@wingman-ai/gateway 0.2.4 → 0.3.0

package/dist/gateway/server.js

@@ -336,12 +336,29 @@ class GatewayServer {
         const sessionManager = await this.getSessionManager(agentId);
         const existingSession = sessionManager.getSession(sessionKey);
         const session = existingSession || sessionManager.getOrCreateSession(sessionKey, agentId);
+        const requestId = msg.id || `req-${Date.now()}`;
         const workdir = session.metadata?.workdir ?? null;
         const defaultOutputDir = this.resolveDefaultOutputDir(agentId);
         const preview = hasContent ? content.trim() : buildAttachmentPreview(attachments);
         sessionManager.updateSession(session.id, {
+            messageCount: (session.messageCount ?? 0) + 1,
             lastMessagePreview: preview.substring(0, 200)
         });
+        try {
+            sessionManager.persistPendingMessage({
+                sessionId: sessionKey,
+                requestId,
+                message: {
+                    id: `user-${requestId}`,
+                    role: "user",
+                    content,
+                    attachments: attachments.length > 0 ? mapAttachmentsForPendingMessage(attachments) : void 0,
+                    createdAt: Date.now()
+                }
+            });
+        } catch (error) {
+            this.logger.warn("Failed to persist pending user message", error);
+        }
         if (!existingSession) this.internalHooks?.emit({
             type: "session",
             action: "start",
@@ -444,9 +461,15 @@ class GatewayServer {
         this.activeSessionRequests.set(sessionQueueKey, msg.id);
         const outputManager = new OutputManager("interactive");
         let emittedAgentError = false;
+        let streamedCompletionResult;
         const outputHandler = (event)=>{
             const payloadWithSession = this.attachSessionContext(event, sessionKey, agentId);
-            if (payloadWithSession && "object" == typeof payloadWithSession && !Array.isArray(payloadWithSession) && "agent-error" === payloadWithSession.type) emittedAgentError = true;
+            const payloadType = payloadWithSession && "object" == typeof payloadWithSession && !Array.isArray(payloadWithSession) && "string" == typeof payloadWithSession.type ? payloadWithSession.type : "";
+            if ("agent-complete" === payloadType) {
+                if (payloadWithSession && "object" == typeof payloadWithSession && !Array.isArray(payloadWithSession)) streamedCompletionResult = payloadWithSession.result;
+                return;
+            }
+            if ("agent-error" === payloadType) emittedAgentError = true;
             const baseMessage = {
                 type: "event:agent",
                 id: msg.id,
@@ -477,17 +500,43 @@ class GatewayServer {
             abortController
         });
         try {
-            await invoker.invokeAgent(agentId, content, sessionKey, attachments, {
+            const invocationResult = await invoker.invokeAgent(agentId, content, sessionKey, attachments, {
                 signal: abortController.signal
             });
-            const updated = sessionManager.getSession(sessionKey);
-            if (updated) sessionManager.updateSession(sessionKey, {
-                messageCount: updated.messageCount + 1
+            if (msg.id) sessionManager.clearPendingMessagesForRequest(sessionKey, msg.id);
+            if (emittedAgentError) return;
+            const invocationCancelled = abortController.signal.aborted || "object" == typeof invocationResult && null !== invocationResult && !Array.isArray(invocationResult) && true === invocationResult.cancelled;
+            if (invocationCancelled) return void this.sendAgentError(ws, msg.id, "Request cancelled", {
+                sessionId: sessionKey,
+                agentId,
+                broadcastToSession: true,
+                exclude: ws
+            });
+            const completionResult = void 0 === streamedCompletionResult ? invocationResult : streamedCompletionResult;
+            this.sendAgentComplete(ws, msg.id, completionResult, {
+                sessionId: sessionKey,
+                agentId,
+                broadcastToSession: true,
+                exclude: ws
             });
         } catch (error) {
             this.logger.error("Agent invocation failed", error);
+            const message = error instanceof Error ? error.message : String(error);
+            if (msg.id) try {
+                sessionManager.persistPendingMessage({
+                    sessionId: sessionKey,
+                    requestId: msg.id,
+                    message: {
+                        id: msg.id,
+                        role: "assistant",
+                        content: message,
+                        createdAt: Date.now()
+                    }
+                });
+            } catch (persistError) {
+                this.logger.warn("Failed to persist pending assistant error message", persistError);
+            }
             if (!emittedAgentError) {
-                const message = error instanceof Error ? error.message : String(error);
                 const stack = error instanceof Error ? error.stack : void 0;
                 this.sendAgentError(ws, msg.id, message, {
                     sessionId: sessionKey,
@@ -563,6 +612,12 @@ class GatewayServer {
                 },
                 timestamp: Date.now()
             });
+            this.sendAgentError(ws, requestId, "Request cancelled", {
+                sessionId: queued.sessionKey,
+                agentId: queued.agentId,
+                broadcastToSession: true,
+                exclude: ws
+            });
             return;
         }
         this.sendMessage(ws, {
@@ -737,11 +792,25 @@ class GatewayServer {
     }
     sendMessage(ws, message) {
         try {
-            ws.send(JSON.stringify(message));
+            const result = ws.send(JSON.stringify(message));
+            if ("number" == typeof result && result <= 0) return false;
+            return true;
         } catch (error) {
             this.log("error", "Failed to send message", error);
+            return false;
         }
     }
+    sendMessageWithRetry(ws, message, attempt = 0) {
+        if (this.sendMessage(ws, message)) return;
+        if (attempt >= 2) return void this.log("warn", "Dropping websocket message after retry attempts", {
+            type: message.type,
+            id: message.id
+        });
+        const delayMs = 25 * (attempt + 1);
+        setTimeout(()=>{
+            this.sendMessageWithRetry(ws, message, attempt + 1);
+        }, delayMs);
+    }
     sendError(ws, code, message) {
         const errorPayload = {
             code,
@@ -753,6 +822,25 @@ class GatewayServer {
             timestamp: Date.now()
         });
     }
+    sendAgentComplete(ws, requestId, result, options) {
+        let payload = {
+            type: "agent-complete",
+            result: result ?? null,
+            timestamp: new Date().toISOString()
+        };
+        if (options?.sessionId && options?.agentId) payload = this.attachSessionContext(payload, options.sessionId, options.agentId);
+        const baseMessage = {
+            type: "event:agent",
+            id: requestId,
+            payload,
+            timestamp: Date.now()
+        };
+        this.sendMessageWithRetry(ws, {
+            ...baseMessage,
+            clientId: ws.data.clientId
+        });
+        if (options?.broadcastToSession && options.sessionId) this.broadcastSessionEvent(options.sessionId, baseMessage, options.exclude, true);
+    }
     sendAgentError(ws, requestId, message, options) {
         let payload = {
             type: "agent-error",
@@ -767,11 +855,11 @@ class GatewayServer {
             payload,
             timestamp: Date.now()
         };
-        this.sendMessage(ws, {
+        this.sendMessageWithRetry(ws, {
             ...baseMessage,
             clientId: ws.data.clientId
         });
-        if (options?.broadcastToSession && options.sessionId) this.broadcastSessionEvent(options.sessionId, baseMessage, options.exclude);
+        if (options?.broadcastToSession && options.sessionId) this.broadcastSessionEvent(options.sessionId, baseMessage, options.exclude, true);
     }
     cancelSocketAgentRequests(ws) {
         for (const [requestId, active] of this.activeAgentRequests)if (active.socket === ws) {
@@ -800,12 +888,13 @@ class GatewayServer {
             agentId
         };
     }
-    broadcastSessionEvent(sessionId, message, exclude) {
+    broadcastSessionEvent(sessionId, message, exclude, reliable = false) {
         const subscribers = this.sessionSubscriptions.get(sessionId);
         if (!subscribers || 0 === subscribers.size) return 0;
         let sent = 0;
         for (const ws of subscribers)if (!exclude || ws !== exclude) {
-            this.sendMessage(ws, message);
+            if (reliable) this.sendMessageWithRetry(ws, message);
+            else this.sendMessage(ws, message);
             sent++;
         }
         return sent;
@@ -1379,6 +1468,18 @@ function buildAttachmentPreview(attachments) {
     if (hasAudio) return count > 1 ? "Audio attachments" : "Audio attachment";
     return count > 1 ? "Image attachments" : "Image attachment";
 }
+function mapAttachmentsForPendingMessage(attachments) {
+    return attachments.map((attachment)=>{
+        const kind = isFileAttachment(attachment) ? "file" : isAudioAttachment(attachment) ? "audio" : "image";
+        return {
+            kind,
+            dataUrl: attachment.dataUrl,
+            name: attachment.name,
+            mimeType: attachment.mimeType,
+            size: attachment.size
+        };
+    });
+}
 function isAudioAttachment(attachment) {
     if ("audio" === attachment.kind) return true;
     if (attachment.mimeType?.startsWith("audio/")) return true;

package/dist/providers/codex.cjs

@@ -34,6 +34,9 @@ const external_node_path_namespaceObject = require("node:path");
 const external_logger_cjs_namespaceObject = require("../logger.cjs");
 const CODEX_HOME_ENV = "CODEX_HOME";
 const CODEX_AUTH_FILE = "auth.json";
+const CODEX_REFRESH_TOKEN_URL_OVERRIDE_ENV = "CODEX_REFRESH_TOKEN_URL_OVERRIDE";
+const DEFAULT_CODEX_REFRESH_TOKEN_URL = "https://auth.openai.com/oauth/token";
+const TOKEN_REFRESH_BUFFER_MS = 300000;
 const DEFAULT_CODEX_INSTRUCTIONS = "You are Wingman, a coding assistant. Follow the user's request exactly and keep tool usage focused.";
 const logger = (0, external_logger_cjs_namespaceObject.createLogger)();
 function getCodexAuthPath() {
@@ -43,53 +46,77 @@ function getCodexAuthPath() {
 }
 function resolveCodexAuthFromFile() {
     const authPath = getCodexAuthPath();
-    if (!(0, external_node_fs_namespaceObject.existsSync)(authPath)) return {
+    const root = readCodexAuthRoot(authPath);
+    if (!root) return {
+        authPath
+    };
+    const tokens = root.tokens && "object" == typeof root.tokens ? root.tokens : void 0;
+    const accessToken = firstNonEmptyString([
+        tokens?.access_token,
+        root.access_token
+    ]);
+    const refreshToken = firstNonEmptyString([
+        tokens?.refresh_token,
+        root.refresh_token
+    ]);
+    const idToken = firstNonEmptyString([
+        tokens?.id_token,
+        root.id_token
+    ]);
+    const accountId = firstNonEmptyString([
+        tokens?.account_id,
+        root.account_id,
+        extractAccountIdFromIdToken(idToken)
+    ]);
+    return {
+        accessToken,
+        refreshToken,
+        idToken,
+        accountId,
         authPath
     };
-    try {
-        const parsed = JSON.parse((0, external_node_fs_namespaceObject.readFileSync)(authPath, "utf-8"));
-        if (!parsed || "object" != typeof parsed) return {
-            authPath
-        };
-        const root = parsed;
-        const tokens = root.tokens && "object" == typeof root.tokens ? root.tokens : void 0;
-        const accessToken = firstNonEmptyString([
-            tokens?.access_token,
-            root.access_token
-        ]);
-        const accountId = firstNonEmptyString([
-            tokens?.account_id,
-            root.account_id
-        ]);
-        return {
-            accessToken,
-            accountId,
-            authPath
-        };
-    } catch  {
-        return {
-            authPath
-        };
-    }
 }
 function createCodexFetch(options = {}) {
     const baseFetch = options.baseFetch || globalThis.fetch.bind(globalThis);
     return async (input, init)=>{
-        const codexAuth = resolveCodexAuthFromFile();
-        const accessToken = codexAuth.accessToken || options.fallbackToken;
-        const accountId = codexAuth.accountId || options.fallbackAccountId;
+        let codexAuth = await maybeRefreshCodexAuth({
+            authState: resolveCodexAuthFromFile(),
+            baseFetch
+        });
+        let accessToken = codexAuth.accessToken || options.fallbackToken;
+        let accountId = codexAuth.accountId || options.fallbackAccountId;
         if (!accessToken) throw new Error("Codex credentials missing. Run `codex login` or set CODEX_ACCESS_TOKEN.");
-        const headers = new Headers(init?.headers || {});
-        headers.delete("authorization");
-        headers.delete("x-api-key");
-        headers.set("Authorization", `Bearer ${accessToken}`);
-        if (accountId) headers.set("ChatGPT-Account-ID", accountId);
         const body = withCodexRequestDefaults(init?.body);
-        const response = await baseFetch(input, {
-            ...init,
-            headers,
+        let response = await dispatchCodexRequest({
+            input,
+            init,
+            baseFetch,
+            accessToken,
+            accountId,
             body
         });
+        if ((401 === response.status || 403 === response.status) && canRetryCodexRequest(body) && codexAuth.refreshToken) {
+            const refreshed = await maybeRefreshCodexAuth({
+                authState: codexAuth,
+                baseFetch,
+                force: true
+            });
+            const refreshedAccessToken = refreshed.accessToken || options.fallbackToken;
+            const refreshedAccountId = refreshed.accountId || options.fallbackAccountId;
+            if (refreshedAccessToken && refreshedAccessToken !== accessToken) {
+                codexAuth = refreshed;
+                accessToken = refreshedAccessToken;
+                accountId = refreshedAccountId;
+                response = await dispatchCodexRequest({
+                    input,
+                    init,
+                    baseFetch,
+                    accessToken,
+                    accountId,
+                    body
+                });
+            }
+        }
         if (!response.ok) {
             let responseBody = "";
             try {
@@ -105,6 +132,172 @@ function createCodexFetch(options = {}) {
         return response;
     };
 }
+async function dispatchCodexRequest(input) {
+    const headers = new Headers(input.init?.headers || {});
+    headers.delete("authorization");
+    headers.delete("x-api-key");
+    headers.set("Authorization", `Bearer ${input.accessToken}`);
+    if (input.accountId) headers.set("ChatGPT-Account-ID", input.accountId);
+    return input.baseFetch(input.input, {
+        ...input.init,
+        headers,
+        body: input.body
+    });
+}
+function canRetryCodexRequest(body) {
+    return null == body || "string" == typeof body || body instanceof URLSearchParams;
+}
+async function maybeRefreshCodexAuth(input) {
+    const { authState, baseFetch, force = false } = input;
+    if (!authState.refreshToken) return authState;
+    const shouldRefresh = force || !authState.accessToken || isTokenExpiredOrExpiring(authState.accessToken);
+    if (!shouldRefresh) return authState;
+    try {
+        const refreshed = await refreshCodexAuthToken(authState, baseFetch);
+        if (refreshed) return refreshed;
+    } catch (error) {
+        logger.warn("Failed to refresh Codex token", {
+            error: error instanceof Error ? error.message : String(error)
+        });
+    }
+    return authState;
+}
+async function refreshCodexAuthToken(authState, baseFetch) {
+    const refreshToken = authState.refreshToken;
+    if (!refreshToken) return;
+    const clientId = extractClientIdForRefresh(authState);
+    const tokenUrl = resolveCodexRefreshTokenUrl();
+    const form = new URLSearchParams({
+        grant_type: "refresh_token",
+        refresh_token: refreshToken
+    });
+    if (clientId) form.set("client_id", clientId);
+    const response = await baseFetch(tokenUrl, {
+        method: "POST",
+        headers: {
+            Accept: "application/json",
+            "Content-Type": "application/x-www-form-urlencoded"
+        },
+        body: form.toString()
+    });
+    if (!response.ok) {
+        const preview = await readResponsePreview(response);
+        logger.warn("Codex token refresh failed", {
+            status: response.status,
+            statusText: response.statusText || null,
+            bodyPreview: preview || null
+        });
+        return;
+    }
+    const payload = await response.json();
+    const accessToken = firstNonEmptyString([
+        payload.access_token
+    ]);
+    if (!accessToken) return void logger.warn("Codex token refresh failed: missing access_token");
+    const idToken = firstNonEmptyString([
+        payload.id_token,
+        authState.idToken
+    ]);
+    const refreshed = {
+        accessToken,
+        refreshToken: firstNonEmptyString([
+            payload.refresh_token,
+            authState.refreshToken
+        ]),
+        idToken,
+        accountId: firstNonEmptyString([
+            extractAccountIdFromIdToken(idToken),
+            authState.accountId
+        ])
+    };
+    persistCodexAuthUpdate(authState.authPath, refreshed);
+    return resolveCodexAuthFromFile();
+}
+async function readResponsePreview(response) {
+    try {
+        const text = await response.text();
+        return text.trim().slice(0, 1200);
+    } catch  {
+        return "";
+    }
+}
+function persistCodexAuthUpdate(authPath, updated) {
+    const root = readCodexAuthRoot(authPath) || {};
+    const existingTokens = root.tokens && "object" == typeof root.tokens && !Array.isArray(root.tokens) ? root.tokens : {};
+    const tokens = {
+        ...existingTokens,
+        access_token: updated.accessToken
+    };
+    if (updated.refreshToken) tokens.refresh_token = updated.refreshToken;
+    if (updated.idToken) tokens.id_token = updated.idToken;
+    if (updated.accountId) tokens.account_id = updated.accountId;
+    root.tokens = tokens;
+    root.last_refresh = new Date().toISOString();
+    (0, external_node_fs_namespaceObject.writeFileSync)(authPath, `${JSON.stringify(root, null, 2)}\n`, "utf-8");
+}
+function readCodexAuthRoot(authPath) {
+    if (!(0, external_node_fs_namespaceObject.existsSync)(authPath)) return;
+    try {
+        const parsed = JSON.parse((0, external_node_fs_namespaceObject.readFileSync)(authPath, "utf-8"));
+        if (!parsed || "object" != typeof parsed || Array.isArray(parsed)) return;
+        return parsed;
+    } catch  {
+        return;
+    }
+}
+function resolveCodexRefreshTokenUrl() {
+    const override = process.env[CODEX_REFRESH_TOKEN_URL_OVERRIDE_ENV];
+    if (override?.trim()) return override.trim();
+    return DEFAULT_CODEX_REFRESH_TOKEN_URL;
+}
+function extractClientIdForRefresh(authState) {
+    const accessTokenClaims = parseJwtPayload(authState.accessToken);
+    const accessTokenClientId = accessTokenClaims && "string" == typeof accessTokenClaims.client_id ? accessTokenClaims.client_id : void 0;
+    if (accessTokenClientId?.trim()) return accessTokenClientId.trim();
+    const idTokenClaims = parseJwtPayload(authState.idToken);
+    if (!idTokenClaims) return;
+    const aud = idTokenClaims.aud;
+    if ("string" == typeof aud && aud.trim()) return aud.trim();
+    if (Array.isArray(aud)) {
+        for (const value of aud)if ("string" == typeof value && value.trim()) return value.trim();
+    }
+}
+function isTokenExpiredOrExpiring(token) {
+    const expiryMs = extractTokenExpiryMs(token);
+    if (!expiryMs) return false;
+    return expiryMs <= Date.now() + TOKEN_REFRESH_BUFFER_MS;
+}
+function extractTokenExpiryMs(token) {
+    const payload = parseJwtPayload(token);
+    if (!payload || "number" != typeof payload.exp) return;
+    return 1000 * payload.exp;
+}
+function extractAccountIdFromIdToken(idToken) {
+    const payload = parseJwtPayload(idToken);
+    if (!payload) return;
+    const nested = payload["https://api.openai.com/auth"];
+    if (nested && "object" == typeof nested && !Array.isArray(nested)) {
+        const accountId = nested.chatgpt_account_id;
+        if ("string" == typeof accountId && accountId.trim()) return accountId.trim();
+    }
+    const direct = payload.chatgpt_account_id;
+    if ("string" == typeof direct && direct.trim()) return direct.trim();
+}
+function parseJwtPayload(token) {
+    if (!token) return;
+    const parts = token.split(".");
+    if (3 !== parts.length) return;
+    try {
+        const payload = parts[1];
+        const normalized = payload + "=".repeat((4 - payload.length % 4) % 4);
+        const decoded = Buffer.from(normalized, "base64url").toString("utf-8");
+        const parsed = JSON.parse(decoded);
+        if (!parsed || "object" != typeof parsed || Array.isArray(parsed)) return;
+        return parsed;
+    } catch  {
+        return;
+    }
+}
 function withCodexRequestDefaults(body) {
     if ("string" != typeof body || !body.trim()) return body;
     try {

package/dist/providers/codex.d.ts

@@ -1,6 +1,8 @@
 type FetchLike = (input: Parameters<typeof fetch>[0], init?: Parameters<typeof fetch>[1]) => ReturnType<typeof fetch>;
 export interface CodexAuthState {
     accessToken?: string;
+    refreshToken?: string;
+    idToken?: string;
     accountId?: string;
     authPath: string;
 }