@zhafron/opencode-kiro-auth 1.0.0

package/dist/plugin/recovery.js

@@ -0,0 +1,302 @@
+import { promises as fs } from 'node:fs';
+import { dirname } from 'node:path';
+import { randomBytes } from 'node:crypto';
+import lockfile from 'proper-lockfile';
+import { xdgConfig } from 'xdg-basedir';
+import * as logger from './logger';
+import { KiroTokenRefreshError, KiroQuotaExhaustedError, KiroRateLimitError, KiroAuthError } from './errors';
+const LOCK_OPTIONS = {
+    stale: 10000,
+    retries: {
+        retries: 5,
+        minTimeout: 100,
+        maxTimeout: 1000,
+        factor: 2,
+    },
+};
+const MAX_ERROR_COUNT = 3;
+function getRecoveryPath() {
+    const configDir = xdgConfig || `${process.env.HOME}/.config`;
+    return `${configDir}/opencode/kiro-recovery.json`;
+}
+async function ensureFileExists(path) {
+    try {
+        await fs.access(path);
+    }
+    catch {
+        await fs.mkdir(dirname(path), { recursive: true });
+        const defaultStorage = {
+            version: 1,
+            sessions: {},
+        };
+        await fs.writeFile(path, JSON.stringify(defaultStorage, null, 2), 'utf-8');
+    }
+}
+async function withFileLock(path, fn) {
+    await ensureFileExists(path);
+    let release = null;
+    try {
+        release = await lockfile.lock(path, LOCK_OPTIONS);
+        return await fn();
+    }
+    catch (error) {
+        logger.error('Recovery file lock operation failed', error);
+        throw error;
+    }
+    finally {
+        if (release) {
+            try {
+                await release();
+            }
+            catch (unlockError) {
+                logger.warn('Failed to release recovery lock', unlockError);
+            }
+        }
+    }
+}
+async function loadRecoveryState() {
+    const path = getRecoveryPath();
+    try {
+        await ensureFileExists(path);
+        const content = await fs.readFile(path, 'utf-8');
+        const data = JSON.parse(content);
+        if (data.version !== 1) {
+            logger.warn('Unknown recovery storage version, returning default');
+            return {
+                version: 1,
+                sessions: {},
+            };
+        }
+        if (typeof data.sessions !== 'object' || data.sessions === null) {
+            logger.warn('Invalid sessions object, returning default');
+            return {
+                version: 1,
+                sessions: {},
+            };
+        }
+        return data;
+    }
+    catch (error) {
+        const code = error.code;
+        if (code === 'ENOENT') {
+            return {
+                version: 1,
+                sessions: {},
+            };
+        }
+        logger.error('Failed to load recovery state', error);
+        return {
+            version: 1,
+            sessions: {},
+        };
+    }
+}
+async function saveRecoveryState(state) {
+    const path = getRecoveryPath();
+    await withFileLock(path, async () => {
+        const tempPath = `${path}.${randomBytes(6).toString('hex')}.tmp`;
+        const content = JSON.stringify(state, null, 2);
+        await fs.mkdir(dirname(path), { recursive: true });
+        await fs.writeFile(tempPath, content, 'utf-8');
+        await fs.rename(tempPath, path);
+    });
+}
+function isNetworkError(error) {
+    if (!error)
+        return false;
+    const errorCode = error.code || error.errno;
+    if (typeof errorCode === 'string') {
+        const networkCodes = [
+            'ECONNRESET',
+            'ECONNREFUSED',
+            'ETIMEDOUT',
+            'ENOTFOUND',
+            'ENETUNREACH',
+            'EHOSTUNREACH',
+            'EPIPE',
+            'EAI_AGAIN',
+        ];
+        if (networkCodes.includes(errorCode)) {
+            return true;
+        }
+    }
+    const message = error.message || error.toString?.() || '';
+    const lowerMessage = message.toLowerCase();
+    const networkPatterns = [
+        'network',
+        'connection',
+        'timeout',
+        'econnreset',
+        'econnrefused',
+        'socket hang up',
+        'fetch failed',
+    ];
+    return networkPatterns.some(pattern => lowerMessage.includes(pattern));
+}
+function getStatusCode(error) {
+    if (!error)
+        return null;
+    if (typeof error.statusCode === 'number') {
+        return error.statusCode;
+    }
+    if (typeof error.status === 'number') {
+        return error.status;
+    }
+    if (error.response && typeof error.response.status === 'number') {
+        return error.response.status;
+    }
+    return null;
+}
+function isRecoverableStatusCode(statusCode) {
+    const recoverableCodes = [
+        429,
+        502,
+        503,
+        504,
+    ];
+    return recoverableCodes.includes(statusCode);
+}
+function isUnrecoverableStatusCode(statusCode) {
+    const unrecoverableCodes = [
+        400,
+        402,
+        403,
+        404,
+    ];
+    return unrecoverableCodes.includes(statusCode);
+}
+function isRecoverableErrorImpl(error) {
+    if (!error)
+        return false;
+    if (error instanceof KiroTokenRefreshError) {
+        return false;
+    }
+    if (error instanceof KiroQuotaExhaustedError) {
+        return false;
+    }
+    if (error instanceof KiroRateLimitError) {
+        return true;
+    }
+    if (error instanceof KiroAuthError) {
+        const statusCode = error.statusCode;
+        if (statusCode === 401) {
+            return true;
+        }
+        if (statusCode && isUnrecoverableStatusCode(statusCode)) {
+            return false;
+        }
+        return true;
+    }
+    if (isNetworkError(error)) {
+        return true;
+    }
+    const statusCode = getStatusCode(error);
+    if (statusCode !== null) {
+        if (isUnrecoverableStatusCode(statusCode)) {
+            return false;
+        }
+        if (isRecoverableStatusCode(statusCode)) {
+            return true;
+        }
+    }
+    return false;
+}
+function getErrorMessage(error) {
+    if (!error)
+        return 'Unknown error';
+    if (typeof error === 'string') {
+        return error;
+    }
+    if (error.message && typeof error.message === 'string') {
+        return error.message;
+    }
+    if (error.toString && typeof error.toString === 'function') {
+        return error.toString();
+    }
+    try {
+        return JSON.stringify(error);
+    }
+    catch {
+        return 'Unknown error';
+    }
+}
+export function createSessionRecoveryHook(enabled, autoResume) {
+    const handleSessionError = async (error, sessionId) => {
+        if (!enabled) {
+            return false;
+        }
+        if (!sessionId) {
+            logger.warn('No session ID provided for recovery');
+            return false;
+        }
+        if (!isRecoverableErrorImpl(error)) {
+            logger.debug('Error is not recoverable', { sessionId, error: getErrorMessage(error) });
+            return false;
+        }
+        try {
+            const storage = await loadRecoveryState();
+            let sessionState = storage.sessions[sessionId];
+            if (!sessionState) {
+                sessionState = {
+                    sessionId,
+                    conversationId: '',
+                    model: '',
+                    lastMessageIndex: 0,
+                    errorCount: 1,
+                    lastError: getErrorMessage(error),
+                    timestamp: Date.now(),
+                };
+            }
+            else {
+                sessionState.errorCount += 1;
+                sessionState.lastError = getErrorMessage(error);
+                sessionState.timestamp = Date.now();
+            }
+            if (sessionState.errorCount > MAX_ERROR_COUNT) {
+                logger.warn('Session error count exceeded maximum', {
+                    sessionId,
+                    errorCount: sessionState.errorCount
+                });
+                delete storage.sessions[sessionId];
+                await saveRecoveryState(storage);
+                return false;
+            }
+            storage.sessions[sessionId] = sessionState;
+            await saveRecoveryState(storage);
+            logger.log('Session error recorded for recovery', {
+                sessionId,
+                errorCount: sessionState.errorCount,
+                shouldRetry: true
+            });
+            return true;
+        }
+        catch (storageError) {
+            logger.error('Failed to handle session error', storageError);
+            return false;
+        }
+    };
+    const isRecoverableError = (error) => {
+        return isRecoverableErrorImpl(error);
+    };
+    const clearSession = async (sessionId) => {
+        if (!sessionId) {
+            return;
+        }
+        try {
+            const storage = await loadRecoveryState();
+            if (storage.sessions[sessionId]) {
+                delete storage.sessions[sessionId];
+                await saveRecoveryState(storage);
+                logger.debug('Session cleared from recovery state', { sessionId });
+            }
+        }
+        catch (error) {
+            logger.error('Failed to clear session', error);
+        }
+    };
+    return {
+        handleSessionError,
+        isRecoverableError,
+        clearSession,
+    };
+}

package/dist/plugin/refresh-queue.d.ts

@@ -0,0 +1,14 @@
+import type { KiroAuthDetails } from './types';
+import type { AccountManager } from './accounts';
+export interface ProactiveRefreshQueue {
+    start(): void;
+    stop(): void;
+    setAccountManager(manager: AccountManager): void;
+}
+export interface RefreshQueueConfig {
+    enabled: boolean;
+    checkIntervalSeconds: number;
+    bufferSeconds: number;
+}
+export declare function isTokenExpiringSoon(auth: KiroAuthDetails, bufferMs: number): boolean;
+export declare function createProactiveRefreshQueue(config: RefreshQueueConfig): ProactiveRefreshQueue;

package/dist/plugin/refresh-queue.js

@@ -0,0 +1,69 @@
+import { refreshAccessToken } from './token';
+import * as logger from './logger';
+export function isTokenExpiringSoon(auth, bufferMs) {
+    const now = Date.now();
+    const expiresAt = auth.expires;
+    const timeUntilExpiry = expiresAt - now;
+    return timeUntilExpiry <= bufferMs && timeUntilExpiry > 0;
+}
+export function createProactiveRefreshQueue(config) {
+    let intervalId = null;
+    let accountManager = null;
+    let isRunning = false;
+    async function checkAndRefresh() {
+        if (!accountManager) {
+            return;
+        }
+        try {
+            const accounts = accountManager.getAccounts();
+            const bufferMs = config.bufferSeconds * 1000;
+            for (const account of accounts) {
+                try {
+                    const auth = accountManager.toAuthDetails(account);
+                    if (isTokenExpiringSoon(auth, bufferMs)) {
+                        logger.log(`[RefreshQueue] Token expiring soon for account ${account.email}, refreshing...`);
+                        const refreshedAuth = await refreshAccessToken(auth);
+                        accountManager.updateFromAuth(account, refreshedAuth);
+                        await accountManager.saveToDisk();
+                        logger.log(`[RefreshQueue] Successfully refreshed token for account ${account.email}`);
+                    }
+                }
+                catch (error) {
+                    logger.error(`[RefreshQueue] Failed to refresh token for account ${account.email}: ${error instanceof Error ? error.message : String(error)}`);
+                }
+            }
+        }
+        catch (error) {
+            logger.error(`[RefreshQueue] Error during refresh check: ${error instanceof Error ? error.message : String(error)}`);
+        }
+    }
+    function start() {
+        if (!config.enabled || isRunning) {
+            return;
+        }
+        const intervalMs = config.checkIntervalSeconds * 1000;
+        intervalId = setInterval(() => {
+            checkAndRefresh().catch((error) => {
+                logger.error(`[RefreshQueue] Unhandled error in refresh check: ${error instanceof Error ? error.message : String(error)}`);
+            });
+        }, intervalMs);
+        isRunning = true;
+        logger.log(`[RefreshQueue] Started proactive refresh queue (interval: ${config.checkIntervalSeconds}s, buffer: ${config.bufferSeconds}s)`);
+    }
+    function stop() {
+        if (intervalId) {
+            clearInterval(intervalId);
+            intervalId = null;
+        }
+        isRunning = false;
+        logger.log('[RefreshQueue] Stopped proactive refresh queue');
+    }
+    function setAccountManager(manager) {
+        accountManager = manager;
+    }
+    return {
+        start,
+        stop,
+        setAccountManager,
+    };
+}

package/dist/plugin/request.d.ts

@@ -0,0 +1,4 @@
+import type { KiroAuthDetails, PreparedRequest } from './types';
+export declare function transformToCodeWhisperer(url: string, body: any, model: string, auth: KiroAuthDetails, think?: boolean, budget?: number): PreparedRequest;
+export declare function mergeAdjacentMessages(msgs: any[]): any[];
+export declare function convertToolsToCodeWhisperer(tools: any[]): any[];

package/dist/plugin/request.js

@@ -0,0 +1,240 @@
+import * as crypto from 'crypto';
+import * as os from 'os';
+import { KIRO_CONSTANTS } from '../constants';
+import { resolveKiroModel } from './models';
+export function transformToCodeWhisperer(url, body, model, auth, think = false, budget = 20000) {
+    const req = typeof body === 'string' ? JSON.parse(body) : body;
+    const { messages, tools, system } = req;
+    if (!messages || messages.length === 0)
+        throw new Error('No messages');
+    const resolved = resolveKiroModel(model);
+    const convId = crypto.randomUUID();
+    let sys = system || '';
+    if (think) {
+        const pfx = `<thinking_mode>enabled</thinking_mode><max_thinking_length>${budget}</max_thinking_length>`;
+        sys = sys.includes('<thinking_mode>') ? sys : sys ? `${pfx}\n${sys}` : pfx;
+    }
+    const msgs = mergeAdjacentMessages([...messages]);
+    const lastMsg = msgs[msgs.length - 1];
+    if (lastMsg && lastMsg.role === 'assistant' && getContentText(lastMsg) === '{')
+        msgs.pop();
+    const cwTools = tools ? convertToolsToCodeWhisperer(tools) : [];
+    const history = [];
+    let start = 0;
+    if (sys) {
+        const first = msgs[0];
+        if (first && first.role === 'user') {
+            history.push({ userInputMessage: { content: `${sys}\n\n${getContentText(first)}`, modelId: resolved, origin: KIRO_CONSTANTS.ORIGIN_AI_EDITOR } });
+            start = 1;
+        }
+        else
+            history.push({ userInputMessage: { content: sys, modelId: resolved, origin: KIRO_CONSTANTS.ORIGIN_AI_EDITOR } });
+    }
+    for (let i = start; i < msgs.length - 1; i++) {
+        const m = msgs[i];
+        if (!m)
+            continue;
+        if (m.role === 'user') {
+            const uim = { content: '', modelId: resolved, origin: KIRO_CONSTANTS.ORIGIN_AI_EDITOR };
+            const trs = [], imgs = [];
+            if (Array.isArray(m.content)) {
+                for (const p of m.content) {
+                    if (p.type === 'text')
+                        uim.content += p.text || '';
+                    else if (p.type === 'tool_result')
+                        trs.push({ content: [{ text: getContentText(p) }], status: 'success', toolUseId: p.tool_use_id });
+                    else if (p.type === 'image' && p.source)
+                        imgs.push({ format: p.source.media_type?.split('/')[1] || 'png', source: { bytes: p.source.data } });
+                }
+            }
+            else
+                uim.content = getContentText(m);
+            if (imgs.length)
+                uim.images = imgs;
+            if (trs.length)
+                uim.userInputMessageContext = { toolResults: deduplicateToolResults(trs) };
+            const prev = history[history.length - 1];
+            if (prev && prev.userInputMessage)
+                history.push({ assistantResponseMessage: { content: 'Continue' } });
+            history.push({ userInputMessage: uim });
+        }
+        else if (m.role === 'assistant') {
+            const arm = { content: '' };
+            const tus = [];
+            let th = '';
+            if (Array.isArray(m.content)) {
+                for (const p of m.content) {
+                    if (p.type === 'text')
+                        arm.content += p.text || '';
+                    else if (p.type === 'thinking')
+                        th += p.thinking || p.text || '';
+                    else if (p.type === 'tool_use')
+                        tus.push({ input: p.input, name: p.name, toolUseId: p.id });
+                }
+            }
+            else
+                arm.content = getContentText(m);
+            if (th)
+                arm.content = arm.content ? `<thinking>${th}</thinking>\n\n${arm.content}` : `<thinking>${th}</thinking>`;
+            if (tus.length)
+                arm.toolUses = tus;
+            const prev = history[history.length - 1];
+            if (prev && prev.assistantResponseMessage)
+                history.push({ userInputMessage: { content: 'Continue', modelId: resolved, origin: KIRO_CONSTANTS.ORIGIN_AI_EDITOR } });
+            history.push({ assistantResponseMessage: arm });
+        }
+    }
+    const curMsg = msgs[msgs.length - 1];
+    if (!curMsg)
+        throw new Error('Empty');
+    let curContent = '';
+    const curTrs = [], curImgs = [];
+    if (curMsg.role === 'assistant') {
+        const arm = { content: '' };
+        let th = '';
+        if (Array.isArray(curMsg.content)) {
+            for (const p of curMsg.content) {
+                if (p.type === 'text')
+                    arm.content += p.text || '';
+                else if (p.type === 'thinking')
+                    th += p.thinking || p.text || '';
+                else if (p.type === 'tool_use') {
+                    if (!arm.toolUses)
+                        arm.toolUses = [];
+                    arm.toolUses.push({ input: p.input, name: p.name, toolUseId: p.id });
+                }
+            }
+        }
+        else
+            arm.content = getContentText(curMsg);
+        if (th)
+            arm.content = arm.content ? `<thinking>${th}</thinking>\n\n${arm.content}` : `<thinking>${th}</thinking>`;
+        history.push({ assistantResponseMessage: arm });
+        curContent = 'Continue';
+    }
+    else {
+        const prev = history[history.length - 1];
+        if (prev && !prev.assistantResponseMessage)
+            history.push({ assistantResponseMessage: { content: 'Continue' } });
+        if (Array.isArray(curMsg.content)) {
+            for (const p of curMsg.content) {
+                if (p.type === 'text')
+                    curContent += p.text || '';
+                else if (p.type === 'tool_result')
+                    curTrs.push({ content: [{ text: getContentText(p) }], status: 'success', toolUseId: p.tool_use_id });
+                else if (p.type === 'image' && p.source)
+                    curImgs.push({ format: p.source.media_type?.split('/')[1] || 'png', source: { bytes: p.source.data } });
+            }
+        }
+        else
+            curContent = getContentText(curMsg);
+        if (!curContent)
+            curContent = curTrs.length ? 'Tool results provided.' : 'Continue';
+    }
+    const request = {
+        conversationState: {
+            chatTriggerType: KIRO_CONSTANTS.CHAT_TRIGGER_TYPE_MANUAL,
+            conversationId: convId,
+            history,
+            currentMessage: { userInputMessage: { content: curContent, modelId: resolved, origin: KIRO_CONSTANTS.ORIGIN_AI_EDITOR } }
+        }
+    };
+    const uim = request.conversationState.currentMessage.userInputMessage;
+    if (uim) {
+        if (curImgs.length)
+            uim.images = curImgs;
+        const ctx = {};
+        if (curTrs.length)
+            ctx.toolResults = deduplicateToolResults(curTrs);
+        if (cwTools.length)
+            ctx.tools = cwTools;
+        if (Object.keys(ctx).length)
+            uim.userInputMessageContext = ctx;
+    }
+    const machineId = crypto
+        .createHash('sha256')
+        .update(auth.profileArn || auth.clientId || 'KIRO_DEFAULT_MACHINE')
+        .digest('hex');
+    const osP = os.platform(), osR = os.release(), nodeV = process.version.replace('v', ''), kiroV = KIRO_CONSTANTS.KIRO_VERSION;
+    const osN = osP === 'win32' ? `windows#${osR}` : osP === 'darwin' ? `macos#${osR}` : `${osP}#${osR}`;
+    const ua = `aws-sdk-js/1.0.0 ua/2.1 os/${osN} lang/js md/nodejs#${nodeV} api/codewhispererruntime#1.0.0 m/E KiroIDE-${kiroV}-${machineId}`;
+    return {
+        url: KIRO_CONSTANTS.BASE_URL.replace('{{region}}', auth.region),
+        init: {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Accept: 'application/json',
+                Authorization: `Bearer ${auth.access}`,
+                'amz-sdk-invocation-id': crypto.randomUUID(),
+                'amz-sdk-request': 'attempt=1; max=1',
+                'x-amzn-kiro-agent-mode': 'vibe',
+                'x-amz-user-agent': `aws-sdk-js/1.0.0 KiroIDE-${kiroV}-${machineId}`,
+                'user-agent': ua,
+                Connection: 'close'
+            },
+            body: JSON.stringify(request)
+        },
+        streaming: true,
+        effectiveModel: resolved,
+        conversationId: convId
+    };
+}
+export function mergeAdjacentMessages(msgs) {
+    const merged = [];
+    for (const m of msgs) {
+        if (!merged.length)
+            merged.push({ ...m });
+        else {
+            const last = merged[merged.length - 1];
+            if (last && m.role === last.role) {
+                if (Array.isArray(last.content) && Array.isArray(m.content))
+                    last.content.push(...m.content);
+                else if (typeof last.content === 'string' && typeof m.content === 'string')
+                    last.content += '\n' + m.content;
+                else if (Array.isArray(last.content) && typeof m.content === 'string')
+                    last.content.push({ type: 'text', text: m.content });
+                else if (typeof last.content === 'string' && Array.isArray(m.content))
+                    last.content = [{ type: 'text', text: last.content }, ...m.content];
+            }
+            else
+                merged.push({ ...m });
+        }
+    }
+    return merged;
+}
+export function convertToolsToCodeWhisperer(tools) {
+    return tools
+        .filter((t) => !['web_search', 'websearch'].includes((t.name || t.function?.name || '').toLowerCase()))
+        .map((t) => ({
+        toolSpecification: {
+            name: t.name || t.function?.name,
+            description: (t.description || t.function?.description || '').substring(0, 9216),
+            inputSchema: { json: t.input_schema || t.function?.parameters || {} }
+        }
+    }));
+}
+function getContentText(m) {
+    if (!m)
+        return '';
+    if (typeof m === 'string')
+        return m;
+    if (typeof m.content === 'string')
+        return m.content;
+    if (Array.isArray(m.content))
+        return m.content
+            .filter((p) => p.type === 'text')
+            .map((p) => p.text || '')
+            .join('');
+    return m.text || '';
+}
+function deduplicateToolResults(trs) {
+    const u = [], s = new Set();
+    for (const t of trs) {
+        if (!s.has(t.toolUseId)) {
+            s.add(t.toolUseId);
+            u.push(t);
+        }
+    }
+    return u;
+}

package/dist/plugin/response.d.ts

@@ -0,0 +1,6 @@
+import { ToolCall, ParsedResponse } from './types';
+export declare function parseEventStream(rawResponse: string): ParsedResponse;
+export declare function parseEventLine(line: string): any | null;
+export declare function parseBracketToolCalls(text: string): ToolCall[];
+export declare function deduplicateToolCalls(toolCalls: ToolCall[]): ToolCall[];
+export declare function cleanToolCallsFromText(text: string, toolCalls: ToolCall[]): string;