agentgui 1.0.917 → 1.0.918

package/lib/oauth-common.js

@@ -1,92 +0,0 @@
-import crypto from 'crypto';
-
-export function buildBaseUrl(req, PORT) {
-  const override = process.env.AGENTGUI_BASE_URL;
-  if (override) return override.replace(/\/+$/, '');
-  const fwdProto = req.headers['x-forwarded-proto'];
-  const fwdHost = req.headers['x-forwarded-host'] || req.headers['host'];
-  if (fwdHost) {
-    const proto = fwdProto || (req.socket.encrypted ? 'https' : 'http');
-    const cleanHost = fwdHost.replace(/:443$/, '').replace(/:80$/, '');
-    return `${proto}://${cleanHost}`;
-  }
-  return `http://127.0.0.1:${PORT}`;
-}
-
-export function isRemoteRequest(req) {
-  return !!(req && (req.headers['x-forwarded-for'] || req.headers['x-forwarded-host'] || req.headers['x-forwarded-proto']));
-}
-
-export function encodeOAuthState(csrfToken, relayUrl) {
-  const payload = JSON.stringify({ t: csrfToken, r: relayUrl });
-  return Buffer.from(payload).toString('base64url');
-}
-
-export function decodeOAuthState(stateStr) {
-  try {
-    const payload = JSON.parse(Buffer.from(stateStr, 'base64url').toString());
-    return { csrfToken: payload.t, relayUrl: payload.r };
-  } catch (_) {
-    return { csrfToken: stateStr, relayUrl: null };
-  }
-}
-
-export function oauthResultPage(title, message, success) {
-  const color = success ? '#10b981' : '#ef4444';
-  const icon = success ? '✓' : '✗';
-  return `<!DOCTYPE html><html><head><title>${title}</title></head>
-<body style="margin:0;display:flex;align-items:center;justify-content:center;min-height:100vh;background:#111827;font-family:system-ui,sans-serif;color:white;">
-<div style="text-align:center;max-width:400px;padding:2rem;">
-<div style="font-size:4rem;color:${color};margin-bottom:1rem;">${icon}</div>
-<h1 style="font-size:1.5rem;margin-bottom:0.5rem;">${title}</h1>
-<p style="color:#9ca3af;">${message}</p>
-<p style="color:#6b7280;margin-top:1rem;font-size:0.875rem;">You can close this tab.</p>
-</div></body></html>`;
-}
-
-export function oauthRelayPage(code, state, error) {
-  const stateData = decodeOAuthState(state || '');
-  const relayUrl = stateData.relayUrl || '';
-  const escapedCode = (code || '').replace(/['"\\]/g, '');
-  const escapedState = (state || '').replace(/['"\\]/g, '');
-  const escapedError = (error || '').replace(/['"\\]/g, '');
-  const escapedRelay = relayUrl.replace(/['"\\]/g, '');
-  return `<!DOCTYPE html><html><head><title>Completing sign-in...</title></head>
-<body style="margin:0;display:flex;align-items:center;justify-content:center;min-height:100vh;background:#111827;font-family:system-ui,sans-serif;color:white;">
-<div id="status" style="text-align:center;max-width:400px;padding:2rem;">
-<div id="spinner" style="font-size:2rem;margin-bottom:1rem;">&#8987;</div>
-<h1 id="title" style="font-size:1.5rem;margin-bottom:0.5rem;">Completing sign-in...</h1>
-<p id="msg" style="color:#9ca3af;">Relaying authentication to server...</p>
-</div>
-<script>
-(function() {
-  var code = '${escapedCode}';
-  var state = '${escapedState}';
-  var error = '${escapedError}';
-  var relayUrl = '${escapedRelay}';
-  function show(icon, title, msg, color) {
-    document.getElementById('spinner').textContent = icon;
-    document.getElementById('spinner').style.color = color;
-    document.getElementById('title').textContent = title;
-    document.getElementById('msg').textContent = msg;
-  }
-  if (error) { show('\\u2717', 'Authentication Failed', error, '#ef4444'); return; }
-  if (!code) { show('\\u2717', 'Authentication Failed', 'No authorization code received.', '#ef4444'); return; }
-  if (!relayUrl) { show('\\u2713', 'Authentication Successful', 'Credentials saved. You can close this tab.', '#10b981'); return; }
-  fetch(relayUrl, {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({ code: code, state: state })
-  }).then(function(r) { return r.json(); }).then(function(data) {
-    if (data.success) {
-      show('\\u2713', 'Authentication Successful', data.email ? 'Signed in as ' + data.email + '. You can close this tab.' : 'Credentials saved. You can close this tab.', '#10b981');
-    } else {
-      show('\\u2717', 'Authentication Failed', data.error || 'Unknown error', '#ef4444');
-    }
-  }).catch(function(e) {
-    show('\\u2717', 'Relay Failed', 'Could not reach server: ' + e.message + '. You may need to paste the URL manually.', '#ef4444');
-  });
-})();
-</script>
-</body></html>`;
-}

package/lib/oauth-gemini.js

@@ -1,199 +0,0 @@
-import fs from 'fs';
-import path from 'path';
-import os from 'os';
-import crypto from 'crypto';
-import { execSync } from 'child_process';
-import { OAuth2Client } from 'google-auth-library';
-import { findCommand } from './agent-discovery.js';
-import { buildBaseUrl, isRemoteRequest, encodeOAuthState, decodeOAuthState, oauthResultPage, oauthRelayPage } from './oauth-common.js';
-
-const GEMINI_SCOPES = [
-  'https://www.googleapis.com/auth/cloud-platform',
-  'https://www.googleapis.com/auth/userinfo.email',
-  'https://www.googleapis.com/auth/userinfo.profile',
-];
-const GEMINI_DIR = path.join(os.homedir(), '.gemini');
-const GEMINI_OAUTH_FILE = path.join(GEMINI_DIR, 'oauth_creds.json');
-const GEMINI_ACCOUNTS_FILE = path.join(GEMINI_DIR, 'google_accounts.json');
-let geminiOAuthState = { status: 'idle', error: null, email: null };
-let geminiOAuthPending = null;
-function extractOAuthFromFile(oauth2Path) {
-  try {
-    const src = fs.readFileSync(oauth2Path, 'utf8');
-    const idMatch = src.match(/OAUTH_CLIENT_ID\s*=\s*['"]([^'"]+)['"]/);
-    const secretMatch = src.match(/OAUTH_CLIENT_SECRET\s*=\s*['"]([^'"]+)['"]/);
-    if (idMatch && secretMatch) return { clientId: idMatch[1], clientSecret: secretMatch[1] };
-  } catch {}
-  return null;
-}
-
-export function getGeminiOAuthCreds(rootDir) {
-  if (process.env.GOOGLE_OAUTH_CLIENT_ID && process.env.GOOGLE_OAUTH_CLIENT_SECRET) {
-    return { clientId: process.env.GOOGLE_OAUTH_CLIENT_ID, clientSecret: process.env.GOOGLE_OAUTH_CLIENT_SECRET, custom: true };
-  }
-  const oauthRelPath = path.join('node_modules', '@google', 'gemini-cli-core', 'dist', 'src', 'code_assist', 'oauth2.js');
-  try {
-    const geminiPath = findCommand('gemini', rootDir);
-    if (geminiPath) {
-      const realPath = fs.realpathSync(geminiPath);
-      const pkgRoot = path.resolve(path.dirname(realPath), '..');
-      const result = extractOAuthFromFile(path.join(pkgRoot, oauthRelPath));
-      if (result) return result;
-    }
-  } catch (e) {
-    console.error('[gemini-oauth] gemini lookup failed:', e.message);
-  }
-  try {
-    const npmCacheDirs = new Set();
-    const addDir = (d) => { if (d) npmCacheDirs.add(path.join(d, '_npx')); };
-    addDir(path.join(os.homedir(), '.npm'));
-    addDir(path.join(os.homedir(), '.cache', '.npm'));
-    if (process.env.NPM_CACHE) addDir(process.env.NPM_CACHE);
-    if (process.env.npm_config_cache) addDir(process.env.npm_config_cache);
-    try { addDir(execSync('npm config get cache', { encoding: 'utf8', timeout: 5000 }).trim()); } catch {}
-    for (const cacheDir of npmCacheDirs) {
-      if (!fs.existsSync(cacheDir)) continue;
-      for (const d of fs.readdirSync(cacheDir).filter(d => !d.startsWith('.'))) {
-        const result = extractOAuthFromFile(path.join(cacheDir, d, oauthRelPath));
-        if (result) return result;
-      }
-    }
-  } catch (e) {
-    console.error('[gemini-oauth] npm cache scan failed:', e.message);
-  }
-  console.error('[gemini-oauth] Could not find Gemini CLI OAuth credentials in any known location');
-  return null;
-}
-
-function saveGeminiCredentials(tokens, email) {
-  if (!fs.existsSync(GEMINI_DIR)) fs.mkdirSync(GEMINI_DIR, { recursive: true });
-  fs.writeFileSync(GEMINI_OAUTH_FILE, JSON.stringify(tokens, null, 2), { mode: 0o600 });
-  try { fs.chmodSync(GEMINI_OAUTH_FILE, 0o600); } catch (_) {}
-  let accounts = { active: null, old: [] };
-  try {
-    if (fs.existsSync(GEMINI_ACCOUNTS_FILE)) {
-      accounts = JSON.parse(fs.readFileSync(GEMINI_ACCOUNTS_FILE, 'utf8'));
-    }
-  } catch (_) {}
-  if (email) {
-    if (accounts.active && accounts.active !== email && !accounts.old.includes(accounts.active)) {
-      accounts.old.push(accounts.active);
-    }
-    accounts.active = email;
-  }
-  fs.writeFileSync(GEMINI_ACCOUNTS_FILE, JSON.stringify(accounts, null, 2), { mode: 0o600 });
-}
-
-export async function startGeminiOAuth(req, { PORT, BASE_URL, rootDir }) {
-  const creds = getGeminiOAuthCreds(rootDir);
-  if (!creds) throw new Error('Could not find Gemini CLI OAuth credentials. Install gemini CLI first.');
-  const useCustomClient = !!creds.custom;
-  const remote = isRemoteRequest(req);
-  let redirectUri;
-  if (useCustomClient && req) {
-    redirectUri = `${buildBaseUrl(req, PORT)}${BASE_URL}/oauth2callback`;
-  } else {
-    redirectUri = `http://localhost:${PORT}${BASE_URL}/oauth2callback`;
-  }
-  const csrfToken = crypto.randomBytes(32).toString('hex');
-  const relayUrl = req ? `${buildBaseUrl(req, PORT)}${BASE_URL}/api/gemini-oauth/relay` : null;
-  const state = encodeOAuthState(csrfToken, relayUrl);
-  const client = new OAuth2Client({ clientId: creds.clientId, clientSecret: creds.clientSecret });
-  const authUrl = client.generateAuthUrl({ redirect_uri: redirectUri, access_type: 'offline', scope: GEMINI_SCOPES, state });
-  const mode = useCustomClient ? 'custom' : (remote ? 'cli-remote' : 'cli-local');
-  geminiOAuthPending = { client, redirectUri, state: csrfToken };
-  geminiOAuthState = { status: 'pending', error: null, email: null };
-  if (geminiOAuthPending._timeout) clearTimeout(geminiOAuthPending._timeout);
-  geminiOAuthPending._timeout = setTimeout(() => {
-    if (geminiOAuthState.status === 'pending') {
-      geminiOAuthState = { status: 'error', error: 'Authentication timed out', email: null };
-      geminiOAuthPending = null;
-    }
-  }, 5 * 60 * 1000);
-  return { authUrl, mode };
-}
-
-export async function exchangeGeminiOAuthCode(code, stateParam) {
-  if (!geminiOAuthPending) throw new Error('No pending OAuth flow. Please start authentication again.');
-  if (geminiOAuthPending._timeout) { clearTimeout(geminiOAuthPending._timeout); geminiOAuthPending._timeout = null; }
-  const { client, redirectUri, state: expectedCsrf } = geminiOAuthPending;
-  const { csrfToken } = decodeOAuthState(stateParam);
-  if (csrfToken !== expectedCsrf) {
-    geminiOAuthState = { status: 'error', error: 'State mismatch', email: null };
-    geminiOAuthPending = null;
-    throw new Error('State mismatch - possible CSRF attack.');
-  }
-  if (!code) {
-    geminiOAuthState = { status: 'error', error: 'No authorization code received', email: null };
-    geminiOAuthPending = null;
-    throw new Error('No authorization code received.');
-  }
-  const { tokens } = await client.getToken({ code, redirect_uri: redirectUri });
-  client.setCredentials(tokens);
-  let email = '';
-  try {
-    const { token } = await client.getAccessToken();
-    if (token) {
-      const resp = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', { headers: { Authorization: `Bearer ${token}` } });
-      if (resp.ok) { const info = await resp.json(); email = info.email || ''; }
-    }
-  } catch (_) {}
-  saveGeminiCredentials(tokens, email);
-  geminiOAuthState = { status: 'success', error: null, email };
-  geminiOAuthPending = null;
-  return email;
-}
-
-export async function handleGeminiOAuthCallback(req, res, PORT) {
-  const reqUrl = new URL(req.url, `http://localhost:${PORT}`);
-  const code = reqUrl.searchParams.get('code');
-  const state = reqUrl.searchParams.get('state');
-  const error = reqUrl.searchParams.get('error');
-  const errorDesc = reqUrl.searchParams.get('error_description');
-  if (error) {
-    const desc = errorDesc || error;
-    geminiOAuthState = { status: 'error', error: desc, email: null };
-    geminiOAuthPending = null;
-  }
-  const stateData = decodeOAuthState(state || '');
-  if (stateData.relayUrl) {
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(oauthRelayPage(code, state, errorDesc || error));
-    return;
-  }
-  if (!geminiOAuthPending) {
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(oauthResultPage('Authentication Failed', 'No pending OAuth flow.', false));
-    return;
-  }
-  try {
-    if (error) throw new Error(errorDesc || error);
-    const email = await exchangeGeminiOAuthCode(code, state);
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(oauthResultPage('Authentication Successful', email ? `Signed in as ${email}` : 'Gemini CLI credentials saved.', true));
-  } catch (e) {
-    res.writeHead(200, { 'Content-Type': 'text/html' });
-    res.end(oauthResultPage('Authentication Failed', e.message, false));
-  }
-}
-
-export function getGeminiOAuthStatus() {
-  try {
-    if (fs.existsSync(GEMINI_OAUTH_FILE)) {
-      const creds = JSON.parse(fs.readFileSync(GEMINI_OAUTH_FILE, 'utf8'));
-      if (creds.refresh_token || creds.access_token) {
-        let email = '';
-        try {
-          if (fs.existsSync(GEMINI_ACCOUNTS_FILE)) {
-            const accts = JSON.parse(fs.readFileSync(GEMINI_ACCOUNTS_FILE, 'utf8'));
-            email = accts.active || '';
-          }
-        } catch (_) {}
-        return { hasKey: true, apiKey: email || '****oauth', defaultModel: '', path: GEMINI_OAUTH_FILE, authMethod: 'oauth' };
-      }
-    }
-  } catch (_) {}
-  return null;
-}
-export function getGeminiOAuthState() { return geminiOAuthState; }
-export function getGeminiOAuthPending() { return geminiOAuthPending; }

package/lib/plugins/auth-plugin.js

@@ -1,132 +0,0 @@
-// Auth plugin - OAuth2, provider config, agentauth integration
-
-import http from 'http';
-
-export default {
-  name: 'auth',
-  version: '1.0.0',
-  dependencies: ['database'],
-
-  async init(config, plugins) {
-    const db = plugins.get('database');
-    const providerConfigs = new Map();
-    const oauthClients = new Map();
-    const sessions = new Map();
-
-    // Detect provider configs on startup
-    const detectProviders = () => {
-      const providers = [
-        { id: 'anthropic', name: 'Anthropic', configured: false },
-        { id: 'google', name: 'Google', configured: false },
-        { id: 'github', name: 'GitHub', configured: false },
-      ];
-      providers.forEach(p => providerConfigs.set(p.id, p));
-      return providers;
-    };
-
-    detectProviders();
-
-    // Agentauth integration
-    const agentauthStart = async (provider, scopes) => {
-      return new Promise((resolve, reject) => {
-        const options = {
-          hostname: 'localhost',
-          port: 8765,
-          path: '/auth/start',
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-        };
-
-        const req = http.request(options, (res) => {
-          let data = '';
-          res.on('data', chunk => data += chunk);
-          res.on('end', () => {
-            try {
-              resolve(JSON.parse(data));
-            } catch (e) {
-              reject(new Error('Agentauth unavailable'));
-            }
-          });
-        });
-
-        req.on('error', () => reject(new Error('Agentauth service not running')));
-        req.write(JSON.stringify({ provider, scopes }));
-        req.end();
-      });
-    };
-
-    return {
-      routes: [
-        {
-          method: 'GET',
-          path: '/api/auth/status',
-          handler: (req, res) => {
-            res.json({ authenticated: sessions.size > 0, sessions: Array.from(sessions.keys()) });
-          },
-        },
-        {
-          method: 'GET',
-          path: '/api/auth/configs',
-          handler: (req, res) => {
-            const masked = Array.from(providerConfigs.values()).map(p => ({
-              id: p.id,
-              name: p.name,
-              configured: p.configured,
-            }));
-            res.json({ providers: masked });
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/auth/callback',
-          handler: (req, res) => {
-            const { code } = req.body;
-            res.json({ success: true, code });
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/auth/logout',
-          handler: (req, res) => {
-            sessions.clear();
-            res.json({ success: true });
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/auth/agentauth-start',
-          handler: async (req, res) => {
-            const { provider, scopes } = req.body;
-            try {
-              const result = await agentauthStart(provider, scopes);
-              res.json(result);
-            } catch (e) {
-              res.status(503).json({ error: e.message });
-            }
-          },
-        },
-        {
-          method: 'GET',
-          path: '/api/auth/agentauth-status',
-          handler: async (req, res) => {
-            const { code } = req.query;
-            res.json({ status: 'polling-not-implemented' });
-          },
-        },
-      ],
-      wsHandlers: {},
-      api: {
-        getProviders: () => Array.from(providerConfigs.values()),
-      },
-      stop: async () => {
-        sessions.clear();
-      },
-    };
-  },
-
-  async reload(state) {
-    return state;
-  },
-
-  async stop() {},
-};

package/lib/plugins/speech-plugin.js

@@ -1,72 +0,0 @@
-// Speech plugin - STT/TTS model management, download on startup
-
-import path from 'path';
-
-export default {
-  name: 'speech',
-  version: '1.0.0',
-  dependencies: ['database'],
-
-  async init(config, plugins) {
-    const modelsDir = path.join(process.env.HOME || '/tmp', '.gmgui', 'models');
-    let modelsReady = false;
-    const downloadProgress = new Map();
-    let voiceList = [];
-    const modelCache = new Map();
-
-    // Models would be downloaded here on startup
-    modelsReady = true;
-    voiceList = ['en-US', 'en-GB', 'es-ES', 'fr-FR', 'de-DE'];
-
-    return {
-      routes: [
-        {
-          method: 'POST',
-          path: '/api/stt',
-          handler: async (req, res) => {
-            if (!modelsReady) return res.status(503).json({ error: 'Models loading' });
-            res.json({ text: 'transcription-not-implemented' });
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/tts',
-          handler: async (req, res) => {
-            if (!modelsReady) return res.status(503).json({ error: 'Models loading' });
-            const { text } = req.body;
-            res.json({ audio: 'base64-audio-not-implemented' });
-          },
-        },
-        {
-          method: 'GET',
-          path: '/api/speech-status',
-          handler: (req, res) => {
-            res.json({ ready: modelsReady, progress: Object.fromEntries(downloadProgress) });
-          },
-        },
-        {
-          method: 'GET',
-          path: '/api/voices',
-          handler: (req, res) => {
-            res.json({ voices: voiceList });
-          },
-        },
-      ],
-      wsHandlers: {
-        model_download_progress: (data, clients) => {},
-        voice_list: (data, clients) => {},
-      },
-      api: {
-        getVoices: () => voiceList,
-        isReady: () => modelsReady,
-      },
-      stop: async () => {},
-    };
-  },
-
-  async reload(state) {
-    return state;
-  },
-
-  async stop() {},
-};

package/lib/plugins/tools-plugin.js

@@ -1,120 +0,0 @@
-// Tools plugin - tool detection, versioning, install/update handlers
-
-import { spawnSync } from 'child_process';
-import os from 'os';
-
-const isWindows = os.platform() === 'win32';
-const bunCmd = isWindows ? 'bun.cmd' : 'bun';
-
-export default {
-  name: 'tools',
-  version: '1.0.0',
-  dependencies: ['database'],
-
-  async init(config, plugins) {
-    const db = plugins.get('database');
-    const toolCache = new Map();
-    const installInProgress = new Set();
-    const operationQueue = [];
-
-    const detectTools = async () => {
-      const tools = [
-        { id: 'gm-cc', pkg: 'gm-cc', name: 'GM Claude' },
-        { id: 'gm-oc', pkg: 'gm-oc', name: 'GM OpenCode' },
-        { id: 'gm-gc', pkg: 'gm-gc', name: 'GM Gemini' },
-        { id: 'gm-kilo', pkg: 'gm-kilo', name: 'GM Kilo' },
-        { id: 'gm-codex', pkg: 'gm-codex', name: 'GM Codex' },
-        { id: 'cli-claude', pkg: '@anthropic-ai/claude-code', name: 'Claude Code' },
-        { id: 'cli-opencode', pkg: 'opencode-ai', name: 'OpenCode' },
-        { id: 'cli-gemini', pkg: '@google/gemini-cli', name: 'Gemini CLI' },
-        { id: 'cli-kilo', pkg: '@kilocode/cli', name: 'Kilo Code' },
-        { id: 'cli-codex', pkg: '@openai/codex', name: 'Codex CLI' },
-      ];
-
-      for (const tool of tools) {
-        const result = spawnSync(bunCmd, ['x', tool.pkg, '--version'], { stdio: 'ignore', timeout: 10000 });
-        tool.installed = result.status === 0;
-        toolCache.set(tool.id, tool);
-      }
-      return tools;
-    };
-
-    await detectTools();
-
-    return {
-      routes: [
-        {
-          method: 'GET',
-          path: '/api/tools',
-          handler: async (req, res) => {
-            res.json({ tools: Array.from(toolCache.values()) });
-          },
-        },
-        {
-          method: 'GET',
-          path: '/api/tools/:id/status',
-          handler: async (req, res) => {
-            const tool = toolCache.get(req.params.id);
-            res.json(tool || { error: 'Tool not found' });
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/tools/:id/install',
-          handler: async (req, res) => {
-            res.json({ success: true });
-            // Async install in background
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/tools/:id/update',
-          handler: async (req, res) => {
-            res.json({ success: true });
-            // Async update in background
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/tools/update',
-          handler: async (req, res) => {
-            res.json({ success: true });
-            // Batch async update
-          },
-        },
-        {
-          method: 'GET',
-          path: '/api/tools/:id/history',
-          handler: async (req, res) => {
-            res.json({ history: [] });
-          },
-        },
-        {
-          method: 'POST',
-          path: '/api/tools/refresh-all',
-          handler: async (req, res) => {
-            await detectTools();
-            res.json({ success: true });
-          },
-        },
-      ],
-      wsHandlers: {
-        tool_install_complete: (data, clients) => {},
-        tool_install_failed: (data, clients) => {},
-        tool_update_complete: (data, clients) => {},
-        tool_update_failed: (data, clients) => {},
-      },
-      api: {
-        detectTools,
-        getTools: () => Array.from(toolCache.values()),
-      },
-      stop: async () => {},
-    };
-  },
-
-  async reload(state) {
-    return state;
-  },
-
-  async stop() {},
-};