@zhafron/opencode-kiro-auth 1.0.0 → 1.1.0

package/dist/plugin/cli.d.ts

@@ -1,6 +0,0 @@
-import type { KiroAuthMethod, KiroRegion } from './types';
-export declare function promptAuthMethod(): Promise<KiroAuthMethod>;
-export declare function promptRegion(): Promise<KiroRegion>;
-export declare function promptConfirmation(message: string): Promise<boolean>;
-export declare function displayAuthUrl(url: string): void;
-export declare function cleanup(): void;

package/dist/plugin/cli.js

@@ -1,98 +0,0 @@
-import { createInterface } from 'node:readline';
-import * as logger from './logger';
-let rl = null;
-function getReadline() {
-    if (!rl) {
-        rl = createInterface({
-            input: process.stdin,
-            output: process.stdout,
-        });
-        rl.on('SIGINT', () => {
-            logger.log('Received SIGINT, closing readline');
-            closeReadline();
-            process.exit(130);
-        });
-    }
-    return rl;
-}
-function closeReadline() {
-    if (rl) {
-        rl.close();
-        rl = null;
-    }
-}
-function question(prompt) {
-    return new Promise((resolve) => {
-        const readline = getReadline();
-        readline.question(prompt, (answer) => {
-            resolve(answer.trim());
-        });
-    });
-}
-function clearLine() {
-    if (process.stdout.isTTY) {
-        process.stdout.clearLine(0);
-        process.stdout.cursorTo(0);
-    }
-}
-export async function promptAuthMethod() {
-    console.log('\nSelect authentication method:');
-    console.log('  1. Social (GitHub, Google, etc.)');
-    console.log('  2. IDC (Identity Center)');
-    while (true) {
-        const answer = await question('\nEnter your choice (1 or 2): ');
-        if (answer === '1' || answer.toLowerCase() === 'social') {
-            clearLine();
-            return 'social';
-        }
-        if (answer === '2' || answer.toLowerCase() === 'idc') {
-            clearLine();
-            return 'idc';
-        }
-        console.log('Invalid choice. Please enter 1 or 2.');
-    }
-}
-export async function promptRegion() {
-    console.log('\nSelect AWS region:');
-    console.log('  1. us-east-1 (default)');
-    console.log('  2. us-west-2');
-    while (true) {
-        const answer = await question('\nEnter your choice (1 or 2, default: 1): ');
-        if (!answer || answer === '1' || answer.toLowerCase() === 'us-east-1') {
-            clearLine();
-            return 'us-east-1';
-        }
-        if (answer === '2' || answer.toLowerCase() === 'us-west-2') {
-            clearLine();
-            return 'us-west-2';
-        }
-        console.log('Invalid choice. Please enter 1 or 2.');
-    }
-}
-export async function promptConfirmation(message) {
-    while (true) {
-        const answer = await question(`${message} (y/n): `);
-        const lower = answer.toLowerCase();
-        if (lower === 'y' || lower === 'yes') {
-            clearLine();
-            return true;
-        }
-        if (lower === 'n' || lower === 'no') {
-            clearLine();
-            return false;
-        }
-        console.log('Invalid input. Please enter y or n.');
-    }
-}
-export function displayAuthUrl(url) {
-    console.log('\n' + '='.repeat(70));
-    console.log('Authentication Required');
-    console.log('='.repeat(70));
-    console.log('\nPlease open the following URL in your browser to authenticate:\n');
-    console.log(`  ${url}\n`);
-    console.log('Waiting for authentication to complete...');
-    console.log('='.repeat(70) + '\n');
-}
-export function cleanup() {
-    closeReadline();
-}

package/dist/plugin/debug.d.ts

@@ -1,2 +0,0 @@
-export declare function isDebugEnabled(): boolean;
-export declare function debugLog(context: string, message: string, data?: unknown): void;

package/dist/plugin/debug.js

@@ -1,9 +0,0 @@
-export function isDebugEnabled() {
-    return !!process.env.DEBUG;
-}
-export function debugLog(context, message, data) {
-    if (isDebugEnabled()) {
-        const formattedData = data !== undefined ? ` ${JSON.stringify(data)}` : '';
-        console.debug(`[${context}] ${message}${formattedData}`);
-    }
-}

package/dist/plugin/oauth-parser.d.ts

@@ -1,5 +0,0 @@
-export interface ParsedOAuthCallback {
-    code: string;
-    state: string;
-}
-export declare function parseOAuthCallbackInput(input: string): ParsedOAuthCallback;

package/dist/plugin/oauth-parser.js

@@ -1,23 +0,0 @@
-export function parseOAuthCallbackInput(input) {
-    const trimmed = input.trim();
-    try {
-        const url = new URL(trimmed);
-        const code = url.searchParams.get('code');
-        const state = url.searchParams.get('state');
-        if (!code || !state) {
-            throw new Error('Missing code or state in URL');
-        }
-        return { code, state };
-    }
-    catch {
-        const codeMatch = trimmed.match(/code=([^&\s]+)/);
-        const stateMatch = trimmed.match(/state=([^&\s]+)/);
-        if (codeMatch?.[1] && stateMatch?.[1]) {
-            return {
-                code: decodeURIComponent(codeMatch[1]),
-                state: decodeURIComponent(stateMatch[1]),
-            };
-        }
-        throw new Error('Invalid OAuth callback format. Expected full URL or query string with code and state parameters.');
-    }
-}

package/dist/plugin/quota.d.ts

@@ -1,15 +0,0 @@
-import { ManagedAccount } from './types';
-export type QuotaStatus = 'healthy' | 'warning' | 'exhausted';
-export interface QuotaInfo {
-    status: QuotaStatus;
-    used: number;
-    limit: number;
-    remaining: number;
-    percentage: number;
-    recoveryTime?: number;
-}
-export declare function checkQuotaStatus(account: ManagedAccount): QuotaStatus;
-export declare function updateAccountQuota(account: ManagedAccount, usage: any, accountManager?: any): void;
-export declare function sortAccountsByQuota(accounts: ManagedAccount[]): ManagedAccount[];
-export declare function filterHealthyAccounts(accounts: ManagedAccount[]): ManagedAccount[];
-export declare function getAccountWithMostQuota(accounts: ManagedAccount[]): ManagedAccount | null;

package/dist/plugin/quota.js

@@ -1,68 +0,0 @@
-import { calculateUsagePercentage, isQuotaExhausted, getRemainingCount } from './usage';
-const WARNING_THRESHOLD_PERCENT = 80;
-export function checkQuotaStatus(account) {
-    if (!account.usedCount || !account.limitCount) {
-        return 'healthy';
-    }
-    const usage = {
-        usedCount: account.usedCount,
-        limitCount: account.limitCount,
-    };
-    if (isQuotaExhausted(usage)) {
-        return 'exhausted';
-    }
-    const percentage = calculateUsagePercentage(usage);
-    if (percentage >= WARNING_THRESHOLD_PERCENT) {
-        return 'warning';
-    }
-    return 'healthy';
-}
-export function updateAccountQuota(account, usage, accountManager) {
-    const metadata = {
-        usedCount: typeof usage.usedCount === 'number' ? usage.usedCount : 0,
-        limitCount: typeof usage.limitCount === 'number' ? usage.limitCount : 0,
-        realEmail: usage.email
-    };
-    account.usedCount = metadata.usedCount;
-    account.limitCount = metadata.limitCount;
-    if (metadata.realEmail) {
-        account.realEmail = metadata.realEmail;
-    }
-    if (accountManager) {
-        accountManager.updateUsage(account.id, metadata);
-    }
-}
-export function sortAccountsByQuota(accounts) {
-    return [...accounts].sort((a, b) => {
-        const aRemaining = getRemainingQuota(a);
-        const bRemaining = getRemainingQuota(b);
-        return bRemaining - aRemaining;
-    });
-}
-function getRemainingQuota(account) {
-    if (!account.usedCount || !account.limitCount) {
-        return Infinity;
-    }
-    const usage = {
-        usedCount: account.usedCount,
-        limitCount: account.limitCount,
-    };
-    return getRemainingCount(usage);
-}
-export function filterHealthyAccounts(accounts) {
-    return accounts.filter(account => {
-        if (!account.isHealthy) {
-            return false;
-        }
-        const status = checkQuotaStatus(account);
-        return status !== 'exhausted';
-    });
-}
-export function getAccountWithMostQuota(accounts) {
-    const healthyAccounts = filterHealthyAccounts(accounts);
-    if (healthyAccounts.length === 0) {
-        return null;
-    }
-    const sorted = sortAccountsByQuota(healthyAccounts);
-    return sorted[0] || null;
-}

package/dist/plugin/recovery.d.ts

@@ -1,19 +0,0 @@
-export interface RecoveryState {
-    sessionId: string;
-    conversationId: string;
-    model: string;
-    lastMessageIndex: number;
-    errorCount: number;
-    lastError?: string;
-    timestamp: number;
-}
-export interface RecoveryStorage {
-    version: 1;
-    sessions: Record<string, RecoveryState>;
-}
-export interface SessionRecoveryHook {
-    handleSessionError(error: any, sessionId: string): Promise<boolean>;
-    isRecoverableError(error: any): boolean;
-    clearSession(sessionId: string): Promise<void>;
-}
-export declare function createSessionRecoveryHook(enabled: boolean, autoResume: boolean): SessionRecoveryHook;

package/dist/plugin/recovery.js

@@ -1,302 +0,0 @@
-import { promises as fs } from 'node:fs';
-import { dirname } from 'node:path';
-import { randomBytes } from 'node:crypto';
-import lockfile from 'proper-lockfile';
-import { xdgConfig } from 'xdg-basedir';
-import * as logger from './logger';
-import { KiroTokenRefreshError, KiroQuotaExhaustedError, KiroRateLimitError, KiroAuthError } from './errors';
-const LOCK_OPTIONS = {
-    stale: 10000,
-    retries: {
-        retries: 5,
-        minTimeout: 100,
-        maxTimeout: 1000,
-        factor: 2,
-    },
-};
-const MAX_ERROR_COUNT = 3;
-function getRecoveryPath() {
-    const configDir = xdgConfig || `${process.env.HOME}/.config`;
-    return `${configDir}/opencode/kiro-recovery.json`;
-}
-async function ensureFileExists(path) {
-    try {
-        await fs.access(path);
-    }
-    catch {
-        await fs.mkdir(dirname(path), { recursive: true });
-        const defaultStorage = {
-            version: 1,
-            sessions: {},
-        };
-        await fs.writeFile(path, JSON.stringify(defaultStorage, null, 2), 'utf-8');
-    }
-}
-async function withFileLock(path, fn) {
-    await ensureFileExists(path);
-    let release = null;
-    try {
-        release = await lockfile.lock(path, LOCK_OPTIONS);
-        return await fn();
-    }
-    catch (error) {
-        logger.error('Recovery file lock operation failed', error);
-        throw error;
-    }
-    finally {
-        if (release) {
-            try {
-                await release();
-            }
-            catch (unlockError) {
-                logger.warn('Failed to release recovery lock', unlockError);
-            }
-        }
-    }
-}
-async function loadRecoveryState() {
-    const path = getRecoveryPath();
-    try {
-        await ensureFileExists(path);
-        const content = await fs.readFile(path, 'utf-8');
-        const data = JSON.parse(content);
-        if (data.version !== 1) {
-            logger.warn('Unknown recovery storage version, returning default');
-            return {
-                version: 1,
-                sessions: {},
-            };
-        }
-        if (typeof data.sessions !== 'object' || data.sessions === null) {
-            logger.warn('Invalid sessions object, returning default');
-            return {
-                version: 1,
-                sessions: {},
-            };
-        }
-        return data;
-    }
-    catch (error) {
-        const code = error.code;
-        if (code === 'ENOENT') {
-            return {
-                version: 1,
-                sessions: {},
-            };
-        }
-        logger.error('Failed to load recovery state', error);
-        return {
-            version: 1,
-            sessions: {},
-        };
-    }
-}
-async function saveRecoveryState(state) {
-    const path = getRecoveryPath();
-    await withFileLock(path, async () => {
-        const tempPath = `${path}.${randomBytes(6).toString('hex')}.tmp`;
-        const content = JSON.stringify(state, null, 2);
-        await fs.mkdir(dirname(path), { recursive: true });
-        await fs.writeFile(tempPath, content, 'utf-8');
-        await fs.rename(tempPath, path);
-    });
-}
-function isNetworkError(error) {
-    if (!error)
-        return false;
-    const errorCode = error.code || error.errno;
-    if (typeof errorCode === 'string') {
-        const networkCodes = [
-            'ECONNRESET',
-            'ECONNREFUSED',
-            'ETIMEDOUT',
-            'ENOTFOUND',
-            'ENETUNREACH',
-            'EHOSTUNREACH',
-            'EPIPE',
-            'EAI_AGAIN',
-        ];
-        if (networkCodes.includes(errorCode)) {
-            return true;
-        }
-    }
-    const message = error.message || error.toString?.() || '';
-    const lowerMessage = message.toLowerCase();
-    const networkPatterns = [
-        'network',
-        'connection',
-        'timeout',
-        'econnreset',
-        'econnrefused',
-        'socket hang up',
-        'fetch failed',
-    ];
-    return networkPatterns.some(pattern => lowerMessage.includes(pattern));
-}
-function getStatusCode(error) {
-    if (!error)
-        return null;
-    if (typeof error.statusCode === 'number') {
-        return error.statusCode;
-    }
-    if (typeof error.status === 'number') {
-        return error.status;
-    }
-    if (error.response && typeof error.response.status === 'number') {
-        return error.response.status;
-    }
-    return null;
-}
-function isRecoverableStatusCode(statusCode) {
-    const recoverableCodes = [
-        429,
-        502,
-        503,
-        504,
-    ];
-    return recoverableCodes.includes(statusCode);
-}
-function isUnrecoverableStatusCode(statusCode) {
-    const unrecoverableCodes = [
-        400,
-        402,
-        403,
-        404,
-    ];
-    return unrecoverableCodes.includes(statusCode);
-}
-function isRecoverableErrorImpl(error) {
-    if (!error)
-        return false;
-    if (error instanceof KiroTokenRefreshError) {
-        return false;
-    }
-    if (error instanceof KiroQuotaExhaustedError) {
-        return false;
-    }
-    if (error instanceof KiroRateLimitError) {
-        return true;
-    }
-    if (error instanceof KiroAuthError) {
-        const statusCode = error.statusCode;
-        if (statusCode === 401) {
-            return true;
-        }
-        if (statusCode && isUnrecoverableStatusCode(statusCode)) {
-            return false;
-        }
-        return true;
-    }
-    if (isNetworkError(error)) {
-        return true;
-    }
-    const statusCode = getStatusCode(error);
-    if (statusCode !== null) {
-        if (isUnrecoverableStatusCode(statusCode)) {
-            return false;
-        }
-        if (isRecoverableStatusCode(statusCode)) {
-            return true;
-        }
-    }
-    return false;
-}
-function getErrorMessage(error) {
-    if (!error)
-        return 'Unknown error';
-    if (typeof error === 'string') {
-        return error;
-    }
-    if (error.message && typeof error.message === 'string') {
-        return error.message;
-    }
-    if (error.toString && typeof error.toString === 'function') {
-        return error.toString();
-    }
-    try {
-        return JSON.stringify(error);
-    }
-    catch {
-        return 'Unknown error';
-    }
-}
-export function createSessionRecoveryHook(enabled, autoResume) {
-    const handleSessionError = async (error, sessionId) => {
-        if (!enabled) {
-            return false;
-        }
-        if (!sessionId) {
-            logger.warn('No session ID provided for recovery');
-            return false;
-        }
-        if (!isRecoverableErrorImpl(error)) {
-            logger.debug('Error is not recoverable', { sessionId, error: getErrorMessage(error) });
-            return false;
-        }
-        try {
-            const storage = await loadRecoveryState();
-            let sessionState = storage.sessions[sessionId];
-            if (!sessionState) {
-                sessionState = {
-                    sessionId,
-                    conversationId: '',
-                    model: '',
-                    lastMessageIndex: 0,
-                    errorCount: 1,
-                    lastError: getErrorMessage(error),
-                    timestamp: Date.now(),
-                };
-            }
-            else {
-                sessionState.errorCount += 1;
-                sessionState.lastError = getErrorMessage(error);
-                sessionState.timestamp = Date.now();
-            }
-            if (sessionState.errorCount > MAX_ERROR_COUNT) {
-                logger.warn('Session error count exceeded maximum', {
-                    sessionId,
-                    errorCount: sessionState.errorCount
-                });
-                delete storage.sessions[sessionId];
-                await saveRecoveryState(storage);
-                return false;
-            }
-            storage.sessions[sessionId] = sessionState;
-            await saveRecoveryState(storage);
-            logger.log('Session error recorded for recovery', {
-                sessionId,
-                errorCount: sessionState.errorCount,
-                shouldRetry: true
-            });
-            return true;
-        }
-        catch (storageError) {
-            logger.error('Failed to handle session error', storageError);
-            return false;
-        }
-    };
-    const isRecoverableError = (error) => {
-        return isRecoverableErrorImpl(error);
-    };
-    const clearSession = async (sessionId) => {
-        if (!sessionId) {
-            return;
-        }
-        try {
-            const storage = await loadRecoveryState();
-            if (storage.sessions[sessionId]) {
-                delete storage.sessions[sessionId];
-                await saveRecoveryState(storage);
-                logger.debug('Session cleared from recovery state', { sessionId });
-            }
-        }
-        catch (error) {
-            logger.error('Failed to clear session', error);
-        }
-    };
-    return {
-        handleSessionError,
-        isRecoverableError,
-        clearSession,
-    };
-}

package/dist/plugin/refresh-queue.d.ts

@@ -1,14 +0,0 @@
-import type { KiroAuthDetails } from './types';
-import type { AccountManager } from './accounts';
-export interface ProactiveRefreshQueue {
-    start(): void;
-    stop(): void;
-    setAccountManager(manager: AccountManager): void;
-}
-export interface RefreshQueueConfig {
-    enabled: boolean;
-    checkIntervalSeconds: number;
-    bufferSeconds: number;
-}
-export declare function isTokenExpiringSoon(auth: KiroAuthDetails, bufferMs: number): boolean;
-export declare function createProactiveRefreshQueue(config: RefreshQueueConfig): ProactiveRefreshQueue;

package/dist/plugin/refresh-queue.js

@@ -1,69 +0,0 @@
-import { refreshAccessToken } from './token';
-import * as logger from './logger';
-export function isTokenExpiringSoon(auth, bufferMs) {
-    const now = Date.now();
-    const expiresAt = auth.expires;
-    const timeUntilExpiry = expiresAt - now;
-    return timeUntilExpiry <= bufferMs && timeUntilExpiry > 0;
-}
-export function createProactiveRefreshQueue(config) {
-    let intervalId = null;
-    let accountManager = null;
-    let isRunning = false;
-    async function checkAndRefresh() {
-        if (!accountManager) {
-            return;
-        }
-        try {
-            const accounts = accountManager.getAccounts();
-            const bufferMs = config.bufferSeconds * 1000;
-            for (const account of accounts) {
-                try {
-                    const auth = accountManager.toAuthDetails(account);
-                    if (isTokenExpiringSoon(auth, bufferMs)) {
-                        logger.log(`[RefreshQueue] Token expiring soon for account ${account.email}, refreshing...`);
-                        const refreshedAuth = await refreshAccessToken(auth);
-                        accountManager.updateFromAuth(account, refreshedAuth);
-                        await accountManager.saveToDisk();
-                        logger.log(`[RefreshQueue] Successfully refreshed token for account ${account.email}`);
-                    }
-                }
-                catch (error) {
-                    logger.error(`[RefreshQueue] Failed to refresh token for account ${account.email}: ${error instanceof Error ? error.message : String(error)}`);
-                }
-            }
-        }
-        catch (error) {
-            logger.error(`[RefreshQueue] Error during refresh check: ${error instanceof Error ? error.message : String(error)}`);
-        }
-    }
-    function start() {
-        if (!config.enabled || isRunning) {
-            return;
-        }
-        const intervalMs = config.checkIntervalSeconds * 1000;
-        intervalId = setInterval(() => {
-            checkAndRefresh().catch((error) => {
-                logger.error(`[RefreshQueue] Unhandled error in refresh check: ${error instanceof Error ? error.message : String(error)}`);
-            });
-        }, intervalMs);
-        isRunning = true;
-        logger.log(`[RefreshQueue] Started proactive refresh queue (interval: ${config.checkIntervalSeconds}s, buffer: ${config.bufferSeconds}s)`);
-    }
-    function stop() {
-        if (intervalId) {
-            clearInterval(intervalId);
-            intervalId = null;
-        }
-        isRunning = false;
-        logger.log('[RefreshQueue] Stopped proactive refresh queue');
-    }
-    function setAccountManager(manager) {
-        accountManager = manager;
-    }
-    return {
-        start,
-        stop,
-        setAccountManager,
-    };
-}

package/dist/src/constants.d.ts

@@ -1,22 +0,0 @@
-import type { KiroRegion } from './plugin/types';
-export declare const KIRO_CONSTANTS: {
-    REFRESH_URL: string;
-    REFRESH_IDC_URL: string;
-    BASE_URL: string;
-    USAGE_LIMITS_URL: string;
-    DEFAULT_REGION: KiroRegion;
-    ACCESS_TOKEN_EXPIRY_BUFFER_MS: number;
-    AXIOS_TIMEOUT: number;
-    USER_AGENT: string;
-    KIRO_VERSION: string;
-    CHAT_TRIGGER_TYPE_MANUAL: string;
-    ORIGIN_AI_EDITOR: string;
-};
-export declare const MODEL_MAPPING: Record<string, string>;
-export declare const SUPPORTED_MODELS: string[];
-export declare const KIRO_AUTH_SERVICE: {
-    ENDPOINT: string;
-    SSO_OIDC_ENDPOINT: string;
-    BUILDER_ID_START_URL: string;
-    SCOPES: string[];
-};