToUse);
-        const request = {
-            model: modelToUse,
-            contents,
-            systemInstruction,
-            config: {
-                tools: geminiTools,
-                ...this.modelParams,
-            },
-        };
-        // Generate content stream using the ContentGenerator interface
-        const stream = await contentGenerator.generateContentStream(request);
-        // Stream the response
-        for await (const response of stream) {
-            // Extract text from the response
-            const text = response.candidates?.[0]?.content?.parts
-                ?.filter((part) => 'text' in part)
-                ?.map((part) => part.text)
-                ?.join('') || '';
-            // Extract function calls from the response
-            const functionCalls = response.candidates?.[0]?.content?.parts
-                ?.filter((part) => 'functionCall' in part)
-                ?.map((part) => part.functionCall) || [];
-            // Build response message
-            const message = {
-                role: ContentGeneratorRole.ASSISTANT,
-                content: text || '',
-            };
-            // Add function calls if any
-            if (functionCalls && functionCalls.length > 0) {
-                message.tool_calls = functionCalls.map((call) => ({
-                    id: call.id ||
-                        `call_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`,
-                    type: 'function',
-                    function: {
-                        name: call.name || 'unknown_function',
-                        arguments: JSON.stringify(call.args || {}),
-                    },
-                }));
-            }
-            // Only yield if there's content or tool calls
-            if (text || (functionCalls && functionCalls.length > 0)) {
-                yield message;
-            }
-        }
-    }
-    convertMessagesToGeminiFormat(messages) {
-        const contents = [];
-        // Enhanced tracking with more details
-        const functionCalls = new Map();
-        const functionResponses = new Map();
-        for (let i = 0; i < messages.length; i++) {
-            const msg = messages[i];
-            // Handle tool responses - each in its own Content object
-            if (msg.role === ContentGeneratorRole.TOOL) {
-                if (!msg.tool_call_id) {
-                    this.logger.debug(() => `Tool response at index ${i} missing tool_call_id, skipping: ${JSON.stringify(msg)}`);
-                    continue;
-                }
-                functionResponses.set(msg.tool_call_id, {
-                    name: msg.tool_name || 'unknown_function',
-                    contentIndex: contents.length,
-                    messageIndex: i,
-                });
-                // Add each tool response as a separate content immediately
-                contents.push({
-                    role: 'user',
-                    parts: [
-                        {
-                            functionResponse: {
-                                id: msg.tool_call_id,
-                                name: msg.tool_name || 'unknown_function',
-                                response: {
-                                    output: msg.content || '',
-                                },
-                            },
-                        },
-                    ],
-                });
-                continue;
-            }
-            // For non-tool messages, convert normally
-            const parts = [];
-            // Check for parts first (for messages with PDF/image parts but no text content)
-            if (msg.parts && msg.parts.length > 0) {
-                parts.push(...msg.parts);
-            }
-            else if (msg.content) {
-                // Handle PartListUnion: string | Part | Part[]
-                // In practice, content can be PartListUnion even though IMessage types it as string
-                const content = msg.content;
-                if (typeof content === 'string') {
-                    // Try to parse string in case it's a stringified Part or Part[]
-                    if ((content.startsWith('{') && content.endsWith('}')) ||
-                        (content.startsWith('[') && content.endsWith(']'))) {
-                        try {
-                            const parsed = JSON.parse(content);
-                            if (Array.isArray(parsed)) {
-                                parts.push(...parsed);
-                            }
-                            else {
-                                parts.push(parsed);
-                            }
-                        }
-                        catch (_e) {
-                            // Not valid JSON, treat as text
-                            parts.push({ text: content });
-                        }
-                    }
-                    else {
-                        parts.push({ text: content });
-                    }
-                }
-                else if (Array.isArray(content)) {
-                    // Content is Part[]
-                    parts.push(...content);
-                }
-                else {
-                    // Content is a single Part
-                    parts.push(content);
-                }
-            }
-            // Handle tool calls
-            if (msg.tool_calls && msg.tool_calls.length > 0) {
-                // Check if function calls were already added via parts
-                const existingFunctionCallIds = new Set();
-                if (msg.parts && msg.parts.length > 0) {
-                    for (const part of parts) {
-                        if ('functionCall' in part) {
-                            const fc = part;
-                            if (fc.functionCall.id) {
-                                existingFunctionCallIds.add(fc.functionCall.id);
-                            }
-                        }
-                    }
-                }
-                for (const toolCall of msg.tool_calls) {
-                    // Skip if this function call was already added via parts
-                    if (toolCall.id && existingFunctionCallIds.has(toolCall.id)) {
-                        continue;
-                    }
-                    // Ensure tool call has an ID
-                    if (!toolCall.id) {
-                        this.logger.debug(() => `Tool call at message ${i} missing ID, generating one: ${JSON.stringify(toolCall)}`);
-                        // Generate a unique ID for the function call
-                        toolCall.id = `generated_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
-                    }
-                    const partIndex = parts.length;
-                    parts.push({
-                        functionCall: {
-                            id: toolCall.id,
-                            name: toolCall.function.name,
-                            args: JSON.parse(toolCall.function.arguments),
-                        },
-                    });
-                    // Track this function call with its position
-                    functionCalls.set(toolCall.id, {
-                        name: toolCall.function.name,
-                        contentIndex: contents.length,
-                        partIndex,
-                        messageIndex: i,
-                    });
-                }
-            }
-            // Map roles
-            let role = 'user';
-            if (msg.role === ContentGeneratorRole.ASSISTANT) {
-                role = 'model';
-            }
-            else if (msg.role === ContentGeneratorRole.USER) {
-                role = 'user';
-            }
-            else if (msg.role === 'system') {
-                // Gemini doesn't have system role in contents, handle separately
-                role = 'user';
-            }
-            if (parts.length > 0) {
-                contents.push({
-                    role,
-                    parts,
-                });
-            }
-        }
-        // Validate and add missing function responses
-        for (const [callId, callInfo] of Array.from(functionCalls.entries())) {
-            if (!functionResponses.has(callId)) {
-                // Create a placeholder response for missing function response
-                this.logger.debug(() => `Function call ${callInfo.name} (id: ${callId}) has no matching response, adding placeholder`);
-                // Add each function response as a separate content object (same as regular tool responses)
-                contents.push({
-                    role: 'user',
-                    parts: [
-                        {
-                            functionResponse: {
-                                id: callId,
-                                name: callInfo.name,
-                                response: {
-                                    output: JSON.stringify({
-                                        error: 'Function call was interrupted or no response received',
-                                        message: `The function "${callInfo.name}" was called but did not receive a response. This may occur if the function execution was interrupted, requires authentication, or encountered an error.`,
-                                        callId,
-                                        functionName: callInfo.name,
-                                    }),
-                                },
-                            },
-                        },
-                    ],
-                });
-                // Mark this response as added
-                functionResponses.set(callId, {
-                    name: callInfo.name,
-                    contentIndex: contents.length - 1,
-                    messageIndex: -1, // Placeholder response doesn't have original message index
-                });
-            }
-        }
-        // Final validation - count function calls and responses
-        let totalFunctionCalls = 0;
-        let totalFunctionResponses = 0;
-        const callsDetail = [];
-        const responsesDetail = [];
-        const unmatchedCalls = new Set();
-        const unmatchedResponses = new Set();
-        // First pass: collect all function calls and responses with their IDs
-        for (let i = 0; i < contents.length; i++) {
-            const content = contents[i];
-            for (const part of content.parts) {
-                if ('functionCall' in part) {
-                    totalFunctionCalls++;
-                    const fc = part;
-                    callsDetail.push(`${i}: ${fc.functionCall.name} (${fc.functionCall.id})`);
-                    if (fc.functionCall.id) {
-                        unmatchedCalls.add(fc.functionCall.id);
-                    }
-                }
-                else if ('functionResponse' in part) {
-                    totalFunctionResponses++;
-                    const fr = part;
-                    responsesDetail.push(`${i}: ${fr.functionResponse.name} (${fr.functionResponse.id})`);
-                    if (fr.functionResponse.id) {
-                        unmatchedResponses.add(fr.functionResponse.id);
-                    }
-                }
-            }
-        }
-        // Second pass: match calls with responses
-        for (const id of unmatchedCalls) {
-            if (unmatchedResponses.has(id)) {
-                unmatchedCalls.delete(id);
-                unmatchedResponses.delete(id);
-            }
-        }
-        if (totalFunctionCalls !== totalFunctionResponses) {
-            this.logger.debug(() => `Function parts count mismatch: ${totalFunctionCalls} calls vs ${totalFunctionResponses} responses`);
-            this.logger.debug(() => `Function calls: ${JSON.stringify(callsDetail)}`);
-            this.logger.debug(() => `Function responses: ${JSON.stringify(responsesDetail)}`);
-            this.logger.debug(() => `Unmatched call IDs: ${JSON.stringify(Array.from(unmatchedCalls))}`);
-            this.logger.debug(() => `Unmatched response IDs: ${JSON.stringify(Array.from(unmatchedResponses))}`);
-            // This is now just a warning, not an error, since we've added placeholders
-            // The Gemini API should handle this gracefully
-        }
-        return contents;
-    }
-    convertToolsToGeminiFormat(tools) {
-        const result = [
-            {
-                functionDeclarations: tools.map((tool) => ({
-                    name: tool.function.name,
-                    description: tool.function.description,
-                    parameters: tool.function.parameters,
-                })),
-            },
-        ];
-        this.logger.debug(() => `Converted tools to Gemini format: ${JSON.stringify(result, null, 2)}`);
-        return result;
-    }
     setApiKey(apiKey) {
         // Call base provider implementation
-        super.setApiKey?.(apiKey);
+        super.setApiKey(apiKey);
         // Set the API key as an environment variable so it can be used by the core library
-        process.env.GEMINI_API_KEY = apiKey;
+        // CRITICAL FIX: When clearing the key (empty string), delete the env var instead of setting to empty
+        if (apiKey && apiKey.trim() !== '') {
+            process.env.GEMINI_API_KEY = apiKey;
+        }
+        else {
+            delete process.env.GEMINI_API_KEY;
+        }
         // Clear auth cache when API key changes
+        this.clearAuthCache();
     }
     setBaseUrl(baseUrl) {
-        // If no baseUrl is provided or it's an empty string, clear to undefined
-        this.baseURL = baseUrl && baseUrl.trim() !== '' ? baseUrl : undefined;
+        // Call base provider implementation which stores in ephemeral settings
+        super.setBaseUrl?.(baseUrl);
     }
     /**
      * Gets the current authentication mode
@@ -737,8 +339,8 @@ export class GeminiProvider extends BaseProvider {
         this.modelExplicitlySet = true;
         // Always update config if available, not just in OAuth mode
         // This ensures the model is properly synchronized
-        if (this.geminiConfig) {
-            this.geminiConfig.setModel(modelId);
+        if (this.globalConfig) {
+            this.globalConfig.setModel(modelId);
         }
     }
     /**
@@ -775,13 +377,25 @@ export class GeminiProvider extends BaseProvider {
             this.currentModel = 'gemini-2.5-pro';
         }
         // Note: We don't clear config or apiKey as they might be needed
+        // Clear auth cache
+        this.clearAuthCache();
+    }
+    /**
+     * Clear all authentication including environment variable
+     */
+    clearAuth() {
+        // Call base implementation to clear SettingsService
+        super.clearAuth?.();
+        // CRITICAL: Also clear the environment variable that setApiKey sets
+        delete process.env.GEMINI_API_KEY;
     }
     /**
      * Forces re-determination of auth method
      */
     clearAuthCache() {
-        // Don't clear the auth mode itself, just the determination flag
-        // This allows for smoother transitions
+        // Call the base implementation to clear the cached token
+        super.clearAuthCache();
+        // Don't clear the auth mode itself, just allow re-determination next time
     }
     /**
      * Get the list of server tools supported by this provider
@@ -794,6 +408,9 @@ export class GeminiProvider extends BaseProvider {
      */
     async invokeServerTool(toolName, params, _config) {
         if (toolName === 'web_search') {
+            this.logger.debug(() => `invokeServerTool: web_search called with params: ${JSON.stringify(params)}`);
+            this.logger.debug(() => `invokeServerTool: globalConfig is ${this.globalConfig ? 'set' : 'null/undefined'}`);
+            this.logger.debug(() => `invokeServerTool: current authMode is ${this.authMode}`);
             // Import the necessary modules dynamically
             const { GoogleGenAI } = await import('@google/genai');
             // Create the appropriate client based on auth mode
@@ -804,15 +421,28 @@ export class GeminiProvider extends BaseProvider {
             };
             let genAI;
             // Get authentication token lazily
+            this.logger.debug(() => `invokeServerTool: about to call determineBestAuth()`);
             const authToken = await this.determineBestAuth();
+            this.logger.debug(() => `invokeServerTool: determineBestAuth returned, authMode is now ${this.authMode}`);
+            // Re-evaluate auth mode if we got a signal to use OAuth
+            if (authToken === 'USE_LOGIN_WITH_GOOGLE') {
+                this.authMode = 'oauth';
+            }
             switch (this.authMode) {
                 case 'gemini-api-key': {
+                    // This case should never happen if determineBestAuth worked correctly
+                    // but add safety check
+                    if (!authToken ||
+                        authToken === 'USE_LOGIN_WITH_GOOGLE' ||
+                        authToken === '') {
+                        throw new Error('No valid Gemini API key available for web search');
+                    }
                     genAI = new GoogleGenAI({
                         apiKey: authToken,
-                        httpOptions: this.baseURL
+                        httpOptions: this.getBaseURL()
                             ? {
                                 ...httpOptions,
-                                baseUrl: this.baseURL,
+                                baseUrl: this.getBaseURL(),
                             }
                             : httpOptions,
                     });
@@ -837,10 +467,10 @@ export class GeminiProvider extends BaseProvider {
                     genAI = new GoogleGenAI({
                         apiKey: authToken,
                         vertexai: true,
-                        httpOptions: this.baseURL
+                        httpOptions: this.getBaseURL()
                             ? {
                                 ...httpOptions,
-                                baseUrl: this.baseURL,
+                                baseUrl: this.getBaseURL(),
                             }
                             : httpOptions,
                     });
@@ -862,24 +492,52 @@ export class GeminiProvider extends BaseProvider {
                     return vertexResult;
                 }
                 case 'oauth': {
-                    // For OAuth, use the code assist content generator
-                    const oauthContentGenerator = await createCodeAssistContentGenerator(httpOptions, AuthType.LOGIN_WITH_GOOGLE, this.geminiConfig);
-                    // For web search, always use gemini-2.5-flash regardless of the active model
-                    const oauthRequest = {
-                        model: 'gemini-2.5-flash',
-                        contents: [
-                            {
-                                role: 'user',
-                                parts: [{ text: params.query }],
+                    try {
+                        this.logger.debug(() => `invokeServerTool: OAuth case - creating content generator`);
+                        // If globalConfig is not set (e.g., when using non-Gemini provider),
+                        // create a minimal config for OAuth
+                        let configForOAuth = this.globalConfig;
+                        if (!configForOAuth) {
+                            this.logger.debug(() => `invokeServerTool: globalConfig is null, creating minimal config for OAuth`);
+                            // Use crypto for UUID generation
+                            const { randomUUID } = await import('crypto');
+                            configForOAuth = new Config({
+                                sessionId: randomUUID(),
+                                targetDir: process.cwd(),
+                                debugMode: false,
+                                cwd: process.cwd(),
+                                model: 'gemini-2.5-flash',
+                            });
+                            // The OAuth flow will handle authentication
+                        }
+                        // For OAuth, use the code assist content generator
+                        // Note: Detailed logging is now handled by DebugLogger in codeAssist.ts with namespace llxprt:code:assist
+                        const oauthContentGenerator = await createCodeAssistContentGenerator(httpOptions, AuthType.LOGIN_WITH_GOOGLE, configForOAuth);
+                        this.logger.debug(() => `invokeServerTool: OAuth content generator created successfully`);
+                        // For web search, always use gemini-2.5-flash regardless of the active model
+                        const oauthRequest = {
+                            model: 'gemini-2.5-flash',
+                            contents: [
+                                {
+                                    role: 'user',
+                                    parts: [{ text: params.query }],
+                                },
+                            ],
+                            config: {
+                                tools: [{ googleSearch: {} }],
                             },
-                        ],
-                        config: {
-                            tools: [{ googleSearch: {} }],
-                        },
-                    };
-                    // PRIVACY FIX: Removed sessionId to prevent transmission to Google servers
-                    const result = await oauthContentGenerator.generateContent(oauthRequest, 'web-search-oauth');
-                    return result;
+                        };
+                        this.logger.debug(() => `invokeServerTool: making OAuth generateContent request with query: ${params.query}`);
+                        // PRIVACY FIX: Removed sessionId to prevent transmission to Google servers
+                        const result = await oauthContentGenerator.generateContent(oauthRequest, 'web-search-oauth');
+                        this.logger.debug(() => `invokeServerTool: OAuth generateContent completed successfully`);
+                        return result;
+                    }
+                    catch (error) {
+                        this.logger.debug(() => `invokeServerTool: ERROR in OAuth case: ${error}`);
+                        this.logger.debug(() => `invokeServerTool: Error details:`, error);
+                        throw error;
+                    }
                 }
                 default:
                     throw new Error(`Web search not supported in auth mode: ${this.authMode}`);
@@ -903,10 +561,10 @@ export class GeminiProvider extends BaseProvider {
                 case 'gemini-api-key': {
                     genAI = new GoogleGenAI({
                         apiKey: authToken,
-                        httpOptions: this.baseURL
+                        httpOptions: this.getBaseURL()
                             ? {
                                 ...httpOptions,
-                                baseUrl: this.baseURL,
+                                baseUrl: this.getBaseURL(),
                             }
                             : httpOptions,
                     });
@@ -931,10 +589,10 @@ export class GeminiProvider extends BaseProvider {
                     genAI = new GoogleGenAI({
                         apiKey: authToken,
                         vertexai: true,
-                        httpOptions: this.baseURL
+                        httpOptions: this.getBaseURL()
                             ? {
                                 ...httpOptions,
-                                baseUrl: this.baseURL,
+                                baseUrl: this.getBaseURL(),
                             }
                             : httpOptions,
                     });
@@ -957,7 +615,7 @@ export class GeminiProvider extends BaseProvider {
                 }
                 case 'oauth': {
                     // For OAuth, use the code assist content generator
-                    const oauthContentGenerator = await createCodeAssistContentGenerator(httpOptions, AuthType.LOGIN_WITH_GOOGLE, this.geminiConfig);
+                    const oauthContentGenerator = await createCodeAssistContentGenerator(httpOptions, AuthType.LOGIN_WITH_GOOGLE, this.globalConfig);
                     // For web fetch, always use gemini-2.5-flash regardless of the active model
                     const oauthRequest = {
                         model: 'gemini-2.5-flash',
@@ -983,5 +641,176 @@ export class GeminiProvider extends BaseProvider {
             throw new Error(`Unknown server tool: ${toolName}`);
         }
     }
+    /**
+     * Generate chat completion with IContent interface
+     * Direct implementation for Gemini API with IContent interface
+     */
+    async *generateChatCompletion(content, tools, _toolFormat) {
+        // Determine best auth method
+        const authToken = await this.determineBestAuth();
+        // Import necessary modules
+        const { GoogleGenAI } = await import('@google/genai');
+        // Convert IContent directly to Gemini format
+        const contents = [];
+        for (const c of content) {
+            if (c.speaker === 'human') {
+                const parts = [];
+                for (const block of c.blocks) {
+                    if (block.type === 'text') {
+                        parts.push({ text: block.text });
+                    }
+                }
+                if (parts.length > 0) {
+                    contents.push({ role: 'user', parts });
+                }
+            }
+            else if (c.speaker === 'ai') {
+                const parts = [];
+                for (const block of c.blocks) {
+                    if (block.type === 'text') {
+                        parts.push({ text: block.text });
+                    }
+                    else if (block.type === 'tool_call') {
+                        const tc = block;
+                        parts.push({
+                            functionCall: {
+                                id: tc.id,
+                                name: tc.name,
+                                args: tc.parameters,
+                            },
+                        });
+                    }
+                }
+                if (parts.length > 0) {
+                    contents.push({ role: 'model', parts });
+                }
+            }
+            else if (c.speaker === 'tool') {
+                const toolResponseBlock = c.blocks.find((b) => b.type === 'tool_response');
+                if (!toolResponseBlock) {
+                    throw new Error('Tool content must have a tool_response block');
+                }
+                contents.push({
+                    role: 'user',
+                    parts: [
+                        {
+                            functionResponse: {
+                                id: toolResponseBlock.callId,
+                                name: toolResponseBlock.toolName,
+                                response: {
+                                    output: JSON.stringify(toolResponseBlock.result),
+                                },
+                            },
+                        },
+                    ],
+                });
+            }
+        }
+        // Ensure tools have proper type: 'object' for Gemini
+        const geminiTools = tools
+            ? tools.map((toolGroup) => ({
+                functionDeclarations: toolGroup.functionDeclarations.map((decl) => {
+                    let parameters = decl.parametersJsonSchema;
+                    if (parameters &&
+                        typeof parameters === 'object' &&
+                        !('type' in parameters)) {
+                        parameters = { type: Type.OBJECT, ...parameters };
+                    }
+                    else if (!parameters) {
+                        parameters = { type: Type.OBJECT, properties: {} };
+                    }
+                    return {
+                        name: decl.name,
+                        description: decl.description,
+                        parameters: parameters,
+                    };
+                }),
+            }))
+            : undefined;
+        // Create appropriate client and generate content
+        const httpOptions = {
+            headers: {
+                'User-Agent': `LLxprt-Code/${process.env.CLI_VERSION || process.version} (${process.platform}; ${process.arch})`,
+            },
+        };
+        let stream;
+        if (this.authMode === 'oauth') {
+            // OAuth mode
+            const configForOAuth = this.globalConfig || {
+                getProxy: () => undefined,
+            };
+            const contentGenerator = await createCodeAssistContentGenerator(httpOptions, AuthType.LOGIN_WITH_GOOGLE, configForOAuth, this.getBaseURL());
+            const userMemory = this.globalConfig?.getUserMemory
+                ? this.globalConfig.getUserMemory()
+                : '';
+            const systemInstruction = await getCoreSystemPromptAsync(userMemory, this.currentModel);
+            const request = {
+                model: this.currentModel,
+                contents,
+                systemInstruction,
+                config: {
+                    tools: geminiTools,
+                    ...this.modelParams,
+                },
+            };
+            stream = await contentGenerator.generateContentStream(request, 'oauth-session');
+        }
+        else {
+            // API key mode
+            const genAI = new GoogleGenAI({
+                apiKey: authToken,
+                vertexai: this.authMode === 'vertex-ai',
+                httpOptions: this.getBaseURL()
+                    ? { ...httpOptions, baseUrl: this.getBaseURL() }
+                    : httpOptions,
+            });
+            const contentGenerator = genAI.models;
+            const userMemory = this.globalConfig?.getUserMemory
+                ? this.globalConfig.getUserMemory()
+                : '';
+            const systemInstruction = await getCoreSystemPromptAsync(userMemory, this.currentModel);
+            const request = {
+                model: this.currentModel,
+                contents,
+                systemInstruction,
+                config: {
+                    tools: geminiTools,
+                    ...this.modelParams,
+                },
+            };
+            stream = await contentGenerator.generateContentStream(request);
+        }
+        // Stream responses as IContent
+        for await (const response of stream) {
+            const text = response.candidates?.[0]?.content?.parts
+                ?.filter((part) => 'text' in part)
+                ?.map((part) => part.text)
+                ?.join('') || '';
+            const functionCalls = response.candidates?.[0]?.content?.parts
+                ?.filter((part) => 'functionCall' in part)
+                ?.map((part) => part.functionCall) || [];
+            // Yield text if present
+            if (text) {
+                yield {
+                    speaker: 'ai',
+                    blocks: [{ type: 'text', text }],
+                };
+            }
+            // Yield tool calls if present
+            if (functionCalls.length > 0) {
+                const blocks = functionCalls.map((call) => ({
+                    type: 'tool_call',
+                    id: call.id ||
+                        `call_${Date.now()}_${Math.random().toString(36).substring(2, 11)}`,
+                    name: call.name || 'unknown_function',
+                    parameters: call.args || {},
+                }));
+                yield {
+                    speaker: 'ai',
+                    blocks,
+                };
+            }
+        }
+    }
 }
 //# sourceMappingURL=GeminiProvider.js.map