@zhafron/opencode-kiro-auth 1.0.0

package/dist/src/plugin/recovery.js

@@ -0,0 +1,302 @@
+import { promises as fs } from 'node:fs';
+import { dirname } from 'node:path';
+import { randomBytes } from 'node:crypto';
+import lockfile from 'proper-lockfile';
+import { xdgConfig } from 'xdg-basedir';
+import * as logger from './logger';
+import { KiroTokenRefreshError, KiroQuotaExhaustedError, KiroRateLimitError, KiroAuthError } from './errors';
+const LOCK_OPTIONS = {
+    stale: 10000,
+    retries: {
+        retries: 5,
+        minTimeout: 100,
+        maxTimeout: 1000,
+        factor: 2,
+    },
+};
+const MAX_ERROR_COUNT = 3;
+function getRecoveryPath() {
+    const configDir = xdgConfig || `${process.env.HOME}/.config`;
+    return `${configDir}/opencode/kiro-recovery.json`;
+}
+async function ensureFileExists(path) {
+    try {
+        await fs.access(path);
+    }
+    catch {
+        await fs.mkdir(dirname(path), { recursive: true });
+        const defaultStorage = {
+            version: 1,
+            sessions: {},
+        };
+        await fs.writeFile(path, JSON.stringify(defaultStorage, null, 2), 'utf-8');
+    }
+}
+async function withFileLock(path, fn) {
+    await ensureFileExists(path);
+    let release = null;
+    try {
+        release = await lockfile.lock(path, LOCK_OPTIONS);
+        return await fn();
+    }
+    catch (error) {
+        logger.error('Recovery file lock operation failed', error);
+        throw error;
+    }
+    finally {
+        if (release) {
+            try {
+                await release();
+            }
+            catch (unlockError) {
+                logger.warn('Failed to release recovery lock', unlockError);
+            }
+        }
+    }
+}
+async function loadRecoveryState() {
+    const path = getRecoveryPath();
+    try {
+        await ensureFileExists(path);
+        const content = await fs.readFile(path, 'utf-8');
+        const data = JSON.parse(content);
+        if (data.version !== 1) {
+            logger.warn('Unknown recovery storage version, returning default');
+            return {
+                version: 1,
+                sessions: {},
+            };
+        }
+        if (typeof data.sessions !== 'object' || data.sessions === null) {
+            logger.warn('Invalid sessions object, returning default');
+            return {
+                version: 1,
+                sessions: {},
+            };
+        }
+        return data;
+    }
+    catch (error) {
+        const code = error.code;
+        if (code === 'ENOENT') {
+            return {
+                version: 1,
+                sessions: {},
+            };
+        }
+        logger.error('Failed to load recovery state', error);
+        return {
+            version: 1,
+            sessions: {},
+        };
+    }
+}
+async function saveRecoveryState(state) {
+    const path = getRecoveryPath();
+    await withFileLock(path, async () => {
+        const tempPath = `${path}.${randomBytes(6).toString('hex')}.tmp`;
+        const content = JSON.stringify(state, null, 2);
+        await fs.mkdir(dirname(path), { recursive: true });
+        await fs.writeFile(tempPath, content, 'utf-8');
+        await fs.rename(tempPath, path);
+    });
+}
+function isNetworkError(error) {
+    if (!error)
+        return false;
+    const errorCode = error.code || error.errno;
+    if (typeof errorCode === 'string') {
+        const networkCodes = [
+            'ECONNRESET',
+            'ECONNREFUSED',
+            'ETIMEDOUT',
+            'ENOTFOUND',
+            'ENETUNREACH',
+            'EHOSTUNREACH',
+            'EPIPE',
+            'EAI_AGAIN',
+        ];
+        if (networkCodes.includes(errorCode)) {
+            return true;
+        }
+    }
+    const message = error.message || error.toString?.() || '';
+    const lowerMessage = message.toLowerCase();
+    const networkPatterns = [
+        'network',
+        'connection',
+        'timeout',
+        'econnreset',
+        'econnrefused',
+        'socket hang up',
+        'fetch failed',
+    ];
+    return networkPatterns.some(pattern => lowerMessage.includes(pattern));
+}
+function getStatusCode(error) {
+    if (!error)
+        return null;
+    if (typeof error.statusCode === 'number') {
+        return error.statusCode;
+    }
+    if (typeof error.status === 'number') {
+        return error.status;
+    }
+    if (error.response && typeof error.response.status === 'number') {
+        return error.response.status;
+    }
+    return null;
+}
+function isRecoverableStatusCode(statusCode) {
+    const recoverableCodes = [
+        429,
+        502,
+        503,
+        504,
+    ];
+    return recoverableCodes.includes(statusCode);
+}
+function isUnrecoverableStatusCode(statusCode) {
+    const unrecoverableCodes = [
+        400,
+        402,
+        403,
+        404,
+    ];
+    return unrecoverableCodes.includes(statusCode);
+}
+function isRecoverableErrorImpl(error) {
+    if (!error)
+        return false;
+    if (error instanceof KiroTokenRefreshError) {
+        return false;
+    }
+    if (error instanceof KiroQuotaExhaustedError) {
+        return false;
+    }
+    if (error instanceof KiroRateLimitError) {
+        return true;
+    }
+    if (error instanceof KiroAuthError) {
+        const statusCode = error.statusCode;
+        if (statusCode === 401) {
+            return true;
+        }
+        if (statusCode && isUnrecoverableStatusCode(statusCode)) {
+            return false;
+        }
+        return true;
+    }
+    if (isNetworkError(error)) {
+        return true;
+    }
+    const statusCode = getStatusCode(error);
+    if (statusCode !== null) {
+        if (isUnrecoverableStatusCode(statusCode)) {
+            return false;
+        }
+        if (isRecoverableStatusCode(statusCode)) {
+            return true;
+        }
+    }
+    return false;
+}
+function getErrorMessage(error) {
+    if (!error)
+        return 'Unknown error';
+    if (typeof error === 'string') {
+        return error;
+    }
+    if (error.message && typeof error.message === 'string') {
+        return error.message;
+    }
+    if (error.toString && typeof error.toString === 'function') {
+        return error.toString();
+    }
+    try {
+        return JSON.stringify(error);
+    }
+    catch {
+        return 'Unknown error';
+    }
+}
+export function createSessionRecoveryHook(enabled, autoResume) {
+    const handleSessionError = async (error, sessionId) => {
+        if (!enabled) {
+            return false;
+        }
+        if (!sessionId) {
+            logger.warn('No session ID provided for recovery');
+            return false;
+        }
+        if (!isRecoverableErrorImpl(error)) {
+            logger.debug('Error is not recoverable', { sessionId, error: getErrorMessage(error) });
+            return false;
+        }
+        try {
+            const storage = await loadRecoveryState();
+            let sessionState = storage.sessions[sessionId];
+            if (!sessionState) {
+                sessionState = {
+                    sessionId,
+                    conversationId: '',
+                    model: '',
+                    lastMessageIndex: 0,
+                    errorCount: 1,
+                    lastError: getErrorMessage(error),
+                    timestamp: Date.now(),
+                };
+            }
+            else {
+                sessionState.errorCount += 1;
+                sessionState.lastError = getErrorMessage(error);
+                sessionState.timestamp = Date.now();
+            }
+            if (sessionState.errorCount > MAX_ERROR_COUNT) {
+                logger.warn('Session error count exceeded maximum', {
+                    sessionId,
+                    errorCount: sessionState.errorCount
+                });
+                delete storage.sessions[sessionId];
+                await saveRecoveryState(storage);
+                return false;
+            }
+            storage.sessions[sessionId] = sessionState;
+            await saveRecoveryState(storage);
+            logger.log('Session error recorded for recovery', {
+                sessionId,
+                errorCount: sessionState.errorCount,
+                shouldRetry: true
+            });
+            return true;
+        }
+        catch (storageError) {
+            logger.error('Failed to handle session error', storageError);
+            return false;
+        }
+    };
+    const isRecoverableError = (error) => {
+        return isRecoverableErrorImpl(error);
+    };
+    const clearSession = async (sessionId) => {
+        if (!sessionId) {
+            return;
+        }
+        try {
+            const storage = await loadRecoveryState();
+            if (storage.sessions[sessionId]) {
+                delete storage.sessions[sessionId];
+                await saveRecoveryState(storage);
+                logger.debug('Session cleared from recovery state', { sessionId });
+            }
+        }
+        catch (error) {
+            logger.error('Failed to clear session', error);
+        }
+    };
+    return {
+        handleSessionError,
+        isRecoverableError,
+        clearSession,
+    };
+}

package/dist/src/plugin/refresh-queue.d.ts

@@ -0,0 +1,14 @@
+import type { KiroAuthDetails } from './types';
+import type { AccountManager } from './accounts';
+export interface ProactiveRefreshQueue {
+    start(): void;
+    stop(): void;
+    setAccountManager(manager: AccountManager): void;
+}
+export interface RefreshQueueConfig {
+    enabled: boolean;
+    checkIntervalSeconds: number;
+    bufferSeconds: number;
+}
+export declare function isTokenExpiringSoon(auth: KiroAuthDetails, bufferMs: number): boolean;
+export declare function createProactiveRefreshQueue(config: RefreshQueueConfig): ProactiveRefreshQueue;

package/dist/src/plugin/refresh-queue.js

@@ -0,0 +1,69 @@
+import { refreshAccessToken } from './token';
+import * as logger from './logger';
+export function isTokenExpiringSoon(auth, bufferMs) {
+    const now = Date.now();
+    const expiresAt = auth.expires;
+    const timeUntilExpiry = expiresAt - now;
+    return timeUntilExpiry <= bufferMs && timeUntilExpiry > 0;
+}
+export function createProactiveRefreshQueue(config) {
+    let intervalId = null;
+    let accountManager = null;
+    let isRunning = false;
+    async function checkAndRefresh() {
+        if (!accountManager) {
+            return;
+        }
+        try {
+            const accounts = accountManager.getAccounts();
+            const bufferMs = config.bufferSeconds * 1000;
+            for (const account of accounts) {
+                try {
+                    const auth = accountManager.toAuthDetails(account);
+                    if (isTokenExpiringSoon(auth, bufferMs)) {
+                        logger.log(`[RefreshQueue] Token expiring soon for account ${account.email}, refreshing...`);
+                        const refreshedAuth = await refreshAccessToken(auth);
+                        accountManager.updateFromAuth(account, refreshedAuth);
+                        await accountManager.saveToDisk();
+                        logger.log(`[RefreshQueue] Successfully refreshed token for account ${account.email}`);
+                    }
+                }
+                catch (error) {
+                    logger.error(`[RefreshQueue] Failed to refresh token for account ${account.email}: ${error instanceof Error ? error.message : String(error)}`);
+                }
+            }
+        }
+        catch (error) {
+            logger.error(`[RefreshQueue] Error during refresh check: ${error instanceof Error ? error.message : String(error)}`);
+        }
+    }
+    function start() {
+        if (!config.enabled || isRunning) {
+            return;
+        }
+        const intervalMs = config.checkIntervalSeconds * 1000;
+        intervalId = setInterval(() => {
+            checkAndRefresh().catch((error) => {
+                logger.error(`[RefreshQueue] Unhandled error in refresh check: ${error instanceof Error ? error.message : String(error)}`);
+            });
+        }, intervalMs);
+        isRunning = true;
+        logger.log(`[RefreshQueue] Started proactive refresh queue (interval: ${config.checkIntervalSeconds}s, buffer: ${config.bufferSeconds}s)`);
+    }
+    function stop() {
+        if (intervalId) {
+            clearInterval(intervalId);
+            intervalId = null;
+        }
+        isRunning = false;
+        logger.log('[RefreshQueue] Stopped proactive refresh queue');
+    }
+    function setAccountManager(manager) {
+        accountManager = manager;
+    }
+    return {
+        start,
+        stop,
+        setAccountManager,
+    };
+}

package/dist/src/plugin/request.d.ts

@@ -0,0 +1,35 @@
+import type { KiroAuthDetails, PreparedRequest } from './types';
+interface OpenAIMessage {
+    role: 'user' | 'assistant' | 'system';
+    content: string | Array<{
+        type: string;
+        text?: string;
+        image_url?: {
+            url: string;
+        };
+        tool_use_id?: string;
+        id?: string;
+        name?: string;
+        input?: unknown;
+        thinking?: string;
+        source?: {
+            media_type: string;
+            data: string;
+        };
+    }>;
+}
+interface OpenAITool {
+    name: string;
+    description?: string;
+    input_schema?: Record<string, unknown>;
+}
+export declare function transformToCodeWhisperer(url: string, body: string, model: string, auth: KiroAuthDetails, thinkingEnabled?: boolean, thinkingBudget?: number): PreparedRequest;
+export declare function mergeAdjacentMessages(messages: OpenAIMessage[]): OpenAIMessage[];
+export declare function convertToolsToCodeWhisperer(tools: OpenAITool[]): any[];
+export declare function extractImagesFromContent(content: any): {
+    text: string;
+    images: any[];
+};
+export declare function buildUserAgent(machineId: string): string;
+export declare function generateMachineId(auth: KiroAuthDetails): string;
+export {};